Privacy policy – Protection of Personal Data

1. Object

This policy sets out how we («the Telenco Group») treat the Personal Data (“Personal Information”)that you provide to us and that we collect. This policy applies to all the Personal Data about you, collected in the context of our relations. We invite you to read this document carefully in order to acknowledge and understand our practices in this respect.

2. Who are we ?

Telenco is a company specialising in the design, manufacture, marketing of solutions for the deployment of fixed, mobile, private, and data centre networks around the world. Its head office is located at ZA Valmorge, 38430 Moirans - France. The Telenco Group has around 650 employees. The company serves its customers in more than 70 countries in Europe, Africa, the Middle East and Latin America.

As part of our operations, we are processing personal data about you in full compliance with the applicable regulations and in particular with the European Regulation No. 2016/679 of 27 April 2016 on the protection of individuals (or «GDPR»), as well as the amended Act of 6 January 1978 on Data Processing, Data Files and Individual Liberties (or French «Data ¨Protection Act”).

3. What are our commitments ?

We undertake to put in place all the technical and organisational measures necessary to ensure compliance with the fundamental principles related to the collection and processing of personal data and in particular the principles of :

- Lawfulness, fairness, transparency: personal data is processed in a lawful, fair and transparent manner ;

- Purpose limitation: personal data are processed for specified, explicit and legitimate purposes and are not further processed in an incompatible manner with the original purposes ;

- Proportionality of the data: the collected personal data are adequate, relevant and limited to what is necessary for the purposes of the Processing ;

- Accuracy of data: personal data is accurate and kept up to date. All reasonable steps are taken to ensure that inaccurate or obsolete

4. How do we collect your personal data ?

During the course of our relation, you may be required to transmit your personal data to us by various means:
- When creating your customer account ;
- When purchasing online, especially when filling out our order/request for quotation forms ;
- When contacting our customer service, make a complaint or, more generally, when you get in touch with our customer relations teams ;
- When subscribing to the newsletter or participating to a competition ;
- When you submit a contact request / catalogue request ;
- And more generally, during any other direct contact with our teams.

When you browse the websites of the Telenco Group, we are also likely to use cookies, small text files that are stored on your devices (computer, tablet or mobile). These cookies enable us to collect information and personal data for various purposes (statistics on the frequentation and use of the site, adaptation of the website to your parameters, third party cookies for advertising purposes, etc.). In the context of cookie management, we also undertake to comply with data protection regulations. Thus, where required, consent to cookies will be collected via the cookie banner that will appear clearly and visibly on your first visit to the company’s website.

Telenco Group websites (excluding the www.telenco-store.com marketplace) only collect Analytics cookies. An analysis of traffic on our websites is therefore carried out using the information collected by Google analytics, which is limited to IP address data and browsing history. With this data, Analytics builds statistics that combine geographical origin, demographics and centres of interest. The websites concerned are:

-www.telenco-networks.com
-www.telenco-group.com
- E-tedi websites (for more information on these websites: according to 16. Specificities of “e-tedi” websites).

5. What are your personal data used for ? (processing purposes)

Your personal data is mainly used to organise our commercial relationship as well as possible and to enable us to provide you with a quality service. In this context, your personal data is processed for the following main purposes:

Management of the commercial relationship :

- Purchasing products through our website
- Order tracking
- Management of the quality/SAV department and of complaints
- Management of requests for access, rectification and opposition rights
- Conducting statistical studies to learn more on the use and the performance of our website
- Conducting webmarketing studies
- Establishment of a personalised profile allowing us to get to know you better, building customer loyalty, and to improve our service at the same time (Profiling)
Carrying out commercial prospecting operations :

- Establishment of trade statistics
- Organisation of contests and/or loyalty operations
Protecting our interests :

- Management of unpaid debts
- Litigation management
- Monitoring of collection operations
- The management of our compliance with the various applicable legal operations
- The management of our suppliers and logistics (deliveries)

6. Do we process all the personal data you provide us with ?

In accordance with our commitments, we only collect the data that we consider necessary for carrying out our activities (data minimisation principle).
However, some data are essential to process your requests and/or orders, other data enables us to get to know you better and therefore to adapt our offers to your needs. The fields of the collection forms marked with an (*) are obligatory. Otherwise, we will not be able to process your request or order or to provide you with offers adapted to your needs.

7. What legal basis for the processing of personal data ?

The Processing of your personal data is based on different legal bases determined according to the purpose of the Processing concerned. In this context, we need your data for the following purposes:

- The implementation of a contractual commitment to which you are a party (e.g. management of your orders, management of your delivery, management of your complaint etc.) ;
- The pursuit of our legitimate interest as Data Controller (in particular developing knowledge of our customers, adapting our offers to their needs and/or carrying out promotional activities) ;
- Compliance with a legal obligation as soon as the legislation in force imposes the said Data Processing.

