Privacy policy
Privacy Protection Policy
1/ PURPOSE
The present Privacy Protection Policy sets out the manner in which MATHYM SAS (“MATHYM”) and Baikowski group companies fulfil their commitment to respect of your privacy when, in our quality of data controller, we collect, process and store personal data reflecting your quality of customer, prospective customer, vendor, candidate and/or user of MATHYM’s website in the framework of your relationship with MATHYM and use of MATHYM’s website (the “Website”) accessible at www.mathym.com (the “Personal Data”). The Privacy Protection Policy is also designed to describe our practices for the collection, use, processing, storage, divulgation and transfer of your personal data in the light of the requirements of the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”) and associated legal and regulatory requirements.
2/ CUSTOMERS AND VENDORS
2.1. Objectives
We collect and process your Personal Data for the purpose of managing our relationship with customers and/or vendors and more particularly for the purposes of:
• Managing our relationship with existing or potential customers and/or vendors;
• Assessing our customers’ level of satisfaction, and verifying our vendors’ compliance with legal requirements, via the performance of surveys;
• Prospection and direct marketing;
• Managing and monitoring sales proposals and orders;
• Making returns to competent authorities;
• Managing invoice collection; and
• Managing the signature of contracts and managing contractual databases.
The collection and processing of such Personal Data are a necessity to enable us to comply with our legal requirements, sign and/or perform contracts entered into with you and/or, eventually, preserve our legitimate interests, with the aim of promoting our products and services, and managing our relationships with our existing or potential customers and vendors worldwide, whilst complying with the requirements of article 6 §1 (b), (c) and/or (f) of the GDPR.
2.2. Categories of Personal Data
We may have occasion to collect your Personal Data in the context in particular of our commercial exchanges with you, during a trade fair or via our Website, whether (i) directly from yourself or your employer or (ii) indirectly via authorized third parties such as employees, sales agents, distributors etc. For the purposes described above, we may collect, process and exploit the following categories of Personal Data applicable to you:
• Information (surname, forename, sex etc.) enabling your identification;
• Contact details such as professional email address, telephone number, fax number and postal address, functions and missions exercised, level of experience, types of contact (direct marketing, survey etc.) and interest for our products;
• Customer relationship management (“CRM”) or supplier relationship management (“SRM”) data such as the identity of your main contact person at MATHYM and/or the identity of our contact person within your company;
• Information in respect of purchases, billing and taxation in order to manage our vendor orders;
• Surveys, assessments and comments; and
• IP address.
2.3. Recipients
We may have occasion to divulge your Personal Data to the following persons should they need to know such information:
• MATHYM personnel and Baikowski Group companies personnel, depending on product lines and geographical regions, including personnel responsible for sales and purchases, project management, technical questions, communication, information systems and regulatory issues;
• MATHYM personnel and Baikowski Group companies personnel, responsible for processing orders and vendors, such as buyers and accountants;
• Subcontractors of MATHYM providing MATHYM with services for the purposes of managing relationships with its existing and potential customers and/or suppliers, including subcontractors hosting your Personal Data.
As regards the divulgation of your Personal Data as described above, we:
• Have implemented procedures designed to ensure that said divulgation is limited to in-house personnel authorized to receive said data which they require in order to perform their professional tasks;
• Will only communicate your Personal Data to third party service-providers authorized to receive and process said data and who have undertaken by contract to:
(i) Make use of appropriate technical and other means of preserving the security of said data; and
(ii) Process said data in accordance with our instructions and within the limit of what is required for performance of their services on our behalf;
• Will take care to comply with the applicable legal and regulatory requirements.
In the event of sale of our company, or of all or part of our business, to a third party your Personal Data collected and conserved by us may be transferred to said third party subject to compliance with the applicable legal requirements.
We may also divulge information relating to you in situations giving us legitimate reason to believe that the law so requires, notably in the context of a court order, or in circumstances leading us to believe that such divulgation is necessary for the prevention of fraud or cybercrime, or for the protection of our rights, assets or security or those of any other person, always subject to compliance with the applicable legal or regulatory requirements and to the extent so permitted.
2.4. Periods of conservation
We will conserve your Personal Data throughout the period of our relationship with you and for as long as necessary to comply with our legal and regulatory obligations, resolve any dispute, ensure performance of our contracts and fulfil the requirements for management of our files, always subject to compliance with the applicable legal or regulatory requirements and to the extent so permitted.
3/ CANDIDATES
3.1. Objectives
We will collect and process your Personal Data for the purposes of examining and assessing your candidacy as well as more generally for the purpose of managing our process of recruitment.
The collection and processing of such Personal Data are a necessity to enable us to prepare the signature and/or performance of your contract of employment with us and, eventually, to preserve our legitimate interests and those of other Baikowski Group companies with the aim of ensuring effective worldwide management of our recruitment subject to compliance with the requirements of article 6 §1 (b), (c) and/or (f) of the GDPR.
Unless otherwise specified at the time of their collection, the communication of your Personal Data is thus obligatory, failing which we will not be in a position to finalize your process of recruitment.
