Privacy Policy

Privacy policy

Effective as of 19/09/2024.

We highly value your privacy and the protection of your personal data.

This policy informs you on how your data is collected and used when you access the site at yusto-super-levure.com (the “Site”) and/or in any interactions with our Company, in compliance with the “Informatique et Libertés” Law No. 78-17 of January 6, 1978, and the European regulations established by the General Data Protection Regulation 2016/679 of April 27, 2016 (“GDPR”).

 

Protection of your personal data

Data controller and recipients of personal data

The personal data collected (“Data”) through use of the Site, fulfillment of product and/or service orders shown on or off the Site, and more generally, any interactions with our Company, is processed by Arbiom SAS, with its registered office located at 8 rue de la Michodière 75002 Paris, FRANCE, as the data controller (“Data Controller”).

“Data” includes any information related to an identifiable individual, directly or indirectly, especially by reference to an identifier such as a name, ID number, location data, or online identifier.

Depending on the purpose of processing, the collected Data is intended for use by the Data Controller and is accessible to support services (purchasing/sales administration, commerce, logistics, HR, IT, accounting, and marketing) of the Data Controller. It is also made available to the following service providers (“subcontractors” or “third-party recipients” as defined by regulations) for the sole purpose of their mission:

  • Technical service providers: communications agencies, Site hosting companies (see CGU and legal notices);
  • Financial/accounting service providers: auditors;
  • Logistics providers: carriers;
  • Banking providers (see CGV);
  • Customer service providers: suppliers of CRM and support software.

Access is strictly governed by security policies in place to ensure human intervention on the Data remains minimal. The Data Controller may disclose your Data to third parties when such disclosure is authorized and required by law or court order or is necessary to protect and defend its rights.

Outside of these cases, your Data will not be transferred or made available to any third party without your prior consent.

The Data Controller does not transfer your Data outside the EEA (European Economic Area). If a transfer outside the EEA is required, it will be subject to appropriate safeguards, such as the European Commission’s standard contractual clauses.

 

Purposes of personal data collection

The following types of Data are processed:

  • Identification data (name, first name, the name of the company you work for, position, relationships with anyone within the Company);
  • Connection data;
  • Location data (postal address);
  • Payment data;
  • Transaction data;
  • Data related to managing contests and any promotional activities;
  • Any other information you provide to contact our Company or request products and/or services.

The Data will be used differently depending on why you have visited the Site:

  • Based on your consent, which you may withdraw at any time without affecting the legality of the initial use of your Data (see below, Article 3 “Your Rights”):
    • For the sending of newsletters without a prior order;
    • For processing and responding to requests, which may lead to a contractual agreement (request for information);
  • For fulfilling business relationships and particularly the contract for sale or service provision you have entered into or the provision of products (customer account creation, order fulfillment, invoicing, contract tracking, delivery, after-sales service and complaints, satisfaction surveys, management of customer or supplier files, handling of outstanding payments and disputes);
  • For meeting legal, accounting, and tax obligations (such as keeping accounting records, handling correction and opposition requests, maintaining an opt-out list for advertising purposes), or for establishing, exercising, and defending legal claims.
  • Unless you object, and within the limits of your interests and rights, for the legitimate needs of the Data Controller, particularly:
    • Prospecting, client relationship management, and client loyalty programs (involving the sending of commercial messages or news about products, services, and offers on or off the Site);
    • Creation of client accounts, by conducting any necessary due diligence to protect the interests of the Data Controller and prevent conflicts of interest;
    • Optimizing the Site (analyzing browsing paths, identifying massive connections, determining search trends to better adjust offers to demand);
    • Soliciting to grow business activity;
    • Managing reviews of products, services, or content to improve the offerings on or off the Site;
    • Personalizing the client experience on the Site;
    • Compiling statistics (particularly for business analysis) to evaluate business activities;
    • Managing prospect lists to grow business activity;
    • Conducting satisfaction surveys;
    • Combatting payment fraud.

About Cookies

Various cookies are used on the Site to improve the interaction between you, the Site, and the services offered.

For more information, please see the Cookie Policy.

 

Your data rights 

Individuals whose Data is processed by the Data Controller have rights to access and correct inaccurate Data about themselves, and, within the cases and limits defined by regulations, to object, delete certain Data, withdraw consent, restrict usage, define their wishes for Data post-mortem, or request portability to transmit Data to a third party.

To exercise your rights, simply use our contact form and provide any necessary documentation to confirm your identity and request.

 

Data retention periods

Your Data will be kept only as long as necessary for the purposes for which it was collected, specifically:

  • For a period of 3 years following the last contact, then stored in intermediate archives for the applicable legal limitation period (5 years) for all Data, except for banking data and cookies (see below);
  • As needed for the transaction in the case of bank card payments, then for 13 or 15 months in intermediate storage from the debit date, depending on card type. With your consent, which you may withdraw at any time, the Data may be stored for future purchases;
  • For a period of 13 months from the date of creation for cookies.

At the end of these periods, Data will be deleted from active databases and, if necessary, archived only for the applicable statutory retention periods or regulatory obligations. Once these deadlines have passed, Data will be destroyed.

 

Contacting the data protection officer 

For further information or any concerns regarding your Data, you may contact the Data Protection Officer at dpo@arbiom.com.

In the event of unresolved issues or to submit a complaint regarding Data processing, you may contact the CNIL electronically.

 

Regarding HR data protection (collection for a spontaneous application or response to a job offer))

We are committed to privacy and data protection, in line with applicable laws and our ethical and compliance standards.

Your Data is processed based on your consent. By submitting an application, you authorize the Data Controller to process and collect your Data.

All Data will be processed for recruitment purposes, particularly to assess the suitability of your experiences and qualifications for available positions at the time of submission.

With your consent, beyond the duration required to review your application, your Data may be retained within the Data Controller’s candidate pool and those of its affiliates for sending alerts for a maximum period defined below.

The collected information is stored within the European Union and will not be transferred outside the EU without your consent. Only individuals involved in recruitment processes (recruitment team, HR, management, and senior staff) will access your Data.

Your Data will be stored, in active and intermediate archives, for a maximum period of 2 years from your application or until you request the Data Controller to delete it.

In accordance with applicable national and European laws, you have rights to access your Data, request correction, deletion, or portability, request restriction of Data processing, and withdraw your consent. You may also object to alerts sent to you by email at any time.

To exercise your rights or for any additional information, contact the Data Protection Officer at dpo@arbiom.com.

In case of unresolved issues or to file a complaint regarding Data processing, you may contact the CNIL electronically.

Ensure that documents submitted with your application (entered information or attached documents) do not contain any sensitive information.

Sensitive information includes, directly or indirectly, any details on ethnicity or supposed race, sexual orientation or life, political, religious, or philosophical opinions, health status, union or mutualistic activity, criminal convictions, or Social Security numbers.

V_2024.10