IN Groupe is committed to the security of identities and goods, and defends a fundamental right: the Right to Be Yourself. Our bylaws and our missions give us a strong responsibility regarding the use of the data we collect and process. Our commitment to the protection of your data and the respect of your privacy is reflected in our high level of security and confidentiality.
Who we are?
Personal data are processed by Imprimerie Nationale S.A, which is based at 38, avenue de New-York – 75116 Paris.
Email : email@example.com
DPO contact: firstname.lastname@example.org
Which personal data are we collecting and processing?
In the course of our business, we may process data that identifies you directly, such as your name, first name or email address, or data that indirectly identifies you, such as your IP address.
In some cases, you provide us with your personal data directly. In other cases, your data is provided to us by other organizations (our customers for example). Finally, we may obtain your data through our interactions with you, for example when you browse our website.
Whose personal data are we collecting and processing?
We collect and process personal of:
Our employees, our contractors, job applicants, persons exchanging emails with us, employees and contractors of third parties (such as customers, suppliers, partners), visitors to our sites, end users of our customers.
Why are we collecting and processing your personal data?
We may process your personal data to:
- Manage our relationships with third parties (customers, suppliers, partners)
- Provide services to our customers
- Interact directly with you
- Optimize the operation of our website
- Secure our activities
- Meet our legal obligations
- Carry out marketing operations (B2B)
What are the legal basis for the processing?
We only process your personal data in accordance with applicable law. The legal basis depends on the processing, and is one of the following:
- Compliance with a legal obligation
- Our legitimate interest to use your data
- Your consent to the use of your data
- The execution of a contract that we have concluded with you
When we act as a Processor, our customer (the Controller) defines the appropriate legal basis.
What are the legal basis for the processing?
We keep your personal data as long as necessary to fulfil the purpose for which we have collected it. However, we may be required to keep your personal data for a longer period of time in order to comply with our legal obligations or our contractual obligations, but also in the event of an investigation or a legal proceeding.
With whom do we share your personal data?
We do not normally share your personal data with unaffiliated third parties.
However, we may transfer your personal data to our service providers acting as processor or subprocessor. We are committed to ensuring that these service providers comply with the legal obligations for data protection. In such cases, we will only provide them with the information necessary to perform the service they are hired to provide.
We may also pass on your personal information to:
- External auditors, lawyers, insurers and other professional advisors
- Companies assisting to fight against fraud, money laundering and the financing of terrorism, with the implementation of a surveillance of contracts and/or operations that may lead to the drafting of a declaration of suspicion or a measure of freezing assets
- Authorized third parties in order to meet our legal obligations, and in particular in the event of a request by a judicial authority.
Personal data transfer outside the EEA
As a principle, we do not transfer personal data outside the European Economic Area (EEA).
In the event we were to use a processor or subprocessor outside the EEA, we ensure that we have adequate contractual arrangements and security measures in place to protect the data in accordance with our privacy and security standards.
How we secure your personal data?
We are committed to ensure that personal data is processed securely and confidentially, including when certain operations are carried out by our processors.
To this end, we put in place appropriate technical and organisational measures in order to prevent the loss, misuse, alteration and deletion of personal data. These security measures are adapted depending on the type of personal data we process and depending on level of risk level of the processing.
What are your rights?
You have a right of access to your personal data.
Depending on the legal basis you may also request the correction or the deletion of your data, you may also object to the processing of your personal data or to request for the restriction of the processing.
Where the processing is based on consent you can withdraw it at any time.
To exercise your rights, fill the form available here.
Before answering your request, we may verify your identity and/or ask you to provide further information to respond to your request. We will endeavour to answer your request within a reasonable time and in any event within 30 days.
If you are not satisfied with your answer you may file a complaint with the Commission nationale de l'informatique et des libertés (CNIL) at the following address: https://www.cnil.fr/fr/plaintes or with your national Data Protection Authority.