Data Protection
Policy
Citalid (“Citalid”, or “we”) is very attentive to the protection of the privacy and personal data of users (the “User” or “you”) of its Website https://citalid.com (the “Website”). In this respect, Citalid ensures that privacy is respected and undertakes to protect personal data in accordance with the applicable regulations, and in particular European Regulation 2016/679 of 27 April 2016 (the “GDPR”) and French Act no. 78-17 of 6 January 1978 known as the Data Protection Act (together the “Applicable Regulations”).
The purpose of this data protection policy (hereinafter, the “Policy”) is to present to you in a clear and transparent manner the way in which Citalid processes your personal data and ensures that your rights in this regard are respected.
1. In what situations do we process your personal data?
Citalid may collect and process personal data:
- when you fill in the contact form to contact us, in particular to benefit from a demonstration of Citalid products and services;
- when you subscribe to the Citalid newsletter;
- when you wish to join our team by sending us your application; or
- when you browse the Website.
2. Why do we process your personal data and on what legal basis?
The table below sets out in detail, according to the different situations referred to in Article 1 above, the uses to which your data is put and the legal basis on which we process your data.
| Why do we process your data? (purposes of processing) | What types of data can we process? | What is the legal basis for this processing? | |
|---|---|---|---|
| When you fill in the contact form | To contact you again in order to offer you a demonstration of Citalid products and services and to provide you with further information relating to them. | – surname, first name; – if applicable, company and position; – e-mail address; | Citalid’s legitimate interest in satisfying your queries and ensuring its external communication. |
| When you subscribe to the Citalid newsletter | To keep you informed of Citalid’s activities, products and services. | ||
| When you apply to join Citalid | To examine your application and evaluate your professional skills in relation to Citalid’s needs. | – identification and contact data (surname, first name, email address, address, telephone number); – CV and educational and professional background; – cover letter; – areas of interest; – information collected during recruitment interviews; and – any information you voluntarily provide during the recruitment process. | When we consider your application and contact you as part of a recruitment process, the processing of your data is based on our legitimate interest to optimise our recruitment process. |
| For needs related to the recruitment process, including contacting you and scheduling interviews. To keep your application file and to contact you when new recruitment opportunities arise that may interest you | |||
| When you browse our Website, Citalid may collect personal data relating to your browsing, for example your IP address, connection data, geographical area, etc., by means of cookies or similar technologies deposited on your terminal device. For more information on the purposes of these cookies and similar technologies and your rights in relation to them, please refer to our Cookie Policy[link to be inserted]. | |||
3. How long do we keep your data?
Citalid retains your personal data for the time necessary to meet the purposes for which this data is collected, as described in the table above. Depending on the different purposes, the following retention periods are applicable:
- For contact requests: your personal data is kept until your request has been processed (and in accordance with the statute of limitations applicable in the event of litigation);
- For newsletters, your personal data is kept for the duration of your subscription to these communications.
- When you apply to join Citalid:
- if your application is successful and you join our teams, your personal data will be kept for the duration of your presence within Citalid and for the applicable prescription period, as may be provided for in your employment contract;
- if your application is not successful, your personal data necessary for recruitment will be kept for 2 years from our last contact.
- When you browse our Website: any data we may collect, including cookies, is kept for no longer than 13 months.
4. Who can access your personal data?
Your personal data is processed by Citalid and is accessible to our internal teams responsible for processing this data for the purposes mentioned above.
In addition, we only share your data with :
- public authorities, where Citalid is required to disclose some of your data in accordance with the Applicable Regulations;
- service providers, including IT, hosting, maintenance, or database management service providers, that we engage to process data on our behalf and who are subject to the same security and confidentiality obligations as Citalid; and
- in the context of a merger or acquisition of all or part of Citalid by a third party.
Citalid may also share your data to comply with its legal obligations, to prevent, detect, investigate and take action against any potentially prohibited and illegal activities, any situation that threatens the safety or any other rights and interests of Users, Citalid or any individual and any violation of its general terms of use.
5. Transfer of personal data outside the European Union
Your personal data is processed by Citalid within a Member State of the European Economic Area (EEA).
Citalid does not transfer your personal data to any entity outside the EEA.
6. What are your rights?
You have the following rights:
- The right of access: you have the right to obtain (i) confirmation as to whether or not data relating to you is being processed and, if it is, to obtain (ii) access to and a copy of that data.
- The right of rectification: you have the right to obtain the rectification of your data that are inaccurate. You also have the right to have your incomplete data completed, including by providing an additional declaration.
- The right to erasure: in some cases you have the right to have your data erased. This right is not, however, an absolute right and Citalid may have legal or legitimate reasons to retain the said data.
- The right to restrict processing: in certain cases you have the right to have the processing of your data restricted.
- The right to portability: you have the right to receive the data you have provided to Citalid in a structured, commonly used and machine-readable format, and you have the right to transmit this data to another data controller without Citalid’s interference. This right only applies where the processing of your data is based on your consent or on the performance of a contract and where such processing is carried out by automated means.
- The right to object: you have the right to object at any time, on grounds relating to your particular situation, to the processing of your data where such processing is based on the legitimate interests of Citalid. However, Citalid may invoke legitimate and compelling reasons requiring the continuation of the processing. Where your data is processed for the purpose of canvassing, you have the right to object to the processing of such data at any time.
- The right to lodge a complaint with a supervisory authority: you have the right to contact the CNIL in order to lodge a complaint regarding Citalid’s personal data protection practices.
- The right to transmit instructions concerning the use of your Data after your death: you have the right to give Citalid instructions concerning the use of your data after your death.
To exercise these rights, you can send a request by email to privacy[a]citalid.com.
7. Changes to this Policy
If we decide to change this Policy, we will post the changes on this page and/or update the Policy change date below. In the event of a substantial change, we will inform you by any means deemed appropriate.