3.2. Categories of Personal Data
We may have occasion to collect your Personal Data, notably during interviews and more generally in the framework of our recruitment process, either (i) directly from you or (ii) indirectly via authorized third parties such as online employment agencies. For the purposes described above, we may collect, process and exploit the following categories of Personal Data applicable to you:
• Information (surname, forename, sex etc.) enabling your identification;
• Your contact details;
• Other information of a professional nature;
• Information derived from previous recruitment sessions.
3.3. Recipients
We may have occasion to divulge your Personal Data to the following persons should they need to know such information:
• The personnel responsible for processing a particular job offer;
• HR managers;
• Other Baikowski Group companies should you have chosen to leave your candidacy visible for other eventual job offers.
As regards the divulgation of your Personal Data as described above, we:
• Have implemented procedures designed to ensure that said divulgation is limited to in-house personnel authorized to receive said data which they require in order to perform their professional tasks;
• Will only communicate your Personal Data to third party service-providers authorized to receive and process said data and who have undertaken by contract to:
(i) Make use of appropriate technical and other means of preserving the security of said data; and
(ii) Process said data in accordance with our instructions and within the limit of what is required for performance of their services on our behalf;
• Will take care to comply with the applicable legal and regulatory requirements.
In the event of sale of our company, or of all or part of our business, to a third party your Personal Data collected and conserved by us in the framework of your eventual recruitment may be transferred to said third party subject to compliance with the applicable legal requirements.
We may also divulge information relating to you in situations giving us legitimate reason to believe that the law so requires, notably in the context of a court order, or in circumstances leading us to believe that such divulgation is necessary for the prevention of fraud or cybercrime, or for the protection of MATHYM’s rights, assets or security or those of any other person, always subject to compliance with the applicable legal or regulatory requirements and to the extent so permitted.
3.4. Periods of conservation
If you are not recruited, we will conserve your Personal Data for 2 years following the date of their collection. In the event of recruitment, we will conserve them throughout the duration of your employment contract. We may also conserve them if that is necessary to comply with our legal and regulatory obligations or resolve any dispute, always subject to compliance with the applicable legal or regulatory requirements and to the extent so permitted. Beyond that period, your Personal Data will be erased from all MATHYM’s and Baikowski group companies’ systems or anonymized.
4/ USERS OF OUR WEBSITE
4.1. Objectives
We collect and process your Personal Data for the purposes of measuring our Website’s audience, optimizing the Website and analysing the manner in which it is used.
The collection and processing of such Personal Data reflect our legitimate interest in the functional management of our commercial activities, notably with the aim of improving our knowledge of our customers and/or prospects and improving their website experience, subject to compliance with the data controller’s legitimate interests as described by article 6 §1 (f) of the GDPR.
4.2. Categories of Personal Data
We may have occasion to collect Personal Data relating to you via your use of our Website. For the purposes described above, we may collect, process and exploit the following categories of Personal Data applicable to you:
• Information relating to use of the Website, extending to all data collected via the Website such as, for example, data relating to the operations performed (e.g. in the form of a log file of all clicks on the Website), and to information on the way you may use the Website;
• Your IP address: when you use the Website, we may automatically record your IP address (your computer’s unique internet identifier) which is automatically recognized by our server;
• Cookies: a cookie is a small text file we may use to collect data on your activity on the Website. For example, when someone consults a page on the Website, a cookie is deposited on the user’s computer (if the user has agreed to the use of cookies) or is read if the user has already consulted the Website. Cookies may also serve to track users on the internet. Most web browsers may be configured in such a way as to report the deposit of a cookie; you can also decide to block their deposit by modifying your web browser’s settings or using our cookie acceptance tool, but it must be noted that in that case you will lose the benefit of the personalized functions available to other users visiting the Website. Certain of the cookies we may use are flash cookies or Adobe cookies. For more details on the use of cookies, we invite you to consult our Cookie Policy;
• Web beacons (also known as GIF web beacons) which are tiny images capable of being individualized and which function as cookies. Web beacons serve to count the numbers of users visiting certain Website pages and help us assess the effectiveness of promotional or advertising campaigns. If inserted in emails in HTML format, they can inform the sender if his or her email has been opened and when. In contrast to cookies which are stored on the hard drive of the user’s computer, Web beacons are incorporated invisibly to the applicable web pages.
4.3. Recipients
We may have occasion to divulge your Personal Data to the following persons should they need to know such information:
• MATHYM personnel intervening in the applicable Baikowski Group companies, as well as subcontractors responsible for management of the Website.
As regards the divulgation of your Personal Data as described above, we:
• Have implemented procedures designed to ensure that said divulgation is limited to in-house personnel authorized to receive said data which they require in order to perform their professional tasks;
• Will only communicate your Personal Data to third party service-providers authorized to receive and process said data and who have undertaken by contract to:
(i) Make use of appropriate technical and other means of preserving the security of said data; and
(ii) Process said data in accordance with our instructions and within the limit of what is required for performance of their services on our behalf;
• Will take care to comply with the applicable legal and regulatory requirements.
