Latest update: SEPTEMBER 2024
IPC reserves the right to modify this policy at any time, in particular according to the legal and regulatory context and the doctrine of the CNIL.
The purpose and scope of this personal data protection policy
This personal data protection policy applies to all processing of personal data carried out via our website: https://ct-ipc.com/ (hereinafter referred to as the “Site”).
Personal data are “any information relating to an identified or identifiable natural person” (hereinafter referred to as “Data subject”). This particularly includes: surname, first name, e-mail address, telephone number, address, CV (including photo where applicable) etc.
Thus, the General Data Protection Regulation (EU 2016/679) of 27 April 2016 (GDPR) as well as the Data Protection Act of 1978 (amended in 2018) require professionals to provide concise, transparent, understandable and easily accessible information to the Data Subjects, whose personal data are to be processed, demonstrating in particular that the personal data collected are strictly necessary to achieve explicit, legitimate and determined Purposes (objectives), and that only authorised and determined recipients may have access to this personal data, for a consistent and justified period with regard to the Purpose (objective) of the Processing.
Here is information relating to the following points:
IPC, CENTRE TECHNIQUE INDUSTRIEL DE LA PLASTURGIE ET DES COMPOSITES
A non-profit company registered under SIREN number 353 969 348, having its administrative office at 2 rue Pierre & Marie Curie – CS 70006 BELLIGNAT 01100 OYONNAX cedex, France, duly Represented by Luc UYTTERHAEGHE, Chief Executive Officer.
You are free to explore the Site without providing any personal data about yourself (with the exception of the data that we collect automatically by automatically depositing the cookies necessary for the proper functioning of the Site).
Nevertheless, where necessary, IPC ensures that it only collects and processes data that are strictly necessary for the Purpose of the processing that is used.
IPC clearly informs you, each time personal data are collected, about the compulsory or optional nature of the answers, in particular using asterisks (*). If you do not complete the mandatory fields, IPC will not be able to carry out the Processing. Any optional information is used to better manage and improve Processing.
In concrete terms, with regard to the Site and depending on the uses, the categories of personal data collected concerning you may be as follows:
| Identification data | First name, surname, job title |
| Contact details | E-mail address, telephone number, IP address. |
| Professional experience | CV (including photo if required). |
For what purpose(s) are your personal data collected and on what basis(es)?
(Purposes of processing and legal basis)
The processing carried out by IPC fulfils purposes, i.e. the objectives of using personal data, which are explicit, legitimate and determined.
Data collected for a determined objective may not subsequently be used in a way that is incompatible with the initial purpose.
In concrete terms, as regards the Site, the purposes and legal bases are as follows:
| For what purposes do we collect your personal data? Purposes |
What is the basis that entitles IPC to process your personal data? Legal basis |
|---|---|
| Processing your request for contact and/or information.
|
IPC‘s legitimate interest in processing contact requests sent to it and providing you with information about its activities. |
| Processing your job application | Pre-contractual measures.
Legitimate interest (Cv-tech). |
| Marketing, including sending the webzine | Consent |
| Sending a quote in accordance with the request | Consent |
| Participation in a collective action | Consent |
| Obtaining a deliverable from a collective action or a guide | Consent |
| Participation in a trade committee | Consent |
| Participation in an event – physical/webinar | Consent |
| Demonstration of a tool | Consent |
| Management of pre-litigation or litigation | IPC’s legitimate interest in defending its rights. |
| Compliance with legal and regulatory obligations | IPC’s legal and regulatory obligations. |
| Improving the website as well as the user experience | IPC’s legitimate interest in improving its website and your user experience. |
Where the legal basis is consent, it is important to note that you have the right to withdraw your consent, at any time, particularly by contacting our Data Protection Officer (DPO) (see “How to exercise your rights” below).
Who receives your personal data?
(Recipients)
1/ IPC’s commitments
IPC only communicates your personal data to authorised and determined recipients.
IPC undertakes never to sell your personal data to third-parties.
IPC will not process, host or transfer the collected personal data to a country outside the European Union or recognised as “unsuitable” by the European Commission.
However, IPC remains free to choose its technical and commercial sub-contractors provided that they offer sufficient guarantees with regard to the requirements of the GDPR and act according to the IPC‘s documented instructions.
IPC undertakes to take all the necessary precautions to protect the security of the collected personal data and, in particular, to ensure that they are not communicated to unauthorised persons. However, if an incident affecting the integrity or confidentiality of personal data is brought to IPC’s attention, IPC must inform the data subject, as soon as possible, and let them know about the corrective measures taken.
IPC undertakes not to collect “sensitive data”.
2/ Internal recipients
Within the limits of their functions and for the aforementioned Purposes, the main persons likely to have access to personal data are mainly:
3/ External recipients (sub-contractors)
Within the limits of their functions and for the aforementioned purposes, the main external persons likely to have access to personal data are mainly:
For how long does IPC keep your personal data?
(Duration)
IPC stores your personal data in accordance with the principle of limiting the storage period, which requires the data controller to determine a storage period for personal data that is consistent and justified in view of the purpose for which it is processed.
FOCUS « Processing your job application » :
FOCUS « Marketing » :
You may unsubscribe from the Webzine at any time, and therefore, withdraw your consent, by clicking on the unsubscribe link in each e-mail sent.
FOCUS « Management of pre-litigation or litigation » :
FOCUS « Compliance with legal and regulatory obligations »
FOCUS « Connection and browsing data »
What are my rights with regard to my personal data?
