Data protection policy

1 – Preamble

The data protection policy, described in this document, applies to the website www.symbiosys.com (hereinafter referred to as “the Website”). Its purpose is to inform the user of the Website (hereinafter referred to as “the User”) of the processing carried out by BIOCODEX SAS (hereinafter referred to as “BIOCODEX”) on the data concerning him, the rights he has over his data and how he can exercise these rights.

2 – General provisions

The following provisions apply to all processing of personal data by BIOCODEX on the Site, unless otherwise specified in the specific provisions.

Legal framework

BIOCODEX, as controller, declares that it processes personal data on the Website, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (the GDPR) and French Law No 78-17 of 6 January 1978 on data processing, files and freedoms (the amended “Informatique et Libertés” law).

BIOCODEX, in its compliance process, has appointed a Data Protection Officer (DPO) to the Commission Nationale de l’Informatique et des Libertés (CNIL), the French data protection authority. This designation, with reference to DPO-3068, took effect on 25/05/2018.

Data controller

The data controller is identified as follows:

BIOCODEX, a simplified joint stock company under French law with a share capital of €4,284,000, registered in the Trade and Companies Register under No. 562 064 600 R.C.S. CRETEIL, with its registered office at 7 avenue Gallieni – 94250 GENTILLY – France, represented by Mr Jean-Marie LEFEVRE, duly authorised in his capacity as Chairman and CEO.

Website: www.biocodex.fr
Telephone: +33 (0) 1 41 24 30 00

Rights of the User on his data

In accordance with the GDPR and the amended “Informatique et Libertés” law, the User has a right of access, rectification, deletion, portability on data concerning him, limitation, opposition to the processing of his data, to file a complaint with the CNIL.

To exercise his rights or for any question relating to the processing of his data by BIOCODEX, the User must contact the BIOCODEX DPO, using the contact form on the Website or by post:

DPO BIOCODEX
7 avenue Gallieni
94250 GENTILLY
France

Security of personal data

BIOCODEX takes all necessary precautions to preserve the security of the User’s personal data and aims in particular to prevent it from being distorted or damaged, or from unauthorised third parties having access to it.

BIOCODEX uses the HTTPS protocol on the Website. This security mechanism allows the User to verify the identity of the website he or she is accessing, thanks to an authentication certificate issued by a third party authority known for its reliability. It also guarantees the confidentiality and integrity of the data sent by the User, such as the information

3 – Specific provisions

The following provisions are specific to each processing of personal data carried out by BIOCODEX on the Site. In particular, they detail:

  • the purpose of the processing operation
  • its legal basis
  • the persons concerned
  • the personal data processed
  • their shelf life
  • the recipients of the data

Contact form

Purpose of the processing operation

The contact form on the Website allows the User to contact BIOCODEX electronically. This processing of personal data allows BIOCODEX to:

  • receive the messages addressed to him/her;
  • follow correspondence with the User;
  • comply with its health vigilance obligations.

The legal basis of the processing operation is the legitimate interests pursued by BIOCODEX in its relationship with the User.

If the communication is part of the health vigilance framework, the User’s data are subject to further processing specifically provided for this framework.

The processing does not provide for automated decision-making (profiling).

Persons concerned

The processing concerns any User wishing to contact BIOCODEX electronically.

Data processed

  • subject and body of the message;
  • e-mail address.

These data are mandatory for the processing operation.
They are kept for the duration of the correspondence. However, if the communication is part of health surveillance, their storage period shall be defined in the subsequent treatment specifically provided for that purpose.

Data recipients

Persons authorized by BIOCODEX:

  • responsible for processing correspondence related to the Website
  • responsible for the maintenance of the Website
  • assigned to the management of health vigilance
    External :
  • communication agency associated with the Site

No data transfers are made outside the European Union.

Subscription to the newsletter

Purpose of the processing operation

BIOCODEX allows the User to subscribe to the Website’s newsletter, in order to be informed of current events on SYMBIOSYS®. This processing of personal data allows BIOCODEX to:

  • subscription management;
  • the development of service-related statistics.

The legal basis for the processing operation is the consent of the person concerned.

The User may unsubscribe (withdraw his consent) via the unsubscribe link in the newsletter he has received.

The processing does not provide for automated decision-making (profiling).

Persons concerned

The processing concerns any User wishing to receive the newsletter on the e-mail address he has provided.

Data processed

  • E-mail address.

The e-mail address is mandatory for the processing to be carried out. It is kept as long as the User does not unsubscribe from the newsletter.

Data recipients

Persons authorized by BIOCODEX:

  • responsible for processing the Site’s newsletter
  • responsible for the maintenance of the Site
    External :
  • communication agency associated with the Site

No data transfers are made outside the European Union.

Cookie management

The management of cookies is a special processing of personal data, described in the cookie policy on the Website.