Politique de confidentialité
OUR POLICY ABOUT GDPR
WHAT IS GDPR?
GDPR stands for General Data Protection Regulation. It follows the French Data Protection Act of 1978 and constitutes the new European reference text for the protection of personal data. Its aim is to harmonize the rules in Europe by creating a single legal framework. This regulation replaces the current Directive on the Protection of Personal Data and has been applied since 25 May 2018. It extends the scope of the law to all companies operating in Europe, but also to non-European companies, if they offer their services to EU residents.
GENERAL PRINCIPLES OF GDPR
The purpose of this new regulation is to enable those involved in the collection of personal data to have access to clearer and more legible information. Thus, the personal data must be :
- Treated on the principle of lawfulness (which is in accordance with the law) in a fair and transparent manner;
- Collected for specific, explicit and legitimate purposes;
- Limited, adequate and relevant;
- Accurate and kept up to date;
- Preserved for a period not exceeding that required;
- And treated in a way that ensures proper security.
In addition, the person whose personal data are collected must be able to give his free and informed consent but also be able to exercise his right to withdraw it at any time.
WHO IS RESPONSIBLE FOR THE DATA COLLECTED BY Cercle x Chambord Festival 2019?
Cercle, Simplified Joint Stock Company, is the legal entity responsible for the application of the General Data Protection Regulation. Its Legal Manager Derek, Barbolla, President, has the task of ensuring the protection and preservation of personal data.
WHAT DATA ARE COLLECTED BY Cercle?
In addition, when buying tickets for the festival, you may have to navigate on a partner platform. In this case, the personal data protection policy applied will be that of our subcontractor.
If you are a volunteer or employee of the association, Cercle keeps information necessary for the execution of contracts and the protection of employees and volunteers. This is information related to your civil status (surname, first name, social security number (if employee), date of birth ...), transmitted with your contact form (phone number, postal address, email ...) ), but also, for the employees, information related to your professional situation (hour account, diplomas, CV, experience in the company, etc.).
This personal data is kept for a maximum of 5 years and is treated with the utmost confidentiality. They are not intended to be used for marketing purpose.
Concerning the accreditations, the organizer keeps, within the limit of 5 years after the last request for accreditation, the personal data transmitted during the request. This is data related to the civil status, as well as the professional situation collected during the application for accreditation. These data are not marketed and are not collected for this purpose.
As part of the implementation of the cashless payment service throughout the festival period, people wishing to use it will see some of their personal data kept by Cercle. These are data related to the civil status of the persons concerned and their bank details. This personal data is stored and secured by our partner YUFLOW. This partner is also subject to compliance with the GDPR.
WHAT ARE THE RIGHTS OF THE PEOPLE CONCERNED BY THE COLLECT OF PERSONAL DATA?
The persons whose personal data are collected have the right to information, access, rectification and opposition. The purpose of these rights is to enable each natural person to maintain control of the information concerning them.
THE RIGHT TO INFORMATION The persons concerned by the collection of their data must have access to clear and precise information concerning the identity of the person responsible for the file, the purpose of the file, the mandatory or optional nature of the answers, the consequences of a failure to reply, the recipients of the data, their rights and any data transfers to countries outside the European Union. This information must be prior to the collection of data. For any collection of personal data, the consent of the person concerned is required.
THE RIGHT OF OPPOSITION, ACCESS AND CORRECTION Each person involved in the collection of information must be able to express his / her will to reuse this data for commercial purposes. In addition, anyone can access all information about them, know the origin of information about them and must be able to access the information on which the person in charge of the file has based to make a decision. There is also the possibility of obtaining a copy of the personal data stored and to require that the data be rectified, completed, updated or deleted.
The person concerned by one of these situations can express his choice by email at email@example.com
Regarding the right of access, it is important to note that this can be done on site or by post, ideally with acknowledgment of receipt and upon presentation of the identity card (or a copy, if the choice of a letter was made).
If you still have questions about the use of personal data by Cercle, you can send us an email at firstname.lastname@example.org.