-Privacy Policy

Purpose of this Privacy Policy

The purpose of this privacy policy is to inform users of our site about the personal data we will collect as well as the following information, if applicable:

  • 1.The personal data we will collect
  • 2.The use of the collected data
  • 3.Who has access to the collected data
  • 4.The rights of site users
  • 5.The site's cookie policy

This policy works in conjunction with the terms of use of our site.

Definition and Nature of Personal Data

When you use the services accessible on our website https://www.grantalf.com/, hereinafter referred to as "Grantalf", we may ask you to provide us with personal data. "Personal data" refers to any data that can identify a person, such as your name, first name, photograph, or email address, your phone number, as well as any other information you choose to provide us.

Please note that we only collect data that helps us achieve the purpose stated in this privacy policy. We will not collect additional data without informing you in advance.

Applicable Laws

In accordance with the General Data Protection Regulation (GDPR), this privacy policy complies with the following regulations.

Personal data must be:

  • 1.processed lawfully, fairly, and transparently in relation to the data subject (lawfulness, fairness, transparency);
  • 2.collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes; further processing for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes shall not be considered incompatible with the initial purposes (purpose limitation);
  • 3.adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed (data minimization);
  • 4.accurate and, where necessary, kept up to date; every reasonable step must be taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay (accuracy);
  • 5.kept in a form that permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by the GDPR in order to safeguard the rights and freedoms of the data subject (storage limitation);
  • 6.processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures (integrity and confidentiality).

Processing is lawful only if and to the extent that at least one of the following applies:

  • 1.the data subject has given consent to the processing of his or her personal data for one or more specific purposes;
  • 2.processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
  • 3.processing is necessary for compliance with a legal obligation to which the controller is subject;
  • 4.processing is necessary in order to protect the vital interests of the data subject or of another natural person;
  • 5.processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
  • 6.processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.

For residents of the State of California, this privacy policy aims to comply with the California Consumer Privacy Act (CCPA). If there are any inconsistencies between this document and the CCPA, the state legislation will apply. If we identify any inconsistencies, we will amend our policy to comply with the relevant law.

Consent

When you choose to communicate your personal data, you expressly consent to the collection and processing of such data in accordance with this policy and the applicable legislation.

How We Use Personal Data

The personal data collected on our site will be used only for the purposes specified in this policy or indicated on the relevant pages of our site. We will not use your data beyond what we disclose.

The data we collect when the user performs certain functions may be used for the following purposes:

  • 1.To manage your access and use of Grantalf services available on our site
  • 2.To manage customers, including contracts, orders, invoices, and customer relationship follow-ups
  • 3.To create a file of registered members, users, customers, and prospects
  • 4.To send newsletters, solicitations, and promotional messages about our products and offers. You have the option to refuse this when your data is collected
  • 5.To provide commercial usage and traffic statistics of our services.
  • 6.To manage customer reviews of Grantalf products
  • 7.To manage unpaid invoices and potential disputes regarding the use of our products and services
  • 8.To comply with our legal and regulatory obligations

We inform you, when collecting your personal data, if certain data must be provided mandatorily or if they are optional. We also indicate the possible consequences of a lack of response.

With Whom We Share Personal Data

Only our employees, the services we use, and trusted third-party applications may have access to your personal data.

Public bodies, exclusively to meet our legal obligations, legal auxiliaries, ministerial officers, and organizations responsible for debt collection may also be recipients of your personal data.

Prohibition of Selling Personal Data

We are committed not to sell or share your data with third parties, except in the following cases:

  • 1.if required by law
  • 2.if required for any legal proceedings
  • 3.to prove or protect our legal rights
  • 4.to buyers or potential buyers of this company if we seek to sell the company

If you follow hyperlinks from our site to another site, please note that we are not responsible for and have no control over their privacy policies and practices.

How Long and Where We Store Personal Data

All your data is hosted in the European Union.

We do not retain user data beyond what is necessary to achieve the purposes for which it was collected.

Your personal data will not be retained beyond the time strictly necessary to manage our commercial relationship with you. However, data that can establish proof of a right or contract, which must be retained to comply with a legal obligation, will be retained for the duration provided by the applicable law.

Regarding potential prospecting operations aimed at customers, their data may be retained for a period of three (3) years from the end of the commercial relationship.

Personal data relating to a prospect, who is not a customer, may be retained for a period of three (3) years from their collection or the last contact from the prospect.

At the end of this three (3) year period, we may contact you again to find out if you wish to continue receiving commercial solicitations.

How We Protect Your Personal Data

For your information, we take all necessary precautions, as well as appropriate organizational and technical measures, to maintain the security, integrity, and confidentiality of your personal data, and in particular to prevent them from being distorted or damaged and to prevent any unauthorized third party from accessing them. All data stored in our system is well secured and accessible only to our employees. Our employees are bound by strict confidentiality agreements, and a breach of this agreement would result in the employee's dismissal.

While we take all reasonable precautions to ensure that our user data is secure and that users are protected, there is always a risk of harm. The Internet as a whole can be, at times, insecure, and therefore we are unable to guarantee the security of user data beyond what is reasonably practical.

Your Rights as a User

Under the GDPR, users have the following rights as data subjects:

  • 1.right of access
  • 2.right to rectification
  • 3.right to erasure
  • 4.right to restrict processing
  • 5.right to data portability
  • 6.right to object

You can find more information about these rights in Chapter 3 (Articles 12-23) of the GDPR.

How to Modify, Delete, or Contest Collected Data

If you wish to have your information deleted or modified in any way, please contact our privacy officer here:

  • -Postal address: DPO CRYPTR 165 avenue de Bretagne 59000 Lille
  • -Email address: support@grantalf.com

Cookie Policy

Cookies are text files, often encrypted, stored in your browser. They are created when a user's browser loads a given website: the site sends information to the browser, which then creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the website's server.

There are two types of cookies, which do not have the same purposes: technical cookies and advertising cookies:

  • -Technical cookies are used throughout your navigation to facilitate and perform certain functions. A technical cookie can, for example, be used to remember the answers entered in a form or the user's preferences regarding the language or presentation of a website, when such options are available.
  • -Advertising cookies can be created not only by the website on which the user is browsing but also by other websites displaying advertisements, announcements, widgets, or other elements on the displayed page. These cookies can be used to perform targeted advertising, i.e., advertising determined based on the user's navigation.

We use technical cookies and do not use advertising cookies.

We use an open-source tool called Ackee, which is deployed on our server as an audience analysis statistical tool on the showcase site https://www.grantalf.com/ to track the number of page views, the duration of page visits, and visitor activity. This solution does not use cookies and is completely anonymized.

You can also choose to disable cookies entirely in your Internet browser, but this may reduce the quality of your user experience.

Modifications

This privacy policy may be modified from time to time to maintain compliance with the law and to reflect any changes to our data collection process. We recommend that our users check our policy from time to time to ensure they are informed of any updates. If necessary, we may notify users by email of changes to this policy.

Contact

If you have any questions, please feel free to contact us using the following:

  • -Postal address: DPO Grantalf/Little Omega - 15 allée des pommiers - 14440 Douvres la Délivrande - France
  • -Email address: dpo@grantalf.com

Effective Date

Updated: December 30, 2024