Our policy
In accordance with regulations on the protection of personal data and privacy, including the General Data Protection Regulation (EU) 2016/679 (RGPD) which came into force on May 25, 2018, elcom invites you to consult this Personal Data and Cookies Charter in order to become fully aware of the scope of personal data processing carried out and how to exercise your rights.
In particular, the collection of the personal data of its prospects and customers is limited to what is strictly necessary, in accordance with the principle of data minimization, and indicates the purposes for which the data is collected, whether providing this data is optional or compulsory (indicated by an asterisk (*) on the forms) in order to manage requests, and who will be able to access this data.
In the event of modification of the present, elcom undertakes not to lower the level of confidentiality substantially without the prior information of the persons concerned.
If you have any questions or complaints, please do not hesitate to contact us by e-mail hfactory@hellomoov.com or by telephone 0474439961
ARTICLE 1. DEFINITIONS
Personal data – Personal data: any information relating to an identified or identifiable natural person (hereinafter referred to as the “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.Processing: any operation or set of operations which may or may not be performed using automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Data controller: The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing operation; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria applicable to his designation may be laid down by Union law or by the law of a Member State.
File: Any structured set of personal data accessible according to specific criteria, whether centralized, decentralized or distributed functionally or geographically.
On elcom.fr , the data controller and DPO is the services company COVATEAM (Mrs Sophie MOREL)
Address: 31 ch du vieux chêne, 38240 MeylanTelephone number: 04.58.00.30.33
Mail address: dpo@hellomov.com
Subcontractor : The natural or legal person, public authority, department or other organization that processes personal data on behalf of the data controller.
Recipient: The natural or legal person, public authority, department or any other body that receives personal data, whether or not it is a third party. However, public authorities which may receive personal data in the context of a specific investigation in accordance with Union law or the law of a Member State are not considered as recipients; the processing of such data by the public authorities in question complies with the applicable data protection rules according to the purposes of the processing.
Third party: A natural or legal person, a public authority, a service or a body other than the data subject, the controller, the processor and the persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Consent of the data subject: any free, specific, informed and unambiguous expression of will by which the data subject accepts, by a declaration or by a clear positive act, that personal data concerning him or her may be processed.
Personal data breach: a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed.Supervisory authority: An independent public authority that is established by a Member State under Article 51 of the GDPR. In this case, it is the Commission nationale de l’informatique et des libertés (CNIL: https://www.cnil.fr/).
ARTICLE 2. LEGAL INFORMATION RELATING TO THE PROCESSING OF USER DATA
Processing is administered in accordance with the provisions of Law No. 78-17 of January 6, 1978 and EU Regulation 2016/679 of April 27, 2016 (RGPD) and other legal provisions in force (hereinafter the “Regulations in force”).Data collected
We collect and process, in a computerized manner, data from Users on h-factory.fr and who may be potential buyers, sellers wishing to open a store, or both. This includes :Information that the User provides by filling out forms related to the creation of his account and/or related to his orders and/or related to his identification, or by communicating with h-factory.fr (by any means of communication or online communication, or by responding to questionnaires or satisfaction surveys);
Information relating to the contractual and commercial relationship between the User and h-factory.fr (including details of products and services ordered by the User);
The User’s banking information (bank details, card numbers) and transactional information
Data collected through cookies and similar technologies used on h-factory.fr (notably IP addresses) and in electronic messages, enabling us to recognize the User, remember his/her preferences and, where appropriate, present him/her with content likely to interest him/her.
At the time of registration, you accept our General Terms of Use (GTU), which provide for the collection of data that directly or indirectly identifies a physical person, and which is personal data.Purposes of processing
Identification of persons using elcom.fr to benefit from the site’s services and to access services;
To manage the account of the data subject or of the legal entity that the data subject represents, and to carry out payment transactions at the data subject’s request;
Customer relations management;
Handling User queries and complaints;
Handling User queries and complaints;
Compliance with online account access procedures (and management of any authentication procedures);
Prospecting and/or sending information.
Legal basis for processing
The processing is necessary for the performance of the contractual relationship you wish to enter into with us by using h-factory.fr, since the personal data we collect and process are necessary for the performance of the services you register for;
Processing is also necessary to protect our legitimate interests by enabling us to keep proof of transactions carried out via elcom.fr and/or, if necessary, to proceed with collection;
The processing is based on your consent when you wish to order and/or use documents and/or services via elcom.fr ;
ARTICLE 3. COOKIES
A cookie is a small text file deposited on your terminal (e.g. a computer, a tablet, a Smartphone, a connected television, a video game console connected to the Internet) when you visit a site or view an advertisement.
