YCEE S.A.S. (the “Company”), in connection with provision of its products and services to customers (the “Customers”), for the purpose of complying with the EU General Data Protection Regulation (the “GDPR”) and to appropriately process the personal data of the Customers, hereby establishes this “Privacy Statement” (this “Privacy Statement”).
1. Processing of Personal Datase of data
“Personal data” means any information relating to an identified or identifiable natural person, including, without limitation, name, location data, identification number, address, date of birth, telephone number, e-mail address of the Customer.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” means a legal person which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Processor” means a legal person which processes personal data on behalf of the Controller.
(2) Types of Personal Data to be Collected.
The Company may collect the following types of personal data concerning the Customers in connection with the products and services subject to the Customer having provided such data to the Company:
(a) Contact information that allows the Company to identify and to communicate with the Customer, such as Customer’s name, phone number, mailing address, email address.
(b) Transaction information about how Customer interacts with the Company, including inquiries and warranty claims.
(c) Relationship information that helps the Company understand Customer’s experiences with the Company's products and services.
(3) Purpose of Use of Personal Data.
The Company may process personal data for the following purposes, provided the Customer has explicitly provided its consent thereto or a legal basis under GDPR exists, and provided the Customer has submitted such personal data to the Company:
(a) to provide the Customers with the products and services of the Company;
(b) to contact the Customers regarding the products, services and business of the Company;
(c) to inform the Customers about the products, services and business of the Company;
(d) to inform the Customers about seminars, exhibitions, demonstrations of Company’s products and services;
(e) to provide the Customers with warranty service and repair services for its products;
(f) to provide guidance on periodic inspection and conducting after-sales activities;
(g) to ask for cooperation in questionnaire surveys on customer satisfaction with the use of the products and services;
(h) to develop the products of the Company.
If the Company processes the personal data on a legitimate basis for purposes other than the above, the Company will inform the Customers in advance of such new purposes if required by applicable law. By providing their consent to this Privacy Statement, the Customers will be deemed to have consented to the processing of their personal data by the Company within the scope of the above purposes of use, and the Company will process the personal data based on such Customers’ consent. The Customers may withdraw such consent at any time by informing the Company thereof in writing or electronically and such withdrawal shall not affect any legitimate processing performed pursuant to the consent prior to the withdrawal. The Company may require the Customers to provide their personal data in connection with the provision of the products and services. In such case, if certain Customers do not provide its personal data, the Company may be unable to provide the products and services.
(4) Retention Period
The Company will retain the personal data to the extent the Company require such personal data for achieving the purposes of use specified in 1.(3) above, and the Company will promptly delete the same when such data are no longer necessary to provide the products and services unless the Customer has specifically agreed that such personal data may be used for marketing purposes. The customer’s financial data following out of the transactions with the Company will be retained as required by applicable laws.
(5) Third Party Transfer
The Company may provide the personal data to third parties such as the subsidiaries and affiliates of the Company, dealers, retailers of the Company which provide the products and services. Such third parties may include third parties located in countries (including, without limitation, Japan) outside the European Economic Area (the “EEA”) and the Customers are deemed to have consented to the following matters by consenting to this Privacy Statement: (a) Certain countries outside the EEA may not have the same level of data protection as countries within the EEA, however, the Company has executed “standard contractual clauses” with third parties located in countries outside the EEA to warrant that the personal data will be processed in accordance with the GDPR; (b) personal data will only be provided to and processed by such third parties for the purposes specified in 1.(3) above.
(6) Disclosure, Correction, and Other Rights concerning Personal Data
The Customers are entitled to access, request for correction, request for deletion, request to limit the processing, object to the processing, of the personal data retained by the Company pursuant to the provisions of relevant laws and regulations. Such requests shall be provided to the contact point set forth in “5. Contact” as hereunder. The Company may refuse the Customers’ request if the Company deems that there is no reasonable basis for such request or if the request is deemed excessive. The Customers may file objections to the data protection authorities having jurisdiction over the location of the Customers’ domicile with regard to the processing of their personal data by the Company.
(7) Unsubscribing from Direct Marketing
If Customers have consented to receiving the Company’ marketing materials and wish to unsubscribe, such Customers should contact the contact point set forth in “5. Contact” below.
(9) Social Media Features
The Company's site may also include social media or lead generation features, such as Facebook or Twitter buttons and widgets, such as the “share this button”. These features may collect the Customer’s IP address, which pages the Customers are visiting on the Company's site and may set a cookie to enable the feature to function properly. Social media and lead generation features and widgets may be hosted by a third party. The Customer’s interactions with these features and widgets are governed by the privacy statement of the company providing it.
(10) Scope of Privacy Statement
This Privacy Statement applies to the Company, unless a different privacy statement to a specific service of the Company applies. Other websites that may be accessible through this website may have their own privacy statements.
2. Safety Management Measures
In order to protect the personal data from unauthorized access and loss, taking into account the characteristics of such personal data, the degree of sensitivity and the degree to which such personal data may affect the Customers, including the potential economic impact and mental harm in case the personal data is unlawfully processed or in case of a data leak, the Company has comprehensively evaluated and assessed the risks for the Customer, and the Company has implemented the necessary and appropriate personal, organizational and technical safety management measures and the Company is committed to take the necessary corrective actions if needed, and to constantly make efforts to improve their data security. The Company will make all reasonable efforts to appropriately manage personal data by restricting the entry of outsiders to the offices and electronic data systems where the processing of personal data takes place including conducting educational awareness raising programs for all officers and employees involved in the processing of personal data, and by appointing managers in charge for each division which processes personal data. If the Company, in its role as Controller concludes any contracts with Processors, the Company is committed to selecting Processors which are capable of implementing appropriate technical and organizational measures and the Company shall manage such Processors in an appropriate manner, fully in compliance with the GDPR.
3. Continuous Improvement
The Company shall continuously review and revise its efforts regarding the processing of personal data, in order to remain in full compliance following changes of the GDPR.
4. Amendment of this Privacy Statement
The Company may amend this Privacy Statement at any time in order to comply with the GDPR. The Customers who continue to use the service once this Privacy Statement has been amended shall be deemed to have consented to the amended Privacy Statement.
The Company contact point regarding any matter concerning this Privacy Statement is as shown below. Any questions or concerns regarding this Privacy Statement or the processing of personal data by the Company, or any requests concerning access, correction, deletion, limitation of processing or data portability of the personal data shall be attended to this contact point:
25, Rue de la Tambourine,
52100 Saint Dizier