Skip to content
author_grey

Privacy Policy

 

1 / Scope of Application

Castelis attaches the utmost importance and care to the protection of privacy and personal data, as well as to compliance with the applicable legal provisions.

The European Regulation on the protection of personal data provides that personal data must be processed in a lawful, fair and transparent manner. Therefore, this privacy policy (hereinafter “Policy”) aims to provide you with simple, clear information on the processing of personal data concerning you, in connection with your browsing and the operations carried out on our website.

 

2 / Data Controller

In connection with your activity on the site http://castelis.com/, we collect and use personal data relating to you as natural persons (hereinafter “data subject”).

For all processing operations, Castelis, a simplified joint-stock company (SAS) with a share capital of 1,000,000 euros, registered with the Trade and Companies Register under number 429 463 987 and with its registered office at 9 rue Maurice Grandcoing, 94200 IVRY SUR SEINE, determines the means and purposes of the processing. We therefore act as data controller, within the meaning of personal data regulations, and in particular Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

 

3 / What Data Do We Collect and How?

By using our website, you provide us with a certain amount of information about yourself, some of which may identify you (“personal data”). This is the case when you browse our site or when you fill in online forms.

The nature and quality of the personal data collected about you varies depending on the relationships you enter into with Castelis, the main ones being:

  • Identification data: this includes any information that would allow us to identify you, such as your last name, first name, phone number, and email address. We may also collect the name of your company.
  • Connection data: We collect your IP address for maintenance and statistical purposes.
  • Browsing information: by browsing our website, you interact with it. Consequently, certain information relating to your browsing is collected.
  • Data collected from third parties: data that you have agreed to share with us or on publicly accessible social networks and/or that we may collect from other publicly accessible databases.
  • Documents of various types (PDF, Office format, Image) with titles, content, folder names, or information related to a document, such as written comments in documents, alert and reminder dates. These documents may in particular include CVs and cover letters.

 

4 / Why and How Do We Collect Your Personal Data?

Recruitment form

  • Personal data collected: Last name, First name, Phone number, Email address, CV and cover letter
  • Legal basis: Pre-contractual relationship
  • Retention period: 2 years

Contact form

  • Personal data collected: Last name, First name, Job title, Company, Phone number, Email address, Nature of the exchange
  • Legal basis: Legitimate interest
  • Retention period: 2 years

Management of the business relationship

  • Personal data collected: Last name, First name, Company, Phone number, Email address and any information given during exchanges
  • Legal basis: Pre-contractual relationship
  • Retention period: 2 years

Commercial prospecting operations

  • Personal data collected: Last name, First name, Company, Phone number, Email address and any information given during exchanges
  • Legal basis: Legitimate interest
  • Retention period: 2 years

Newsletter

  • Personal data collected: Email address
  • Legal basis: Consent
  • Retention period: 2 years

 

5 / Do We Share Your Personal Data?

For certain processing purposes, we may share your data with our service providers whom we call upon to carry out a set of operations and tasks on our behalf:

  • Welcome to The Jungle
  • Hubspot
  • Sitecore

However, this data sharing is only carried out after obtaining your consent, or where it is necessary for the performance of our contract with you. Moreover, only the information they need to perform the service is communicated to them. They are also requested not to use the data for purposes other than those initially intended. We make every effort to ensure that these third parties preserve the confidentiality and security of your data.

Your personal data may also be shared with other Castelis departments, such as:

  • Sales department
  • Marketing department

Finally, your data may also be transmitted to legal or regulatory authorities in order to comply with our legal obligations.

In these last two cases, as with service providers, only the necessary data is provided. And we make every effort to maintain its confidentiality and security.

We do not sell your data.

 

6 / Is Your Data Transferred to Third Countries?

Castelis endeavours to keep personal data in France, or at least within the European Economic Area (EEA). However, it is possible that the data we collect when you use our platform or in connection with our services may be transferred to other countries, for example if some of our service providers are located outside the European Union.

In the event of such a transfer, we guarantee that the transfer is carried out:

  • Either to a country providing an adequate level of protection, i.e. a level of protection equivalent to what European regulations require;
  • Or it is governed by standard contractual clauses;
  • Or it is governed by binding corporate rules.

 

7 / How Long Do We Retain Your Data?

We retain your personal data only for as long as necessary to fulfil the purpose for which we hold such data, in order to meet your needs or to comply with our legal obligations.

Retention periods vary depending on several factors, such as:

  • Castelis’s business needs
  • Contractual requirements
  • Legal obligations
  • Recommendations from supervisory authorities

Retention periods are detailed in the processing table above.

 

8 / How Do We Ensure the Security of Your Data?

Castelis undertakes to protect the personal data we collect or process against loss, destruction, alteration, unauthorised access or disclosure.

To this end, we implement all appropriate technical and organisational measures, depending on the nature of the data and the risks associated with their processing. These measures must preserve the security and confidentiality of your personal data. These measures may include practices such as limited access to personal data by authorised persons, by virtue of their functions.

In addition, our practices and policies and/or physical and/or logical security measures (secure access, authentication procedures, backup copies, software, etc.) will be regularly reviewed and updated if necessary.

 

9 / What Are Your Rights?