8. Who can access your personal data ?

Only authorised persons within our teams can access your personal data, according to their business needs.
Your personal data may also be transmitted to other entities of the Group, as well as to our service providers («Subcontractors») whose services are necessary for the performance of our activities as Data Processors. For example, your personal data may be transmitted to our service providers responsible for the computer hosting and maintenance services, as well as delivery activities, promotions, etc.

In this context, we undertake to use only Subcontractors who offer sufficient guarantees and respect our commitments in terms of personal data protection.

9. Are your data transferred abroad ?

The data collected through our European subsidiaries remains in the European Union, in compliance with the applicable regulations.
By contrast, for the international subsidiaries of the Telenco Group, data are collected outside the European Union and are therefore not subject to European regulations. These data may be transferred to the parent company for the purpose of processing.

You may request and receive a copy of the said guarantees at the address indicated below under the section «How to exercise your rights?».

10. How long is your personal data kept ?

Personal data is kept only for the necessary period to fulfil the purposes described in the section «What are your personal data used for?». In addition, Telenco keeps your personal data in accordance with the retention periods imposed by the applicable regulations in force and/or best industry practices.

These conservation periods are defined according to the nature of the purposes of the Processing and take into account the applicable legal provisions imposing a specific conservation period for certain categories of data, the applicable statute of limitations and the recommendations of the local Control Authorities concerning certain categories of Data Processing. Each Telenco Group company keeps its own processing registers, in which the conservation time of the data involved in each processing operation is systematically specified.

By way of illustration, Telenco undertakes to keep your personal data, as a customer, only for as long as is strictly necessary for the management of the commercial relationship, i.e. for a period of two years from the end of the commercial relationship (with the exception of the legal obligations of the Data Controller requiring a longer storage period), for example, from the date of a purchase, the expiry date of a guarantee, the end of a service contract or the last contact made by the customer.

For instance, Telenco undertakes to keep your personal data, as a customer, only for as long as is strictly necessary for the management of the commercial relationship, i.e. for a period of two years from the end of the commercial relationship (with the exception of the legal obligations of the Data Controller requiring a longer conservation period), for example, from the date of a purchase, the expiry date of a guarantee, the end of a service contract or the last contact made by the customer.

Personal data about you as a non-customer prospect is kept for a period of two years from the time it was collected or from the time you last contacted us (e.g. a request for quotation documentation).

11. How secure is your data ?

We pay particular attention to the confidentiality and security of your personal data. To this end, we implement appropriate technical and organisational measures to guarantee a level of security that is appropriate and in line with industry best practice. In this way, we comply with regulatory requirements and protect the rights and data of the persons concerned right from the design stage of Processing operations. Telenco builds and manages its information systems with the primary objective of preserving the confidentiality, integrity and availability of confidential and sensitive data, including your Personal Data.

12. What are your rights with regard to personal data ?

In application of the applicable data protection regulations, you may at any time exercise your rights as a data subject; and request access, rectification, deletion and portability of the data concerning you as well as exercise your rights to limit and oppose the Processing of such data.

In particular, you have the right to object to the Processing of your data for commercial prospecting purposes. Depending on the choices you make when creating or modifying your contact form/prospect attached to your account, you may receive offers from all the companies of the Telenco Group. These choices can be modified at any time once you have logged into your online account. Likewise, if you no longer wish to receive our newsletter, you can click on the unsubscribe link located at the bottom of each advertising communication in electronic format.

13. How to exercise your rights ?

These rights can be exercised by contacting : Telenco, Digital department, ZA Valmorge, rue Barjon, 38430 MOIRANS, or by addressing an e-mail at privacy@telenco-group.com.

In this context, we kindly ask you to enclose with your application the information necessary for your identification (surname, first name, email) and an identity card as well as any information related to your application.

You also have a right of recourse to the Local Control Authority in the event of a breach of the applicable regulations on the protection of personal data and in particular the RGPD.

14. Who to address ?

If you have any further questions regarding this policy or the way in which Telenco processes your personal data, please contact us at the following address: privacy@telenco-group.com.

15. Amendments and updates

This Privacy Policy may be modified or updated in light of different interpretations, rulings and opinions related to the DPSP. The Telenco Group undertakes to inform you via its websites of any changes made.

16. Particularities of « e-tedi » websites

The «e-tedi» websites are the intellectual property of Telenco. e-tedi is a purchasing platform offered to Telenco’s framework agreement customers, to empower them to optimise the management of their supplies from the Group’s companies.
The contract between Telenco and the client company of an «e-tedi» website establishes a relationship of co-responsibility with regard to the personal data processed. The relationship between Telenco and the e-tedi customer is one in which each party is responsible for its own processing.

