Skip to main content

Privacy Policy

www.yachtsdeparis.fr

Sodexo Group builds strong and last­ing rela­tion­ships based on mutual trust with its clients, part­ners, custom­ers, and employ­ees: it is an abso­lute prior­ity for Sodexo Group to ensure the latter’s personal data remains safe and confid­en­tial. 

Sodexo Group complies with all French and European regu­la­tions and legis­la­tion govern­ing the protec­tion of personal data.

 

Sodexo Group enforces an extremely strict privacy policy to ensure the personal data of those who use its websites and other applic­a­tions is well protec­ted:

•    Each user remains in control of their own data, which is processed in a trans­par­ent, confid­en­tial and secure manner
•    Sodexo Group is commit­ted to an ongo­ing approach to protect users’ personal data, in compli­ance with the French Data Protec­tion Act of 6 Janu­ary 1978 as amended (here­in­after “DPA”), and the EU General Data Protec­tion Regu­la­tion of 27 April 2016 (here­in­after “GDPR”).
•    Sodexo Group has a team dedic­ated to personal data protec­tion, consist­ing of a Group Data Protec­tion Officer registered with the CNIL (French Data Protec­tion Agency) as well as a network of contact persons dedic­ated to personal data protec­tion.

 

DEFIN­I­TIONS:

“ Personal data ”    means any inform­a­tion relat­ing to an iden­ti­fied or iden­ti­fi­able natural person; an “iden­ti­fi­able natural person” is one who can be iden­ti­fied, directly or indir­ectly, in partic­u­lar by refer­ence to an identi­fy­ing factor, such as a name, iden­ti­fic­a­tion number, loca­tion data, online iden­ti­fier, or to one or more factors specific to the phys­ical, physiolo­gical, genetic, mental, economic, cultural or social iden­tity of that natural person (here­in­after referred to as the “Data Subject”) 

“Us” or “our”     refers to the entity within Sodexo Group that processes Personal Data

“Data control­ler”     means the natural person or legal entity which determ­ines the purposes and means of the processing of personal data

“Services”    means the services offered on the Portal and/or at one of our estab­lish­ments

“Data processor ”    means a natural person or legal entity which processes Personal Data on behalf of the Control­ler

“You”     means any user/visitor of the Portal.

“Portal”    means this website and/or, where applic­able, mobile applic­a­tion, and any sub-sites, mirror sites, portals, URL vari­ations thereof, if applic­able. 

 

PURPOSE OF THIS POLICY:

Sodexo takes protec­tion of your Personal Data very seri­ously. 

We have developed this policy to inform you of the condi­tions under which we collect, process, use and protect your Personal Data. Please read it care­fully so that you know what categor­ies of Personal Data we collect and process, how we use it, and with whom we might share it. This policy also describes your rights and how you can contact us to exer­cise these rights or to ask any ques­tions you may have about your Personal Data.

This Policy may be amended, added to, or updated in order to comply with any legal, regu­lat­ory, case law or tech­nical devel­op­ments that may arise. However, your Personal Data will always be processed pursu­ant to the policy prevail­ing at the time of data collec­tion, unless offi­cial legal regu­la­tions stip­u­late other­wise and are enforced retro­act­ively.

This policy forms an integ­ral part of the Portal’s General Terms and Condi­tions of Use.

 

IDEN­TITY AND CONTACT DETAILS OF THE CONTROL­LER

The entity respons­ible for processing Personal Data is UMANIS, a simpli­fied joint stock company with a capital of €400,000, whose registered office is located at 30, Cours de l’Ile Seguin – 92777 Boulogne-Billan­court Cedex, registered in the Trade and Compan­ies Register under number 841 448 707.

 

COLLEC­TION & SOURCE OF PERSONAL DATA

We will most likely collect your Personal Data directly (e.g. via the data collec­tion forms on our Portal), or indir­ectly (e.g. via our service providers and/or tech­no­logy on our Portal).