It contains several pieces of information: the name of the server that stored it, a unique identifier number, and possibly an expiry date. Cookies have various functions. Their purpose is to record a site’s language settings, collect information about your browsing habits and provide you with personalized services.
Only the issuer of a cookie is likely to read, record or modify the information it contains.
Who issues cookies? Our cookies:Different types of cookies are used on our site. They are used for different purposes, as described below, subject to your choice (see Accepting / Rejecting cookies).
Functional cookies
These cookies are not essential for browsing our site, but they do enable us to optimize its operation and give you access to specific functions. They enable us to :
personalize your experience on our site (e.g. remind you of the last pages consulted)
remember information relating to a form you have filled in on our site (registration or access to your account) or to offers, services or information you have chosen on our site (subscribed service, etc.);
adapt the presentation of our site to the display preferences of your terminal (display resolution, operating system used, etc.) during your visits to our site.
Third-party cookies:Cookies may be placed on our site by third-party companies. They are used for different purposes, as described below, subject to your choice (see Accepting / Rejecting cookies).
Analytical cookies / audience measurement
In order to obtain information on how web users visit and interact with our site, and to track our conversions, we use software such as Matomo, Google Analytics (from Google Inc), Google Adwords (Google Inc), WebMecanik (WebMecanik). These software programs, on our behalf, will set cookies, collect information which they will then store on their servers at their convenience.
These cookies generally expire within 15 to 30 days.
In combination with other services offered by these companies, particularly where we have collected personal information such as your name, e-mail address or company name, we are able to link all this information together and thus provide you with better information. These companies expressly undertake not to disclose your information to any third party without your express consent, unless legally obliged to do so.
We also ensure that partner companies process the information collected on our site in accordance with our instructions, in compliance with the French Data Protection Act of January 6, 1978, as amended, and undertake to implement appropriate measures to secure and protect the confidentiality of data.
Finally, these companies undertake not to consolidate this information with their services, which you may use directly yourself or via other companies using their services.
https://www.cnil.fr/fr/comprendre-vos-droits
How do I accept or reject cookies?
Your browser parameters
You can choose to disable cookies at any time. Your browser can also be set to notify you when cookies are placed on your computer, and to ask you to accept them or not. You can accept or refuse cookies on a case-by-case basis, or refuse them once and for all.
Please note that your browser settings may affect your access to our services requiring the use of cookies.
If your browser is configured to refuse all cookies, you will not be able to take advantage of essential functions on our site, such as receiving personalized recommendations. In order to manage cookies more closely to your expectations, we invite you to configure your browser taking into account the purpose of cookies as mentioned above.
The configuration of each browser is different. It is described in your browser’s help menu, which will tell you how to modify your cookie preferences. You can refer to your browser’s editor page to find out how to configure cookie management.
Depending on your browser, there are several options available, such as deleting existing cookies, blocking certain cookies, deleting cookies when you close your browser, or refusing to accept all cookies. You can also apply exceptions to a general rule for a given site.
The corresponding pages are
Edge
Internet Explorer (top right menu to select version)
Chrome
Firefox
Safari (Mac)
Opera
If your browser (or browser version) is not listed here, you can go directly to its publisher’s website for more information.
Declare yourself on third-party platforms
You can manage the use of your third-party cookies by going directly to the third-party’s platform to refuse them. To disable Google analytics cookies click here.
Settings on an opposition platform
You can manage your cookies by visiting the cookie management platforms offered by advertising professionals.
For example, you can visit www.youronlinechoices.eu, the website of the European Digital Advertising Alliance (EDAA), managed in France by the Interactive Advertising Bureau France.
You can find out which companies are registered on this platform. They offer you the possibility of refusing or accepting the cookies they use to adapt the advertising likely to be displayed on your terminal to your browsing information:
http://www.youronlinechoices.com/fr/controler-ses-cookies
This European platform is shared by hundreds of Internet advertising professionals. It provides a centralized interface enabling you to refuse or accept cookies that may be used to adapt the advertising displayed on your terminal to your browsing habits. Please note that this procedure will not prevent the display of advertisements on the websites you visit. It will only block the technologies that allow us to adapt advertisements to your centers of interest.
ARTICLE 4. RIGHTS OF DATA SUBJECTS AND HOW TO EXERCISE THEM
Under the conditions defined by the applicable regulations (RGPD, amended Data Protection Act) individuals have a right of access to data concerning them, of rectification or deletion, of interrogation, of limitation of the processing of their data, of portability, of deletion.
Data subjects also have the right to object at any time, for reasons relating to their particular situation, to the processing of personal data whose legal basis is our legitimate interest, as well as the right to object to commercial canvassing. They may also, at any time, withdraw their consent to the processing, without prejudice to the lawfulness of the processing based on consent carried out prior to the withdrawal thereof.
