Data privacy

generix_data_privacy

DATA PRIVACY

Generix Group (below “Generix”) may, during the course of its activities, process your personal data.

Generix undertakes to ensure that the collection and processing of said personal data, from the website www.generixgroup.com and/or as part of customers’ use of Generix solutions, is carried out in accordance with the general data protection regulation (GDPR), the French Data Protection Act No. 78-17 of 6 January 1978 on information technology, data files and civil liberties, in its current version, and the recommendations issued by the French Data Protection Authority (CNIL).

This policy provides you with information on the way in which your personal data is processed by Generix. It is regularly updated to take into account legislative and regulatory changes and any change in Generix’s organisation. This policy was updated on 9 August 2019.

 

Generix may be required to occasionally change this privacy policy. Generix recommends that you regularly view this page to check for any changes or updates made to our privacy policy.

In order to protect your privacy and personal data in the most effective way, Generix has appointed a Data Protection Officer (DPO). This person, who is the main point of contact of the supervisory authority, has the task of ensuring that Generix processes your data in accordance with regulations. You can contact Generix’s Data Protection Officer at the following address: dpo@generixgroup.com

 

1. Commitments of Generix

In general, Generix undertakes to comply with applicable regulations for all processing of personal data that it carries out. Therefore, Generix undertakes in particular to observe the following principles:
 

  • Generix shall process your personal data lawfully, fairly and transparently;
  • Generix shall collect your personal data for specified, explicit and legitimate purposes and will not process it in a manner that is incompatible with these purposes;
  • Generix shall ensure that the personal data processed is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
  • Generix will process your personal data in a manner that ensures an appropriate level of security for this data;
  • each processing operation will be carried out taking into account the principles of data protection in order to meet the principle of data protection by design;
  • Generix undertakes to secure and protect your personal data. To this end, Generix only works with trusted partners;
  • Generix will observe your rights as a data subject and will make every effort to fulfil your requests when these are founded.

2. Commitments of Generix in its capacity of controller

When acting in the capacity of controller, Generix is responsible for the personal data that you provide. 

  • Each paper or digital form that you complete limits the collection of personal data to what is strictly necessary and sets out:
  1. * what the objectives are of collecting this data (purpose);
  2. * if this data is mandatory or optional for managing your request; 
  3. * who may read it; 
  4. * your data protection rights and how to exercise them with Generix.
  • The personal information collected via our forms (contact, document downloads, etc.) is only intended for Generix; it will not be the subject of external communications except solely for management purposes or to meet legal and regulatory obligations.
  • The personal data collected by Generix is processed according to secure protocols. Therefore, Generix takes all adequate measures to protect the privacy of your personal data. However, Generix cannot ensure the privacy of messages that you may send via an open telecommunications network.
  • As an international group, the personal data collected may be accessed by each entity and subsidiary belonging to Generix Group in accordance with European regulations on the protection of personal data.
  • The personal data that Generix may collect includes: 
  1. - identifying data, such as your first name and surname, address, phone number and email address;
  2. - applicant data, such as your CV, qualifications and professional experience if you wish to apply for a position with Generix;
  3. - professional data, such as your qualifications and skills, work phone number and email, and position if you are a supplier, service provider or partner of Generix.
  • The processing of personal data carried out by Generix shall have an explicit, legitimate and specified purpose. Your personal data may for example be processed for the following purposes:

* If you are a customer or prospective customer, Generix may process your personal data for the following purposes:

o    prospecting and organisation;
o    managing our relationship with you;
o    organisation, registration and invitation to Generix events;
o    producing, managing and monitoring your files;
o    recovery;
o    invoicing;
o    accounting.

* If you apply for a position with Generix, Generix may process your data in order to manage your application.

* If you are subscribed to one of Generix’s newsletters, Generix may also process your personal data in order to send you this newsletter by email.

* If you are a supplier, service provider or partner of Generix, Generix may process your data to manage its relationship with you.