We under­take to obtain your consent and/or to allow you to object to the use of your data for certain purposes, if neces­sary. In addi­tion, you may opt in to receive person­al­ised messages and offers from us. Should you wish to with­draw your consent, you can simply click on the “unsub­scribe” link in the last message or person­al­ised offer received from us. In any event, you will be informed of the purposes for which your data is collec­ted via the vari­ous online data collec­tion forms and the Cookie Manage­ment Policy.

In addi­tion, any credit card payments that may be offered on the Portal will be handled by our payment provider special­ising in secure online trans­ac­tions. Trans­mis­sion of your personal data such as the number, expiry date, and secur­ity code of your credit card will be done by secure connec­tion and directly on the provider’s dedic­ated plat­form. Online payments will be secured by an added layer of secur­ity offered by the 3DS authen­tic­a­tion process.

 

TYPES OF PERSONAL DATA WE COLLECT AND USE

Among others, we may collect and process the follow­ing types of Personal Data:

  • the inform­a­tion you provide when filling in the forms on the Portal, in partic­u­lar for regis­tra­tion purposes, parti­cip­a­tion in surveys and events, and for market­ing purposes (e.g.: title, first name and surname, etc.) 
  • inform­a­tion you provide for authen­tic­a­tion and web brows­ing purposes (e.g. IP address, cook­ies, etc.)
  • inform­a­tion you provide to book and pay for a service (e.g. tele­phone number, email and postal address, credit card number, etc.)
  • inform­a­tion you provide in a job applic­a­tion and, if applic­able, during the recruit­ment process (e.g. CV, inform­a­tion about your educa­tion, profes­sional exper­i­ence, distinc­tions, diplo­mas, qual­i­fic­a­tions, certi­fic­ates, languages spoken, salary expect­a­tions, etc.)
  • inform­a­tion you provide if you apply and, if relev­ant, take part in our “Artisan Guild” compet­i­tion (e.g.: first name and surname, address, tele­phone number, etc.)
  • inform­a­tion you supply to manage a request or service
  • inform­a­tion you provide through public­a­tions, comments, or other content you post on the Portal.

Personal data iden­ti­fied by an aster­isk in data collec­tion forms is mandat­ory because it is required to process the request. If you do not fill in this mandat­ory inform­a­tion, we will not be able to handle your request. 

 

PERSONAL DATA WE MAY COLLECT AUTO­MAT­IC­ALLY 

We may collect certain inform­a­tion auto­mat­ic­ally when you visit the Portal in order to facil­it­ate its use and to better custom­ise it and our products and services accord­ing to your interests and needs. We under­take to obtain your consent whenever neces­sary. For more inform­a­tion, please see our Cookie Manage­ment Policy.

With your consent, we may collect some inform­a­tion auto­mat­ic­ally when you visit the Portal in order to person­al­ise and enhance your exper­i­ence. We collect this inform­a­tion by vari­ous means, as explained below.

Cook­ies

A “cookie” is a small inform­a­tion file sent to your browser when you are on our Portal and stored on your device. This file contains inform­a­tion such as the domain name, inter­net service provider, oper­at­ing system, and the date and time of user access. Note that cook­ies will not damage your device in any way. 

Cook­ies are not used to estab­lish the iden­tity of an indi­vidual visit­ing our website. Cook­ies allow us to determ­ine your geograph­ical loca­tion and display language in order to improve your brows­ing exper­i­ence. They also allow us to process inform­a­tion about your visit to the website – such as the pages visited and searches performed – in order to improve our website content, track your interests, and provide you with suit­able content.

If you do not wish to receive cook­ies from our Portal, you can adjust your browser settings accord­ingly using our cookie manage­ment tool or directly by chan­ging your browser settings. 

Lastly, by click­ing on the social network icons for Twit­ter, Face­book, Linkedin etc. displayed on our Portal, and if you have agreed that cook­ies may be depos­ited while you browse on the Portal, these social networks may also deposit cook­ies on your device(s) (computer, tablet, mobile phone). These types of cook­ies are only depos­ited on your devices if you consent to them by continu­ing to browse the website. However, at any time you may with­draw your consent allow­ing these social networks to deposit cook­ies.

