I. Identity of the Data Controller
The information collected about you will be subject to processing by the company Nedgis, a société par actions simplifiée (simplified share company), registered with the Commercial Register of Paris under No. 804 984 144, with its registered office at 37, rue Notre Dame de Nazareth, 75003 Paris.
You can send questions relating to data protection at the following email address: [email protected]om
II. Purposes of Processing
Nedgis processes your personal data:
- so that you can order on our website www.nedgis.com,
- to process and deliver your orders and provider customer support,
- so that you can navigate on our site and on our social network pages,
- to allow you to add comments on our website nedgis.com,
- to provide you with the www. Nedgis.com site newsletter,
- to provide personalized advertising, according to your consumer habits, on other sites or communication devices,
- to make statistics on your use of the site and on marketing performances,
- to prevent and fight fraud and ensure safety on our site and services,
- to conduct audits and enable the transfer of assets,
- to meet our legal obligations and handle litigations.
III. Legal bases for processing
|User account creation||Processing is necessary for the performance of a contract or in order to take steps prior to entering into a contract|
|Order Processing and delivery, including client support||Processing is necessary for the performance of the contract|
|Newsletter and marketing communications||Processing is based on consent provided by the client|
|Online user feedbacks||Legal obligation to retain user data|
|Surfing the site or Nedgis social network pages||Nedgis’ legitimate interest|
|Statistics and marketing performance||Nedgis’ legitimate interest, subject to user consent to cookies|
|Advertising for the benefit of Nedgis on third party sites, including targeted advertising||Nedgis’ legitimate interest, subject to user consent to cookies|
|Ensure the security of the website, prevent and fight against fraud||Processing is based on Nedgis’ legitimate interest, and on the legal obligation to protect personal data|
|Performing security audits or audits for the purpose of transferring assets of the company||Nedgis’ legitimate interest,|
IV. Personal Data Collected
The personal data collected on Nedgis site are as follows:
- Account creation data : on a mandatory basis, name, surname, E-mail address and password: on an optional basis, birth date;
- Browsing data: statistical data on website navigation, IP address, timestamp and date of account creation, language, technical data related to the device and browser, cookies
- Payment details (credit card) for the order ;
- Purchase details : number, date, type of products, price, phone number and address of delivery
V. Personal Rights of the User
In accordance with the French Data Protection Law of January 6, 1978, as amended and European Regulation 2016/679 dated April 27, 2016, you have the following rights over all of your data:
- The right to have personal data updated,
- The right to have personal data erased,
- The right of access to personal data,
- The right to request personal data portability,
- The right to withdraw consent to the use of contact information for sending offers and promotions by e-mail,
- The right to withdraw consent to the use of tracers and cookies,
- The right to decide on the fate of your personal data after your death, including whether or not to communicate your data to a third party designated by you.
You can, subject to providing a valid identity document, exercise the rights listed above by contacting Nedgis:
- By e-mail at: [email protected]
- By post at: 37 Rue Notre Dame de Nazareth - 75003 PARIS - France
You also have the right, in the event of infringement of your personal data, to file a claim with the French Data Protection Authority (La Commission Nationale Informatique et Libertés (CNIL)) at the following postal address: 3 Place de Fontenoy, 75007 PARIS.
VI. Retention Period
Your personal data recorded in respect of your Nedgis account are available on the website and shall be retained for a period of five (5) years from the date of the last interaction with Nedgis, except if you exercise your right to erase personal data to the extent permitted by law.
Your personal data in respect of your financial transactions, including the invoices shall be retained for a period of 10 (ten) years, and a period of 10 (ten) additional years in a secured intermediate archive.
Nedgis shall also retain all mails exchanged for client support purposes, for a period of 10 (ten) years.
VII. Security of Data
Nedgis implements technical and organizational measures to ensure the security, availability and confidentiality of your personal data.
Vos données bancaires sont exclusivement détenues par Paybox, sous-traitant de données personnelles, qui est certifié conforme aux standards PCI/DSS en matière bancaire.
VIII. Data Recipients
a) Recipients within Nedgis
Access to client’s personal data is strictly limited to the employees and agents of Nedgis, who are so authorized by virtue of their duties and subject to compliance with applicable regulations on personal data protection, i.e., (i) the marketing department for newsletters, (ii) the customer support, (iii) the financial service and (iv) the technical support, and the company management, including in the event of litigation.
Collected data are communicated to following categories of recipients:
- The lighting suppliers,
- The carriers as follows : Colissimo, Chronopost, Geodis-Calberson, You2you, Yper, Stuart
- The online statistic tools : Google Analytics
- Online personalized advertising solutions: Facebook, Criteo, Pinterest and Google,
- The IT developments services provider,
- The management platform for consents to the placing and reading of cookies.
- The hosting services providers :
✓ OVH and SoYouStart companies, whose servers are located within the European Union
✓ Amazon S3, a US provider, in compliance with the transfer standard clauses provided by the European commission:
Nedgis shall provide the list of its providers upon request sent at the following address: [email protected]
Nedgis’ subcontractors only have a limited access to your personal data and have a contractual obligation to use them in compliance with applicable personal data protection provisions, according to the data processing agreements laid down by the French Data Protection Authority (CNIL) in accordance with the Regulation on Personal Data.
IX. Data transfer
The data recipients listed above, which are established outside of the European Union, in a country not recognized by the European Union as providing an adequate level of data protection, and/or which transfer data outside of the European Union in a country not recognized by the European Union as providing an adequate level of data protection, for the need of the services provided to Nedgis, are subject to standard contractual clauses provided by the European commission, or to Binding Corporate Rules, and shall take additional data protection measures, if applicable, in order to comply with European Essential Guarantees for data protection.
The recipients and additional measures they take are listed as follows:
- Google :
https://policies.google.com/privacy/frameworks (Contractual Clauses)
- Amazon :
https://aws.amazon.com/compliance/gdpr-center (Contractual Clauses)
- Paypal :
https://www.paypal.com/webapps/mpp/ua/privacy-full#7 (Binding Corporate Rules)
Cookies are text files that are placed on your terminal equipment (computer, mobile) then read by the editor of a website, or by its providers, when a user visits a site using a web browser.
The list of cookies placed on Nedgis website, their period of retention and the cookies senders can be viewed by using the cookies button, located in the left hand side of the site footer. The cookies button is the following :
Cookies have the following purposes:
- Cookies necessary for the technical functioning of the site (functional cookies): it includes for example technical authentication cookies, session identification, and/or shopping cart, language, device resolution, operating system). If you remove these cookies, the site will not work properly. Your consent is not required to implement those cookies, according to the applicable regulation.
- Audience measurement cookies ( analytics cookies): these cookies require your consent, in order to better understand your use of the site, its audience, and marketing performance;
- Advertising cookies: these cookies require your consent, in order to establish a user profile for distributing advertising that matches your interests, and in order to market Nedgis services on other sites and evaluate their performance on Nedgis site. Thos cookies are sent by our partners : Facebook, Criteo and Google,
At last, we use pixels, which are very little images within emails that we send to you, in order to check if you have opened them, and if applicable, if you have interacted with content (click on a link for example).
Version 2.0 dated 14/09/2021