(Rights)
In accordance with the General Data Protection Regulation (GDPR) and the Data Protection Act of 1978, you have the following rights with regard to your personal data:
| Right of access – article 15 – 16 GDPR | « Exercising the right to access makes it possible to find out whether data concerning you are being processed and to obtain communication about it in an understandable format. It also allows you to check the accuracy of the data and, if necessary, to have them rectified or deleted » (definition taken from the page of the CNIL website). |
|
Right to object – article 21 GDPR |
« Does your personal data appear in a non-mandatory file and do you no longer wish for them to appear there? The right to object allows you to object to your data being used by an organisation for a specific purpose. You must put forward “reasons relating to your particular situation”, except in the case of marketing, to which you may object without giving any reason. » (definition taken from the page of the CNIL website).
When processing is based on IPC’s legitimate interests. IPC will thus stop processing unless there are compelling and legitimate grounds that override your interests, rights and freedoms, such as compliance with a legal obligation (such as those requiring the retention of documents) or the establishment, exercise or defence of a legal claim. |
| Right of rectification – article 16 GDPR | « The right of rectification allows you to correct inaccurate data concerning you (incorrect address or age) or to complete data (address without the flat number) in relation to the purpose of the processing » (definition taken from the page of the CNIL website). |
| Right to erasure (“right to be forgotten”) – Article 17 GDPR | This right allows you to obtain the erasure of personal data concerning you from the data controller as soon as possible.
« You may obtain their deletion if at least one of these situations corresponds to your case:
(definition taken from the page of the CNIL website). |
| Right to request a restriction of processing – Article 18 GDPR | « If you contest the accuracy of the data used by the organisation or object to your data being processed, the law authorises the organisation to verify or examine your request for a certain period of time. During this period, you can ask the organisation to freeze the use of your data. In concrete terms, this means that it must no longer use the data but must retain them » (definition taken from the page of the CNIL website).
The right to temporarily restrict the processing of your personal data applies in particular in order to carry out verifications, i.e.
if you object to the processing pursuant to your right to object, during the period of verification intended to confirm that the legitimate reasons pursued by IPC prevail over yours. |
| Right to data portability – Article 20 GDPR | « The right to data portability offers you the possibility of recovering a part of your data in a machine-readable format. You are free to store these portable data elsewhere or transmit them easily from one system to another, with a view to re-use for other purposes ». (definition taken from the page of the CNIL website).
Nevertheless, you can only exercise your right to portability if:
|
| Right to define directives – article 85 of the French Data Protection Act | You can issue general or specific directives relating to the retention, deletion and communication of your personal data in the event of your death. Directives may be revoked at any time.
In the absence of instructions, IPC undertakes to destroy the personal data, unless their retention is necessary for evidential purposes or to comply with a legal obligation. |
To find out exactly what your rights are, please refer to the aforementioned articles of the GDPR or consult the following link: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles (« the rights to control your personal data » ).
How to exercise your rights?
You can exercise your rights by contacting IPC‘s Data Protection Officer:
Data Protection Officer
IPC
2 rue Pierre et Marie Curie
01100 BELLIGNAT, FRANCE
Under exceptional circumstances, the Data Protection Officer may ask you for a signed identity document if he/she has serious doubts about the identity of the person making the request.
When you exercise your rights, the Data Protection Officer processes your personal data for the purposes of managing your request. This data are kept for 1 month (with the exception of a copy of your identity document (if the same is requested), which is kept for the duration of verification) as IPC is obliged to respond within this period. Nevertheless, the deadline may be extended to 3 months depending on the complexity of the request.
Your right to lodge a complaint with the CNIL:
You also have the right to refer a matter to the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, about any complaint relating to manner in which IPC collects and processes your data.
How does IPC ensure the security of your personal data?
IPC takes all necessary precautions and appropriate organisational and technical measures to protect the security, integrity and confidentiality of your personal data and, in particular, to prevent them from being distorted, damaged or accessed by unauthorised third-parties.
Who to contact in the event of questions or lack of understanding relating to this data protection policy?
If you need any information about IPC’s personal data protection policy, please contact DPO@ct-ipc.com
How to manage the placement of cookies?
A cookie is a small computer file, a tracker, which is deposited and read when the Site is viewed, regardless of the type of terminal used (computer, smartphone, etc.), hereinafter referred to as “cookies”.
The Site uses cookies to enable IPC to offer you advertising, monitor the site’s audience (pages viewed, searches carried out, etc.) and to enable you to browse smoothly with the cookies required for the Site to function properly.
You will be asked to give your consent for the deposit of cookies when you first visit our Site by means of a “cookies banner”.
By clicking on “Accept all”, you authorise all cookies to be deposited.
By clicking on ‘Refuse’, you reject the deposit of all cookies (except those necessary for the website to function properly).
By clicking on “Personalise”, you will be able to:
Nevertheless, regardless of your choice, the cookies required for the proper functioning of the Site cannot be deactivated and are deposited automatically for your browsing convenience.
You can change your consent, at any time, by clicking on “Cookies management” at the bottom of each page of our Site.
The users of the Site can also configure cookies management directly from their browser. Depending on the settings made, the browsing and the experience on the Site may be limited.
In any event, the Site and its owner decline all liability for the consequences relating to the degraded operation of the Site and any services offered as a result of refusing and/or adjusting cookies.
Lastly, by clicking on the icons dedicated to the Twitter, Facebook and Linkedin social networks appearing on the Site and if the user has accepted the deposit of cookies, Twitter, Facebook and Linkedin can also deposit cookies.