For more inform­a­tion, please see our Cookie Manage­ment Policy.

IP addresses

An IP address is a unique address that iden­ti­fies elec­tronic devices on the inter­net and allows them to commu­nic­ate with each other. When you visit our website, we may use the IP address of the device you used to connect to the website. We use this inform­a­tion to determ­ine the general phys­ical loca­tion of the device, and to identify what geographic area visit­ors are from. 

Stat­ist­ics

The Portal may use Google Analyt­ics to gener­ate stat­ist­ical reports. These reports tell us, for example, how many users have visited the Portal, which pages were visited, and where website users are located geograph­ic­ally. Inform­a­tion collec­ted via the stat­ist­ics may include your IP address, the website from which you arrived at our website, and the type of device you are using. Your IP address is hidden on our systems, and will only be used inso­far as is neces­sary to resolve tech­nical issues, admin­is­ter the Portal, and under­stand visitor pref­er­ences. Portal traffic inform­a­tion is only avail­able to author­ised staff members. We do not use any of this inform­a­tion to identify visit­ors, and we do not share it with any third parties. 

 

SOCIAL NETWORKS

Our Portal may offer you the option of click­ing on social network icons, e.g. Twit­ter, Face­book, LinkedIn, etc.

Lastly, by click­ing on the social network icons for Twit­ter, Face­book, LinkedIn, etc. displayed on our Portal, and if you have agreed that cook­ies may be depos­ited while you browse on the Portal, these social networks may also deposit cook­ies on your device(s) (computer, tablet, mobile phone). Video-shar­ing services help enrich our Portal with video content and increase its visib­il­ity.

When you click on these icons, we may have access to personal inform­a­tion that you have made public, and which is access­ible via your profiles on these social networks. However, we neither create nor use any data­base separ­ate from these social networks based on the personal inform­a­tion you may have published there, and we will not process any of your personal data in this way.

If you do not want us to have access to the personal inform­a­tion published publicly on your social media profiles or accounts, you should use the means provided by these social networks to restrict access to said inform­a­tion.

 

PURPOSES FOR WHICH WE USE PERSONAL DATA

Among other purposes, we may use your Personal Data as follows:
 

No.

Purpose of processing

Legal basis of processing

Dura­tion of data reten­tion

1

To provide services and bene­fits ordered on the Portal

To enter into a contract and manage our contrac­tual rela­tion­ship with you

Up to 5 years from the last activ­ity or the end of our contrac­tual rela­tion­ship

2

To respond to your quer­ies, such as requests for inform­a­tion, quotes, contacts or research

To enter into a contract and manage our contrac­tual rela­tion­ship with you

 

Our legit­im­ate interest in commu­nic­at­ing and respond­ing to your requests, and to improve the qual­ity and oper­a­tional excel­lence of the services we provide you with

Up to 12 months after the last contact

3

To send you exclus­ive offers and news about our products and services and/or those of our part­ners

Our legit­im­ate interest in improv­ing the qual­ity and oper­a­tional excel­lence of the services we provide you with

 

Your consent to receive messages and exclus­ive offers from our part­ners

Up to 3 years from the data collec­tion date or the last contact with you

4

To manage job applic­a­tions, recruit­ment processes, and any hiring proced­ures

Perform­ance of our contrac­tual rela­tion­ship

 

Our legit­im­ate interest in managing applic­a­tions and recruit­ment processes for job profiles suited to our needs

 

Compli­ance with certain legal oblig­a­tions, partic­u­larly those that are labour-related

 

Your consent to keep your job applic­a­tion on file

For the dura­tion of the recruit­ment process, if neces­sary exten­ded by 2 years after obtain­ing your consent

 

During the period of employ­ment if data was collec­ted for recruit­ment purposes

 

5

To manage and select applic­a­tions and parti­cip­a­tions of eligible candid­ates in the “Artis­ans Guild” compet­i­tion

Perform­ance of our contrac­tual rela­tion­ship

 

Our legit­im­ate interest in managing the applic­a­tions and parti­cip­a­tions of eligible candid­ates in the “Artis­ans Guild” compet­i­tion.