By subscribing to an e-tedi website, the parties acknowledge these statements

→ RROLES AND OBLIGATIONS :

The Parties expressly acknowledge that each Party alone determines the purposes and means of its Personal Data Processing. Consequently, the Parties expressly agree that each of them acts as Data Processors for the Processing of Personal Data having a direct link with the performance of the Contract and within the framework of its obligations under the applicable Data Protection Laws. Under no circumstances will the Parties process the Personal Data as Joint Processors.

The Parties undertake to fully comply with the legal and regulatory data protection obligations incumbent upon them in connection with its Processing. Within the framework of the contract between Telenco and the party, the purposes of Processing by Telenco are the same as those mentioned in paragraph 5. What are your personal data used for? (Purposes of Processing).

→ COOPERATION BETWEEN THE PARTIES

Each Party undertakes to inform the other Party and to provide all necessary assistance in the event of a referral to a regulatory authority, in order to demonstrate its compliance with applicable data protection laws.

Each Party shall provide the other Party with all necessary assistance in handling any request from Concerned Persons for the exercise of their rights or for any other request related to the protection of Personal Data concerning them as provided for by the applicable Data Protection Laws and in order to comply with the statutory time-limits for replying to Concerned Persons. To this end, the other Party must receive a request from Concerned Persons which may have an impact on the other Party’s processing of Personal Data.

Should the Person Concerned contact a Party directly to exercise his rights, the latter undertakes to check whether this request is incumbent on it and to refer it, if necessary, to the other Party as soon as it is identified as the concerned Data Controller. Each of the Parties shall reasonably assist the other Party whenever an impact assessment related to the protection of Personal Data is necessary pursuant to applicable Data Protection Laws or whenever a Party decides to carry out such an assessment. This assistance is justified by the proximity of the processing operations carried out by the Parties.

For the implementation of the different situations, the parties can contact Telenco at: privacy@telenco-group.com

→ CONFIDENTIALITY OF PERSONAL DATA

The Parties recognise that Personal Data constitutes confidential information and therefore ensure that the authorised persons to process the Personal Data undertake to respect confidentiality. The Parties undertake not to disclose any Personal Data processed within the framework of the Contract to members of its staff who are not involved in the performance of the services provided for in the said Contract.

The Parties shall ensure that their employees, subcontractors and service providers offering services under this Contract and subject to the Processing in question are aware of and comply with the rules related to confidentiality and the protection of Personal Data.

This obligation of confidentiality will continue after the end or termination of the Contract.

→ SECURITY, PERSONAL DATA BREACH, NOTIFICATION

The Parties shall take, each for the Processing of Personal Data for which it is the Data Controller, the necessary technical and organisational security measures to protect the Personal Data against accidental or unlawful destruction, accidental loss, alteration, unauthorised disclosure or access to the Personal Data in accordance with the applicable Data Protection Laws.

Each Party shall inform the other Party of any Personal Data Breach - immediately after becoming aware of it and to the extent that such Personal Data Breach would have an impact on the other Party’s Processing.

It is the responsibility of each Party as Data Controller to inform and notify the competent supervisory authority and, where appropriate, the Persons Concerned by the Personal Data Violation.

17. Glossary

«Personal data» or « Personal Information», any information related to an identified or identifiable natural person (hereinafter referred to as «data subject»); «identifiable natural person» means a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity ;

«Processing» any operation or set of operations carried out or not by using automated processes and applied to data or sets of Personal Data, such as collection, recording, organisation, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, approximation or interconnection, limitation, erasure or destruction;

«Profiling» any form of Automated Processing of Personal Data consisting in using such Personal Data to evaluate certain personal aspects related to a natural person, in particular to analyse or predict elements concerning the work performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements of this natural person;

«Data Controller», the natural or legal person : the public authority, department or other body which alone or jointly with others determines the purposes and means of the processing operation; where the purposes and means of the processing operation are determined by Union law or the law of a Member State, the controller may be appointed or the specific criteria for his or her appointment may be laid down by Union law or the law of a Member State;

«Subcontractor» means the neutral or legal person : the public authority, service or other body which processes Personal Data on behalf of the Controller;

«Recipient»means the neutral or legal person : the public authority, service or any other body that receives communication of Personal Data, whether or not it is a Third Party. However, public authorities which are likely to receive communication of Personal Data in the context of a particular enquiry in accordance with Union law or the law of a Member State are not considered as Recipients; the Processing of such data by the public authorities in question shall comply with the applicable data protection rules according to the purposes of the Processing;

«Consent» of the concerned person any manifestation of free, specific, informed and univocal will by which the data subject accepts, by a declaration or by a clear positive act, that Personal Data concerning him/her may be processed ;

«Control Authority» an independent public authority established by a Member State.

Update : 11/01/2021