  • The personal data collected is stored for the period necessary to achieve the purpose for which it has been collected or to meet legal or contractual obligations or for the entire duration of the relationship between you and Generix.
  • The legal basis for the collection and use of your personal data depends on the personal data collected and the context in which we collect it. The legal basis for processing your personal data is based on reasons such as:

* the performance of a contract between you and Generix;
* your consent;
* processing is necessary to comply with laws and regulations;
* the commercial interest of Generix. This legitimate interest enables us, among other things, to inform you as a professional about our solutions in which you have expressed an interest on our site or to carry out direct marketing actions. This processing is implemented taking into account your interests and fundamental rights. 

  • The Generix website contains links to social networks (Facebook, LinkedIn and Twitter). To this end, Generix may collect and use the personal data of members of the social network concerned registered as members, friends or followers in order to contact them on the social network used and/or send them information. Members of the social network concerned may object at any time to such use by contacting the point of contact below.
  • Generix informs you that you have a right of access to and a right to rectification, portability, erasure or restriction of processing of your personal information. In addition, you have a right to object for legitimate reasons to the processing of your personal data. You also have the right to define guidelines regarding the future of your personal data in the event of your death (Law for a Digital Republic). Any request will be reviewed by Generix and must be made in writing, signed by the requesting individual, include the address to which the response must be sent and be accompanied by proof of identity.

You have the right to lodge a complaint with a supervisory authority.


For any further information or to exercise your data protection rights regarding the processing of personal data managed by Generix, you may contact its Data Protection Officer (DPO): dpo@generixgroup.com or send a letter to the following address

Generix Group
A l’attention du DPO
8 rue Simone Iff
75012 Paris
 

  • Generix also informs you that you have the right to manage your email communication preferences via the preference centre.
  • Finally, Generix informs you that as part of the running of the website, Generix uses various cookies to improve the interactivity of the site and its services. The conditions of use of the cookies are set out in the following link: https://www.generixgroup.com/fr/informations-legales
  • The Generix Group website has been declared to CNIL under number 792366.

3. Commitments of Generix in its capacity of processor

Generix, in its capacity of editor, offers its customers (the controllers), several SAAS services through which said customers collect, analyse, share or process your personal data using our solutions and services.

In using the solutions, Generix acts on instructions from the customer in the capacity of processor, on the basis of the contract signed between Generix Group and its customer as part of a B2B commercial relationship.

In using the solutions, Generix’s customer may process or ask us to process your personal data for the following purposes:

o    Supply Chain Execution:
storage management, delivery/returns, preparation, packing, shipping, scheduling, freighting, organisation and invoicing of transport, document management and statistics.
o    B2B Integration:
management of customer / supplier data flows => invoicing, file transfers and inter-application exchanges (EAI, ESB).
o    Omnichannel Sales:
management of customer loyalty => management of customer databases, management of loyalty programmes and targeted marketing.

In order to pursue these purposes, the following personal data may be collected: surname, first name, work phone number, work email, name and contact details of recipients, nationality, language spoken, registration plate and date of birth.

When our solutions are used, the processing operations carried out by the controller may include the following:

o    Supply Chain Execution:
Generation of the delivery address and packing file for the carrier, notification to the sales department or other external systems via outgoing exchanges, data analysis for the organisation and management or preparation of the order, packing and shipping, authorisation of connection to the system and various system processes, tracing of operators’ connection to the system as well as operations carried out via radiofrequency or voice terminals.
o    B2B Integration:
Control of data flows related to the B2B process, tax-compliant e-invoicing and archiving (the digitisation is carried out by Generix Group as the processor via a contractual mandate), benefit from interoperability standards for exchanges with commercial partners.
o    Omnichannel Sales:
Recording and amendment of end customer data in the database, data import, extraction, export, data display, adjustment of the number of loyalty points.

The processing operations entrusted to Generix Group by the controller may be as follows: collection, hosting, storage, maintenance, support, recording, access, disclosure by transmission, erasure and destruction.

The data collected is processed in the European Economic Area or in countries with an adequate level of protection or with the implementation of appropriate guarantees, and is secured. When you use our solutions, technical cookies may be stored in order to improve the effectiveness of our solutions and only for the time necessary to deliver services to the Customer (controller), it being stated that the data cannot be exploited by Generix.

If you would like more detailed information, please contact directly the customer concerned (controller).

As we can only access the data of a customer upon its instruction, if you wish to exercise your rights in accordance with applicable data protection laws (access, rectification, objection, erasure and portability), please contact the controller (Generix Group customer) directly.