Personal data protection policy

This Data Protection Policy is intended to inform you as to the commitments taken by REEL so as to guarantee respect of your Personal Data.

Definitions:

  • Personal data (or “Data”) refers to all information pertaining to an identified or identifiable natural person, directly or indirectly, notably with reference to an identifier.
  • Personal Data Processing refers to any operation or group of operations undertaken with or without the assistance of automated processes and applied to Data or groups of Data.
  • Websites: the websites accessible at the following addreses https://www.reelinternational.com, http://www.aemco.reel.fr, https://www.imeca.reel.fr
  • Data Controller:  REEL, having its registered office at Chemin de la Chaux, BP39, 69450 Saint-Cyr au Mont d’or France, hereby undertakes to respect privacy and protect Personal Data.

1. SCOPE OF THE PERSONAL DATA PROTECTION POLICY

This Data protection policy is applicable to all Personal Data Processing implemented by the Data Controller via the Website.

2. DATA COLLECTED

Generally, you can visit our Website without it being necessary to send us Data.
However, in order to be able to offer certain services, the Data Controller may request certain Data from you, for instance, to reply to a contact request or follow an application.
All or some of the following Data may be collected when you use the Websites:

  • Identity data (surname, forename, email address, telephone number)
  • Data pertaining to your personal and professional life which you decide to send us, notably in the framework of applications.

In all instances, we restrict ourselves to the collection and processing of pertinent, adequate, non excessive Data strictly necessary for those purposes previously determined.
We are also likely to use cookies which are small files containing letters and figures downloaded to your terminal when you access the Website (see paragraph entitled cookies).

3. PURPOSE OF PROCESSING UNDERTAKEN BY THE DATA CONTROLLER AND LEGAL BASIS FOR PROCESSING

The Data Controller hereby undertakes to collect and process your Personal data in a loyal, legal and transparent manner.
Use, in line with the purposes outlined hereunder, of your Data by the Data Controller is authorised by legislative and regulatory provisions as it is:

  • Required for respect of our legislative and regulatory obligations towards public institutions or competent authorities. Art. 6 sec. 1 lit. c) GDPR
    Or,
  • Required for conclusion or performance of a contract Art. 6 sec. 1 lit. b) GDPR
    Or,
  • In certain cases, required for our best interests for the purposes outlined hereunder Art. 6 sec. 1 lit. f) GDPR
    Or,
  • In certain circumstances, undertaken with your consent Art. 6 sec. 1 lit. a) in connection with Art. 7 GDPR

Processing, undertaken by the Data Controller, meets explicit, legitimate and determined purposes.
Your Data may notably be processed for the following purposes:

  • Supervision of your application made on the Website:
  • Response to your contact requests and issue of commercial documentation.

The purpose of collection will be precisely indicated at the time of collection.

4. TERM OF DATA STORAGE

The duration of storage of your Data depends on the processing purposes for which the data is used.

  • Processing and supervision of applications:
    We hereby undertake to delete your Data within a maximum of 2 years after our final contact with you.
  • Communication, management of your contact requests:
    We hereby undertake to delete your Data within a maximum of 3 years after our final contact with you.

Beyond this term, Data may be rendered anonymous and stored solely for statistical use and will not be exploited, in any nature whatsoever.

5. CATEGORIES OF RECIPIENTS OF DATA COLLECTED

The Data Controller will only send your Personal data to authorised and given recipients.
No transfer to third parties for commercial use will be undertaken without your prior consent.

The recipients of your Data are those departments at the Data Controller concerned as well as, where applicable, authorised persons:

  • From our subsidiaries for internal management or recruitment;
  • From our suppliers, service providers and notably technical service providers so as to provide you with the service or information you requested (Mailing, data storage, etc.) By virtue of their contract, these service providers are not authorised to use or disclose this information, aside for when required to provide services or comply with requirements for which provision is made by law;
  • From a legal or administrative authority where the Data Controller is required by law.

By application of applicable regulations, any sub-contractor who may process this Personal data for the Data Controller undertakes notably to:

  • process Data solely for that/those purpose(s) which are the sub-contracted,
  • process Data pursuant to the Data Controller instructions
  • guarantee the security and confidentiality of Data.

6. DATA TRANSFER

In such instance as your Data is transferred outside of the European Union, we ensure that:

  • Data is transferred to a country accepted as offering an equivalent level of protection.
  • Data is transferred to entities certified under the Privacy Shield
  • For Data transferred outside of countries recognised by the French Data Protection Authority (CNIL) as having a sufficient level of protection, redress is made to one of the mechanisms offering appropriate guarantees for which provision is made by applicable regulations, and in particular standard contractual clauses.