In the event of sale of our company, or of all or part of our business, to a third party your Personal Data collected and conserved by us may be transferred to said third party subject to compliance with the applicable legal requirements.
We may also divulge information relating to you in situations giving us legitimate reason to believe that the law so requires, notably in the context of a court order, or in circumstances leading us to believe that such divulgation is necessary for the prevention of fraud or cybercrime, or for the protection of MATHYM’s rights, assets or security or those of any other person, always subject to compliance with the applicable legal or regulatory requirements and to the extent so permitted.
4.4. Periods of conservation
We will conserve your Personal Data for a maximum period of thirteen (13) months, beyond which your Personal Data will be erased from all MATHYM’s and Baikowski group companies’ systems or anonymized.
5/ TRANSFERS TO OTHER COUNTRIES
We may have occasion to transfer your Personal Data to Baikowski Group companies and in particular, to entities located outside the European Economic Area within countries in which the level of protection of data confidentiality is not considered equivalent to that prevailing in Europe. For the purpose of protecting your Personal Data, we have entered into agreements for the transfer of data with these entities based on the European Commission’s model clauses.
In addition, and to meet the objectives listed in the present Privacy Protection Policy, we may have recourse to third party service-providers who may also be located outside the European Economic Area, and more particularly to US subcontractors in the framework of the supply of applications and other software. To ensure the security of the transfer of data to these subcontractors, we enter into agreements based on the European Commission’s model clauses, or ensure that the subcontractors subscribe to and comply with Privacy Shield, or take any other measures the European Commission judges adequate to ensure sufficient protection for the transfer of Personal Data to countries located outside the European Economic Area.
Any subsequent transfer of data (notably to Baikowski Group companies outside the European Economic Area) is subordinated to compliance with the applicable legal requirements.
6/ RIGHTS OF DATA SUBJECTS
By virtue of the General Data Protection Regulation (GDPR), you dispose of a certain number of rights with regard to your Personal Data. Those rights are as follows:
• Right of access. At any time, you may request access to your Personal Data and obtain information as to the processing we perform.
• Right to rectification or erasure. MATHYM is attentive to maintaining the personal information in its possession exact, up to date and complete. If you believe that any personal information held on you by MATHYM is incorrect, inexact, incomplete or out of date, you may request its revision or correction. MATHYM reserves itself the right not to modify any personal information it believes to be correct, and to request legal confirmation of certain changes. Should it be established that personal information is inexact, incomplete or out of date, we will revise it and, unless to do so proves impossible or requires disproportionate effort, we will inform any and all agents, service-providers or other third parties who may have received inexact information.
• Right to withdrawal of consent. If you have consented to processing of your data, in certain circumstances you have the right to withdraw your consent at any time, but that will not however affect the legality of processing performed prior to withdrawal of your consent.
• Right to object to processing. In certain circumstances, you may at any time object to the processing of your personal data, including for purposes of profiling, for reasons related to your particular circumstances.
• Right to restrict processing. You have the right to obtain restriction of the processing we perform in certain instances provided for by the GDPR.
• Right to data portability. Whenever processing is based on consent or on a contract, you have the right to receive the personal data you supplied to us in a structured, commonly used and machine-readable format and have the right to transmit those data to another data controller of your choice.
• Right to define instructions for management of your Personal Data after death. You have the right to define instructions for the processing of your Personal Data after death.
• Right to complain. You have the right to complain to the competent data protection supervisory authority if you believe that MATHYM has not complied with the requirements of the GDPR in respect of your personal data.
You may exercise your rights by writing to us at MATHYM SAS – 22 rue des Aulnes – 69410 Champagne au Mont d’Or – France, or by sending an email to rgpd@mathym.com
7/ SECURITY
We take all reasonable measures to preserve your Personal Data from any unauthorized access or illegal use, and to avoid any loss, destruction or deterioration of your Personal Data. To protect your Personal Data, we have recourse to physical, logical and technical measures and to organizational and procedural controls which are all subject to periodic revision.
When we engage third party service-providers for purposes of processing your Personal Data, we ensure they are bound by contract to guarantee the application of high standards of protection of privacy, in particular by requiring them to act uniquely according to our instructions and to implement consistently all the technical measures required to maintain the security of your Personal Data.
Even so, no transmission of data on the internet or on a website can be entirely guaranteed against any intrusion. Therefore, although we make reasonable efforts to protect your personal information in accordance with the legal requirements for data protection, we cannot guarantee absolute security. Any unauthorized access or use of the present Website, or of the data we store, must be reported to us immediately by sending an email to rgpd@mathym.com.
8/ INFORMATION AND UPDATES
Should you have questions or comments in respect of your Personal Data or the present Policy, you may contact the following persons:
• If you are a candidate: the email address indicated in the job offer;
• If you are a customer or vendor: rgpd@mathym.com
By reason of changes in technology, the applicable law and our activities, or for other commercial reasons, we may need to modify the present policy of confidentiality, in which case we will place the new version of the policy on this Website without notifying the change. It is thus important for you to consult this Website regularly to be advised of any change.
The latest version of the policy is dated February 11th 2021.