For unsuc­cess­ful candid­ates: during the candid­ate selec­tion process.

 

For eligible candid­ates: during the “Artis­ans Guild” compet­i­tion

6

To process your diet­ary pref­er­ence requests, in order to be able to adapt our services accord­ingly

To enter into a contract, and to manage our contrac­tual rela­tion­ship with you

Your consent to the processing of your diet­ary pref­er­ences in order to be able to adapt our services accord­ingly.

During the period our services are performed

7

Conduct­ing surveys

Our legit­im­ate interest in improv­ing the qual­ity and oper­a­tional excel­lence of the services we provide you with

Up to 12 months after the last contact with you

8

To person­al­ise and improve your exper­i­ence on our Portal

Our legit­im­ate interest in improv­ing the qual­ity and oper­a­tional excel­lence of the services we provide you with

Up to 12 months after the last contact with you

9

To keep data on your receipts and/or invoices for tax and account­ing purposes

Compli­ance with certain legal oblig­a­tions

Up to 10 years

 

HOW LONG WILL MY PERSONAL DATA BE KEPT? 

We will keep your Personal Data only for as long as is neces­sary to fulfil the purposes for which it is collec­ted and processed (see table above). 

At the end of this period, strictly relev­ant data may be kept (i) as evid­ence (in the event of a dispute or inspec­tion by author­ised bodies), (ii) to comply with stat­utory or regu­lat­ory reten­tion peri­ods, and/or (iii) to comply with a contrac­tual oblig­a­tion towards our custom­ers.

 

DISCLOS­URE OF PERSONAL DATA

The secur­ity and confid­en­ti­al­ity of your Personal Data is partic­u­larly import­ant to us. This is why access to your Personal Data is restric­ted only to members of our staff who need to have this inform­a­tion in order to process your request or provide the reques­ted service.

We will not disclose your Personal Data to any unau­thor­ised third parties. However we may share your data with:

  • staff of Sodexo Group entit­ies author­ised to manage services
  • our clients, includ­ing your employer when perform­ing a contrac­tual oblig­a­tion and/or public service oblig­a­tion
  • the staff of subcon­tract­ors that Sodexo Group may call on to manage services (e.g. tech­nical service providers for host­ing and main­ten­ance, consult­ants, etc.)
  • Sodexo Group part­ners and/or entit­ies author­ised to provide certain services offered on the Portal
  • staff of organ­isa­tions author­ised by Sodexo Group or by law to manage services (e.g. French Family Allow­ances Fund, schools, etc.)

We ensure that these recip­i­ents apply proper secur­ity and confid­en­ti­al­ity meas­ures so that your Personal Data is protec­ted. 

We do not allow these recip­i­ents to use or disclose your Personal Data except to the extent neces­sary to perform services on our behalf or to comply with legal oblig­a­tions. Further­more, we may share your Personal Data (i) if the law or legal proceed­ings require us to do so, (ii) in response to a request from public author­it­ies or other govern­ment admin­is­tra­tions, or (iii) if we consider that disclos­ure of such data is neces­sary or appro­pri­ate to protect the safety of indi­vidu­als or the public, and to protect our rights and prop­erty and those of our clients.

 

SENS­IT­IVE PERSONAL DATA

Gener­ally speak­ing, we do not collect sens­it­ive Personal Data through our Portal. “Sens­it­ive personal data” means any inform­a­tion reveal­ing a natural person’s racial or ethnic origins, polit­ical opin­ions, reli­gious or philo­soph­ical beliefs, trade union member­ship, and data concern­ing health, sex life, or sexual orient­a­tion. This defin­i­tion also includes Personal Data relat­ing to crim­inal convic­tions and offences.