7. COOKIES

You can consult our cookies policy here.

8. YOUR RIGHTS CONCENING DATA COLLECTED

8.1. Your rights

You have all of the following rights over Data we collect:

  • Right to access your Data: You are entitled to receive confirmation that your Data is or is not processed and, when it is, are entitled to access said Data. This right includes that of receiving a copy of the Data processed: Art. 15 GDPR.
  • Right to request rectification of your Data if incorrect: You are entitled to request that your Data be rectified, updated or completed when inaccurate, incorrect, incomplete or obsolete: Art. 16 GDPR.
  • Right to request deletion of your Data: According to Art. 17 GDPR, you are entitled to request deletion of your Data only for those reasons for which provision is made by applicable regulations and in particular when: Data is no longer necessary in light of the purposes for which it is collected or processed in any other manner; you withdraw consent over which processing is based, and there is no legal basis for processing; you object to processing and there is no overriding legitimate ground for processing; you consider that your Data has been processed illicitly; your Data should be deleted to respect a legal obligation.
  • Right to limit processing of your data: According to Art. 18 GDPR, you are entitled to request that the Data Controller limit the use of your data solely on those grounds for which provision is made by applicable regulation and in particular when: you object to the accuracy of your Data; you consider that processing is illicit and you object to deletion of your data; data is still required for exercising or defending your rights in court even though the Data Controller no longer requires this data,
  • The right to object to processing by withdrawing your consent (with it being reiterated that this withdrawal may not harm the legality of processing based on the consent granted prior to its withdrawal) Art. 7 sec. 3 GDPR,
  • The right to benefit from data portability: You are entitled to reclaim your data provided to the Data Controller, in a structured format, commonly used and machine-readable, and the right to transfer this data to another Data Controller, Art. 20 GDPR.
  • Right to make a complaint to the National Data Protection Authority (CNIL): If you consider that the Data Controller has defaulted in respect of its obligations in light of your Personal data, at any time you may issue a complaint or make a claim to the competent authorities. In France, the competent authority is the National Data Protection Authority (CNIL) to whom you may issue a claim electronically by clicking on the following link: https://www.cnil.fr/fr/plaintes/internet.

8.2. Terms for exercising rights

You may exercise the aforementioned rights with a written and detailed request to the following address: REEL, Chemin de la Chaux, BP39, 69450 Saint-Cyr au Mont d’or, France.

Due to the obligation of security and confidentiality in Data processing incumbent upon the Data Controller, you are hereby informed that your request will be processed subject that you provide proof of your identity, notably by producing a scanned copy of a valid identity document or a signed photocopy of a valid identity document.

The Data Controller will determine whether this is admissible or not within one month following receipt of the claim. In such instance as it is deemed admissible, the Data Controller will provide all information requested or implement the rights claimed within the aforementioned deadline.

If, given the complexity of the claim or the number of requests received, the aforementioned deadline cannot be respected, the Data Controller will notify you prior to expiry of this deadline, of this deadline being pushed back by a maximum of two months following its decision.

The Data Controller hereby notifies you that it will be entitled, where applicable, to object to any requests which are clearly abusive (in their number, repetitive or systematic nature).

In such instance as the Data Controller does not follow up on your request, we will inform you in the aforementioned deadlines of the grounds on which our decision is based and your option to refer a complaint to the National Data Protection Authority (CNIL).

9. PERSONAL DATA SECURITY

We take all necessary security measures so as to prevent as far as practically possible any alteration or loss of your data or any unauthorised access thereunto.
In such instance as we should be aware of any illegal access to personal data concerning you, we undertake to notify you of the incident as soon as possible if this fulfils a legal requirement.

10. UPDATING THE PRESENT POLICY

The present policy may be updated at any time, notably pursuant to legal and/or regulatory provisions and/or any recommendations of the National Data Protection Authority (CNIL). We hereby invite you to consult this page regularly.

Join a dynamic group!
we are always on the lookout for new talents!
Reel hires all over the world

REEL wishes you a happy new year 2023

REEL wishes you a happy new year 2023!

Groupe REEL takes over CNIM Systèmes Industriels

Groupe REEL takes over CNIM Systèmes Industriels, which designs and produces large-scale complex mechanical systems.

REEL receives the first DNV ISO 19443 certificate

REEL becomes the first company in the world certified by DNV according to ISO 19443!

REEL and its teams wish you a Happy New Year !

REEL and its teams wish you a Happy New Year 2022!