The processing of your personal data by Multitanks International is subject to the General Data Protection Regulation (GDPR) of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data and the free movement of such data. The regulation entered into force on 24 May 2016 and is applicable from 25 May 2018.

Since the beginning of its existence, our company has managed the personal data of its customers in a reasonable manner, justified by the administrative and commercial purposes of its activities, for limited periods of time. Our company has put in place procedures for the protection of databases and personal data itself.

Our goal is to continue to do this so that you can continue to trust us to manage your personal data with respect and control.

What personal data are we talking about? This is personal data concerning you and which is collected by Multitanks , referred to as the "data controller" of personal data.

We also use cookies on our website. To find out more about this, see our Cookie Policy.

What personal data do we hold and from what sources does it come?

Our privacy policy is based on our relationship with you, in particular when:

- You purchase a physical good or service from our website

- You participate in a competition or other special commercial operation:

- You visit our site

- You register and/or log in to our site

- You contact our customer service;

- You subscribe to our newsletters;

In particular, the following data is collected and processed: your surname, first name, customer account number, postal delivery address, IP address, email address.

You may be asked to consent to other purposes of using your personal data to receive further information from us or our business partners.

When you use a social media feature on our website, and post on these social networks, the relevant social network will provide us with personal data about you.

If we were to collect personal data relating to or concerning minors under the age of 16, we can only validate it with the consent of the person with parental authority.

Why do we use your personal data?

Multitanks only uses your personal data in the cases provided for in the regulation, i.e.:

- When you have consented to the processing of your data for one or more purposes

- In connection with the fulfilment of an order you have concluded with us

- When the processing is necessary for compliance with a legal obligation

- Where there is a legitimate interest in using your data. Legitimate interest is a set of business reasons that justify the Company's use of your data. To pursue our legitimate business interests, your personal data is required:

o Market research and analysis to improve and personalise our products and services;

o commercial prospecting;

o to prevent or detect any fraud, crime or misdemeanor, or any unlawful behaviour in the use of our networks, physical or digital services and to ensure the security of our operations and those of our Partners, Recipients or Subcontractors;

o to protect our intellectual property rights (trademarks, content, etc.) or those of our Partners, Recipients or Subcontractors;

o create your profile (without the use of personal data necessarily) to help us personalise our services for you.

Do we share your personal data? With whom and why?

We may share your personal data, within Multitanks, with an event, competition, commercial or non-commercial action partner, as well as other third parties associated with a sale or service provided. In accordance with the General Data Protection Regulation, all such sharing may only take place with your consent and provided that each partner (referred to as the "Recipient" or "Subcontractor") enters into an agreement with us and that it provides for the same respect as ours in terms of the protection of personal data.

The same can be true with partners who are important players in the digital world (Google, Amazon, Facebook, Apple and Microsoft, in particular) and who provide very important services to Internet users but also to companies (audience analysis, advertising positioning, etc.). In principle, these actors are obliged to comply with the European General Data Protection Regulation and the Privacy Shield (EU-US Privacy Shield). However, in this particular context where the balance of power is really unbalanced, Multitanks undertakes to make transfers only in Europe and to limit the transfers of personal data as much as possible if it perceives flaws in the protection put in place by these actors or uses of personal data for purposes other than those for which Multitanks has received your consent. Google, Amazon, Facebook, Apple and Microsoft are also "data controllers" and therefore fully bear their responsibilities and burdens related to the processing of personal data. Multitanks will assume its own responsibilities, limited to its own actions of processing personal data, within the protection framework it has established.

What are your rights?

Multitanks offers you the opportunity to complete a profile for the use of a website or service. In this context, you are free to manage your personal data yourself.

The General Data Protection Regulation has strengthened your rights to manage your personal data. You have several rights:

- the right of access to your personal data, i.e. the right to obtain (i) confirmation that the data is used and (ii) the communication of the data used and that have been/will be communicated to the Recipients;

- the right to withdraw your consent to the use of your personal data, in part or in full;

- the right to rectification or correction of erroneous or incomplete personal data;

- the right to erasure of personal data, when they are not or are no longer used, in the event of unlawful use or withdrawal of consent;

- the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés https://www.cnil.fr/;

- the right to the portability of personal data consisting of a request to transmit one's personal data either to the individual himself or to another data controller in order for the latter to provide his service;

- the right to limit the use of personal data.

To exercise any of the above rights, please contact us via the contact form , making sure to complete the information necessary to exercise each of the rights concerned.

While we carefully evaluate each application we receive, we must be able to:

- Authenticate the requester exactly. Data controllers set up an authentication process to ensure that the requester is the person concerned by the request. This requirement shouldn't be a problem when an account is required to log in. However, in case of doubt as to the identity of the applicant, the data controller may request additional information;

- Have sufficient response time. The application will be processed no later than one month after receipt of the application. In the case of a complex application, a two-month extension will be used;

- Refuse unfounded or excessive requests. Some applications may subject the applicant to a fee.

Security of your information

We implement and continuously update administrative, technical and physical security measures to protect your personal data against unauthorised access, loss, destruction or alteration. Some of the safeguards we use to protect your personal data are firewalls and data encryption, as well as access controls to personal data.

Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy in order to comply with applicable privacy laws or to adapt it to our practices. We therefore invite you to consult it regularly to be aware of any changes. New versions will be uploaded to our website, updating the date on them. In the event of substantial changes, if necessary, we will also ask for your consent to such changes.

How to contact us?

For any further information or questions related to this Personal Data Protection Policy, our Data Protection Officer (DPO), Olivier GASQ, is at your disposal by phone on 04 77 76 00 29 or by email at [email protected].