Data subjects also have the right to define general and specific directives setting out how they wish the above-mentioned rights to be exercised after their death. Finally, they have the right to lodge a complaint with the CNIL.
For all requests to the data controller, you will be asked to provide proof of identity, and to justify, where appropriate, the reasons for your request. In the event of a request for access, the data controller has two months in which to respond.
Requests to exercise your rights should be sent electronically to the following address: dpo@hellomoov.com.
For all intents and purposes, it is specified that as from the exercise of the right to erasure, to object to processing, or to withdraw consent, the proper functioning of h-factory.fr for the person concerned may be disrupted. For example, if these rights are exercised at the time of ordering services, the said order cannot be placed by the person concerned.
ARTICLE 5. RETENTION PERIOD FOR PERSONAL DATA
With a view to minimization, we keep data only for as long as is necessary for the operations for which it was collected, and in compliance with current regulations.
Customer data. In this respect, the data of h-factory.fr customers (buyers, sellers, etc.) is kept for the duration of the contractual relationship, plus 3 years for the purposes of promotion and prospecting, without prejudice to retention obligations or limitation periods.
Accounting. For accounting purposes, data is kept for 10 years from the end of the financial year.Non-customer prospects. We may retain personal data relating to a non-customer prospect for a period of three years from the date of collection or from the last contact from the prospect (for example, a request for documentation or a click on a hyperlink contained in an e-mail; however, the opening of an e-mail will not be considered as a contact from the prospect). At the end of this three-year period, we may contact the person concerned again to find out whether he or she wishes to continue receiving commercial solicitations. In the absence of a positive and explicit response from the person concerned, we will delete or archive the data in accordance with the provisions in force, and in particular those set out in the French Commercial Code, the French Civil Code and the French Consumer Code.
Identification documents. With regard to identity documents transmitted in the event of exercising the right of access or rectification, data relating to identity documents may be kept for the period stipulated in article 9 of the French Code of Criminal Procedure (i.e. one year). If the right to object is exercised, this data may be archived for the limitation period stipulated in article 8 of the Code of Criminal Procedure (i.e. three years).
Bank details. In the case of payment by credit card, the card number and validity date may be kept in an intermediate archive for a period of thirteen months following the debit date, for the purposes of proof in the event of any dispute concerning the transaction. This period will be extended to fifteen months to take account of the possibility of using deferred debit payment cards. This data is to be used only if the transaction is contested. The data stored for this purpose is subject to security measures, as described in article 8 of the present standard and in article 5 of the aforementioned deliberation no. 2013-358 of November 14, 2013.
Please note that we may retain credit card data for a longer period of time, provided we obtain the express consent of the customer, who will be informed in advance of the purpose (e.g. to facilitate payment for regular customers). In any event, credit card data will be deleted when the card expires.
Internet data. Lastly, the browsing and connection data collected from Internet users, notably via cookies, will be automatically deleted at least every thirteen months.
Inactivity for three years. If you have not logged on to h-factory.fr, or if you have not been active (clicked on a link) for a period of three years, you will receive an e-mail inviting you to log on as soon as possible, failing which your data will be deleted from our databases.
ARTICLE 6. RECIPIENTS OF PERSONAL DATA AND SUBCONTRACTING
The data processed is intended solely for the persons we have expressly authorized for the purposes described above, as well as for our service providers for the proper performance of the services rendered on elcom.fr .
We ensure that all recipients and subcontractors present sufficient guarantees as to the implementation of appropriate technical and organizational measures so that the processing meets the requirements of the RGPD and guarantees the protection of the rights of the data subject.
We undertake to comply with the applicable regulations relating to data transfers to foreign countries, in particular outside the European Union, in accordance with the RGPD.
We may use one or more subcontractor(s) to carry out specific processing activities, which will be subject to the conditions of this Charter. Any subcontractor will not be permitted to use a subcontractor itself without our prior written authorization.
ARTICLE 7. COMMUNICATION OF PERSONAL DATA TO THIRD PARTIES
In general, we undertake to comply with all legal rules that may prevent, limit or regulate the dissemination of information or data.
On the basis of legal obligations, your personal data may also be disclosed in application of a law, regulation or by virtue of a decision by a competent regulatory or judicial authority.
Communication to third parties for commercial solicitation for equivalent products and services [optional].
We may make certain personal data available to strategic partners working with us, for the supply of products and services or helping us market our products to customers.
We may share information with advertising partners (cookies…) in order to send you promotional communications, or to show you more tailored content, including relevant advertising for products and services that may be of interest to you, and to understand how users interact with advertisements. By continuing to use this site, you agree to this policy.