|
|
|
|
|
|
|
|
|
Postie Privacy Policy
|
The purpose of this Privacy Policy is to set out how personal data is processed by La Poste on its Postie website.
This Policy applies in addition to Groupe La Poste’s Privacy Policy, available on the laposte.fr website ("the Groupe La Poste Policy"):
https://www.laposte.fr/donnees-personnelles-et-cookies:
In the event of a contradiction between the Groupe La Poste Policy and this Policy, the latter takes precedence.
Definitions
"Postie": is a secure Website whose domain name is www.laposte.fr/postie, (hereinafter the "Website ") that allows tracking of the various stages of the services provided to the Customer, from ordering to billing.
"La Poste": means La Poste SA, a company with corporate capital of EUR 5,620,325,816, registered in the Commercial Register of Paris under number 356,000,000 and whose registered office is at 9 rue du Colonel Pierre Avia, 75015 Paris, France, acting through its International Business Unit, (CP Y805) 9 Rue du Colonel Pierre 75015 Paris, France.
"Customer": subsidiaries of La Poste having obtained access codes to the Postie application in order to extract data relating to their own business customers (contract between the subsidiary and its customer, the customer’s consumption, the customer’s rates, etc., such data excluding any personal data except for the subsidiaries’ business contacts).
"La Poste Operators": means La Poste employees and partners (including Customers) responsible for entering the various data items relating to the Customer’s traffic or billing or permitted to carry out data extraction operations on data relating to them or to their business. Each La Poste Operator has access to the Website restricted to their field of competence.
"Personal data": means any information relating to an identified or identifiable natural person who is deemed to be an identifiable natural person, a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more elements specific to their physical, physiological, economic, cultural or social identity.
"Data controller": means the natural or legal person, the public authority, department or other body that alone or jointly with others, determines the processing purposes and means.
La Poste is the Data controller for the creation of the Customer Account and the processing described in the General Terms and Conditions of Use of the Website.
The Customer is the Data controller with regard to the personal data it supplies to La Poste to provide the services concerned.
|
1. HOW DOES LA POSTE COLLECT YOUR PERSONAL DATA?
|
La Poste collects your data in accordance with the General Terms and Conditions of Use of the Website. The personal data collected only relates to the data of business contacts of La Poste, of that of its subsidiaries (Customers) and of processing the Operators as described below. No personal data relating to non-business natural-person Customers undergoes processing.
|
2. WHAT ARE THE PURPOSES OF THE PROCESSING PERFORMED BY LA POSTE AND THEIR LEGAL BASIS?
|
The legal bases of the processing are the performance of a contract and the statutory obligations regarding billing.
The purpose of the processing performed by La Poste via Postie is the fulfilment of a contract which includes use of the Postie Website and collection and processing of the billing data of Customers of La Poste’s import and export international services.
The Website aims to allow tracking of certain services provided to Customers, from ordering to billing, with the following options available:
- Entry of the name of the La Poste offer contracted by the Customer (details of the Customer’s La Poste contract and rates) and their customer sub-accounts.
- Entry of the Customer’s traffic and Customer’s sub-accounts by Operators of La Poste
- Entry of the Customer’s billing data by Operators of La Poste
- Transfer of data to perform certain services (sales administration, billing). These transfers may be made to countries outside the European Union depending on the location of the sender or the recipient of a despatch. These transfers are essential for performance of the contract.
- Billing of the Customer
- Ability for the Customer to view data relating to their consumption, traffic and invoices as well as contact data given on the Website.
- Sending alerts to the Customer’s messaging service
- Billing tracking
Personal Data processed by Groupe La Poste may be viewed remotely on the Website by Customers and processing Operators as regards the Personal Data relating to their activity and the contact details of contacts relating to the Postie services provided by La Poste. Since the Customers and processing Operators having this online access may be located outside the European Union, Groupe La Poste requires them to provide appropriate guarantees and in particular the signature of standard contractual clauses of the European Commission or their adoption of Binding Corporate Rules.
|
3. HOW LONG IS PERSONAL DATA KEPT?
|
- The personal data used to create the customer account is kept for three (3) years after completion of the services or closure of the customer account. Billing data is archived for the statutory retention period (10 years)
- Data relating to the completion of services is kept/archived for the time needed to perform or monitor the service.
|
4. TO WHICH DEPARTMENTS OR COMPANIES IS YOUR PERSONAL DATA COMMUNICATED?
|
The recipients of the personal data on the Website are the various departments of La Poste which contribute to the performance of the services and monitoring of the customer relationship.
The Operators of La Poste who contribute to the performance of the services only have access to personal data if this access is necessary for providing the services for which they are responsible.
|
5. CAN YOUR PERSONAL DATA BE TRANSFERRED OUTSIDE THE EUROPEAN UNION?
|
Personal data processed by La Poste when using the Postie website is hosted in France.
|
6. IS YOUR PERSONAL DATA PROTECTED?
|
La Poste undertakes to take all necessary measures to ensure the security, confidentiality and integrity of personal data.
In particular, La Poste implements all technical and organisational measures required to guarantee the security and confidentiality of the personal data collected and processed, and, in particular, to prevent it from being distorted, damaged or communicated to unauthorised third parties, by providing a level of security that is appropriate to the risks relating to the processing and to the nature of the personal data requiring protection.
Moreover, in the event of a personal data breach within the meaning of Article 4 of the GDPR negatively affecting your personal data (destruction, loss, alteration or disclosure), La Poste undertakes to comply with the obligation of notification of Personal Data breaches, to the CNIL in particular.
|
7. WHAT RIGHTS DO YOU HAVE AS REGARDS YOUR PERSONAL DATA AND HOW CAN YOU EXERCISE THEM?
|
|
The Customer has a right of access, rectification, objection, erasure, restriction and portability of its data by contacting:
- By postal mail: La Poste - BP 10245 - 33506 Libourne CEDEX
- By email: mesdonneespersonnelles.laposte@laposte.fr
You can also contact: The Data Protection Officer of Groupe La Poste – CP C703 – 9 rue du Colonel Pierre Avia – 75015 Paris, France
If you experience problems relating to the management of your personal data, you can also lodge a complaint with the French data protection authority, the Commission Nationale Informatique et Libertés:
CNIL – 3 place Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07
|
|