Should it be strictly neces­sary to collect such data in order to fulfil the purpose of processing, we will do so accord­ing to local stat­utory require­ments for the protec­tion of personal data and, in partic­u­lar, with your prior expli­cit consent and under the terms and condi­tions set out in this Privacy Policy. 

 

PERSONAL DATA AND MINORS

The Portal is inten­ded for adults who are capable of enter­ing into oblig­a­tions in accord­ance with the legis­la­tion of the coun­try in which they are located.

In France, a minor (i.e. a user under 15 years of age) or any legally incap­able user must obtain prior consent from their legal guard­ian before enter­ing personal data on the Portal.

 

TRANS­FERS OF PERSONAL DATA

Due to the inter­na­tional nature of Sodexo Group, your Personal Data may be trans­ferred to recip­i­ents inside or outside the company who are author­ised to perform services on our behalf and who may be located in coun­tries outside the European Union or the European Economic Area where an adequate level of protec­tion for Personal Data is not provided. 

In order to guar­an­tee the secur­ity and confid­en­ti­al­ity of Personal Data trans­ferred in this way, we take all steps neces­sary to ensure that this data is adequately protec­ted, such as sign­ing the European Commis­sion’s Stand­ard Contrac­tual Clauses or any other mech­an­ism ensur­ing an equi­val­ent level of protec­tion.

 

YOUR RIGHTS

Sodexo under­takes to facil­it­ate the exer­cise of your rights pursu­ant to applic­able regu­la­tions. Below is a table summar­ising the vari­ous rights you have:

 

RIGHT OF ACCESS AND RECTI­FIC­A­TION

You may request access to the Personal Data we hold about you. You may also request that inac­cur­ate Personal Data be correc­ted, or that incom­plete Personal Data be completed.

 

You also have the right to know the source of this Personal Data.

RIGHT TO ERAS­URE

Your right to be forgot­ten entitles you to request the eras­ure of your Personal Data when:

  1. said personal data is no longer neces­sary in rela­tion to the purposes for which it was collec­ted or other­wise processed
  2. you decide to with­draw your consent (in cases where your consent has been collec­ted as the legal basis for processing). This with­drawal of consent does not affect the lawful­ness of processing before its imple­ment­a­tion
  3. you object to the processing of your Personal Data
  4. your Personal Data has been unlaw­fully processed
  5. your Personal Data has to be erased for compli­ance with a legal oblig­a­tion; or
  6. eras­ure is required to ensure compli­ance with applic­able legis­la­tion

RIGHT TO RESTRIC­TION OF PROCESSING

You may also request a restric­tion on the processing of your Personal Data if:

  1. you contest the accur­acy of your Personal Data
  2. we no longer need your Personal Data for the purposes of processing; and
  3. you have objec­ted to processing of your Personal Data on legit­im­ate grounds

RIGHT TO DATA PORT­AB­IL­ITY

Where appro­pri­ate, you may ask us to provide you with your Personal Data in a struc­tured, commonly used and machine-read­able format, or you may ask us to trans­mit your Personal Data directly to another control­ler provided that:

  1. the processing is based on your consent or on an exist­ing contrac­tual rela­tion­ship; and
  2. that it is carried out by auto­mated means.

You also have the right to have your Personal Data trans­mit­ted directly to a third party of your choice (where tech­nic­ally feas­ible).

 

RIGHT TO OBJECT

You have the right to object (“opt out”) to processing of your Personal Data (includ­ing profil­ing or market­ing commu­nic­a­tions). If we process your Personal Data with your consent, you may with­draw your consent at any time.

 

At any time you may also request that we stop send­ing you advert­ise­ments or market­ing mater­ial simply by contact­ing us directly and free of charge, or by using the “unsub­scribe” link included in any market­ing mater­ial we may email you, or by email­ing the address below. This objec­tion is without preju­dice to the legal­ity of messages sent prior to its applic­a­tion.

 

Pursu­ant to Article L. 223–2 of the French Consumer Code, the user is informed of their right to register free of charge on the list of oppos­i­tion to tele­phone canvassing(www.bloctel.gouv.fr).

RIGHT NOT TO BE SUBJECT TO AUTO­MATED DECISION-MAKING

 

You have the right not to be subject to a decision based solely on auto­mated processing, includ­ing profil­ing, which produces legal effects concern­ing you or similar signi­fic­antly affects you.

RIGHT TO ISSUE ADVANCE DIRECT­IVES
ON THE PROCESSING OF YOUR PERSONAL DATA AFTER YOUR DEATH

In accord­ance with French law on the protec­tion of personal data, you may also issue direct­ives on how to exer­cise the rights set out in this section after your death, (in partic­u­lar rights relat­ing to reten­tion, dele­tion and/or commu­nic­a­tion), and you may appoint a person respons­ible for the exer­cise of these rights.

RIGHT TO FILE A COMPLAINT

You may choose to file a complaint with the French Data Protec­tion Author­ity (“Commis­sion Nationale de l’In­form­atique et des Liber­tés”) via the follow­ing link: www.cnil.fr.

You also have the right to take legal action before the courts of the coun­try in which the Sodexo entity has a place of busi­ness, or in the coun­try where you usually reside.

 

To exer­cise these rights, you can fill in this online form. We may ask you for addi­tional inform­a­tion in order to identify you and be able to process your request. 

 

SECUR­ITY 

We take all tech­nical and organ­isa­tional meas­ures to ensure the secur­ity and confid­en­ti­al­ity of the Personal Data processed.

In this regard, and in view of the nature of the Personal Data and the risks presen­ted by processing, we take all neces­sary precau­tions in order to preserve data secur­ity and, in partic­u­lar, to prevent it from being distor­ted, damaged or accessed by unau­thor­ised third parties (through phys­ical protec­tion of premises, authen­tic­a­tion proced­ures with personal and secure access by means of confid­en­tial logins and pass­words, logging of connec­tions, encrypt­ing certain data, etc.).

 

CUSTOMER RELA­TION­SHIP MANAGE­MENT (“CRM”) DATA­BASES

We use a data­base to manage, monitor, and develop our busi­ness rela­tion­ships with our exist­ing and/or poten­tial custom­ers. This data­base includes the Personal Data of clients’ employ­ees or of other part­ners with whom we have a busi­ness rela­tion­ship or with whom we would like to estab­lish such a rela­tion­ship. This data, used solely for these purposes, includes contact details (first name and surname, profes­sional tele­phone number and email address, etc.), publicly avail­able inform­a­tion, answers to targeted emails, and other inform­a­tion collec­ted and recor­ded by our employ­ees in the course of inter­ac­tions with our custom­ers and/or part­ners.

This data­base may be shared with subsi­di­ar­ies and/or other busi­ness part­ners of Sodexo Group with whom we already have or would like to develop a busi­ness rela­tion­ship. It will only be used by subsi­di­ar­ies or part­ners to send messages to our exist­ing and/or poten­tial custom­ers or to offer the latter services related to their busi­ness. Any indi­vidual whose contact details are subject to such a trans­fer may ask said recip­i­ents to remove them from their CRM data­base. If you wish to be removed from our CRM data­bases, please fill in our Request Form.

 

LINKS TO OTHER WEBSITES 

For your inform­a­tion and conveni­ence we occa­sion­ally provide links to other websites. These websites are mostly Sodexo Group websites, but some of them oper­ate inde­pend­ently and are not under our control. These third-party websites may have their own privacy policies or terms and condi­tions of use, which we strongly suggest you consult. We are in no way respons­ible for the content of these websites, for the products and services that may be offered thereon, or for any other use.

 

UPDATES TO OUR PRIVACY POLICY

From time to time, if our Services or legal oblig­a­tions change signi­fic­antly we may update or amend this policy. Should we make any substan­tial changes, we will post a notice on our Portal when the changes take effect. Please visit this page regu­larly for updates on any such changes to the policy.

If you have any ques­tions or comments about this policy, please contact us at dpo.oss.fr@s­o­dexo.com.

 

Last updated: AUGUST 2021