Regarding the personal data we collect/process, you may exercise the following rights:

  • A right of access: you have the right to request access to the personal data we hold about you, and you may request a copy thereof;
  • A right of rectification: you may request the rectification of any inaccurate data concerning you;
  • A right of erasure: you may request the deletion of your personal data in certain circumstances;
  • A right to data portability: under certain conditions you may receive all personal data concerning you that you have provided to us, in a structured format. You also have the right to require us to transmit them, where feasible, to another controller;
  • A right to object to processing on the grounds of legitimate interests;
  • A right to withdraw consent at any time;
  • A right to restriction of processing: you have the right to restrict the processing of your data if:
    • You contest the accuracy of your data, until we verify their accuracy;
    • The processing is unlawful but you do not wish us to delete your data;
    • We no longer need your personal data for the purposes of the processing but you need such data in order to establish, exercise or defend legal claims;
    • You have objected to the processing on grounds relating to your situation, pending verification as to whether our compelling legitimate grounds for continuing the processing override those interests;

If such personal data are subject to restrictions of this type, we will only process your data with your consent, or for the establishment, exercise or defence of legal claims.

To exercise your rights, you may contact the data protection officer (DPO):

  • By post at the following address: CASTELIS, For the attention of the Management/DPO – 9 rue Maurice Grandcoing, 94200 IVRY SUR SEINE
  • By email at the following address: dpo@castelis.com

When you send us a request to exercise a right, you are asked to specify as precisely as possible the scope of the request, the type of right exercised, the personal data processing concerned, and any other useful information, in order to facilitate the examination of your request. You may also be asked to prove your identity.

 

10 / What Cookies Are Placed on Your Browser?

Cookies are computer files that are automatically placed on the hard drive of your computer, tablet or mobile when you browse our website. They are managed by your internet browser (Internet Explorer, Firefox, Safari or Google Chrome).

Are cookies placed when you browse the Castelis website?

On your first visit to the Castelis website, a banner informs you of the presence of these cookies and invites you to indicate your choice. Cookies requiring your consent in accordance with regulations are only placed if you accept them. You can at any time find out about and configure your cookies to accept or refuse them by going to the [Cookie Management] banner at the bottom of each page of the Site or by configuring your browser.

If your browser is configured to refuse all cookies, you will not be able to benefit from essential features of our site.

What data is collected through cookies?

Data that may be collected via cookies includes all data relating to a terminal at a given moment, in particular:

  • One or more technical identifier(s) allowing your internet box to be identified;
  • The date, time and duration of connection of a terminal to a website;
  • The internet address of the page from which the terminal accessed the website;
  • The type of operating system of the terminal (e.g.: Windows, MacOs, Linux, Unix, etc.);
  • The type and version of the browsing software used by the terminal (Internet Explorer, Firefox, Safari, Chrome, Opera, etc.);
  • The brand and model of the mobile device or tablet;
  • Possible download errors;
  • The language used by the browsing software of the terminal;
  • The characteristics of the content consulted and shared (type of page visited for example);

What are the purposes of the cookies placed on the Castelis website?

On our Site, we may place different types of cookies for several purposes:

  • Cookies necessary for personalisation and the operation of the Site: they allow you to use the main features of our Site and in particular to save information between two consultations of the website on the same device, such as interface personalisation elements (language choice or presentation). They do not require your prior consent. These cookies are essential for the proper functioning of the website. Without these cookies, you will not be able to use our Site normally. They cannot therefore be disabled.
  • Analytical, statistical or audience measurement cookies which allow us to know the usage and audience performance of our Site and to improve its functioning for our visitors; for example, establishing statistics and volumes of visits and use of the various elements making up our Site (sections and content visited, browsing paths), in order to improve the interest and ergonomics of our Site;
  • Social network cookies placed by social networks when you share content from our Site with other people or let them know your opinion on this content via an application button. We have no control over the process used by these social networks to collect information relating to your browsing on our Site and associated with the personal data they hold. We invite you to consult their data protection policies in order to know your rights with respect to each of them, and to manage your privacy settings.

Who places cookies on the website?

  • The publisher of the website, which is Castelis;
  • Partners, namely advertisers and advertising networks, and any other recipient with whom Castelis has concluded a partnership agreement. These cookies in particular allow advertising messages to be tailored to you. The placement of these cookies is only carried out if you have given your express consent.
  • Third-party social network publishers, namely companies that publish social networks such as, for example, Facebook, Twitter, etc. which may place Cookies for the purposes of social network sharing;

List of companies using trackers on our Site

  • Facebook
  • LinkedIn
  • Hubspot
  • Google
  • Youtube

What is the retention period for placed cookies?

Cookies placed by Castelis, our Subcontractors and our Partners, as well as the data collected, are retained for a maximum period of 6 months from the date of their placement on your terminal. Upon expiry of this period, your consent is required again and the cookie banner is displayed during your new visit to our Sites.

How to manage consent to cookie placement?

The placement of a Cookie for audience measurement, content personalisation, social networks and targeted advertising purposes requires your prior consent. This consent is requested through the banner displayed during your first browsing on the Castelis website. You may choose to accept the placement of cookies for all listed purposes, refuse them or customise your choice. You may at any time withdraw your consent by going to the [Cookie Management] banner at the bottom of each page of the Site or by configuring your browser.

This consent is valid only for the visited website.

How to configure cookies on web browsers?

You have the choice of configuring your browser to accept or refuse all cookies, to delete cookies periodically, or to see when a cookie is issued, its validity period, and its content, and to refuse its recording on your hard drive.

You may at any time choose to block or disable these cookies by configuring the internet browser of your computer, tablet or mobile, in accordance with the instructions established by your internet browser provider and found on the websites mentioned below:

On Internet Explorer

Open the “Tools” menu, then select “Internet Options”; click on the “Privacy” tab then the “Advanced” tab, choose the desired level or follow the following link: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies

On Microsoft Edge

Open the “Tools” menu, then select “Internet Options”; click on the “Privacy” tab then the “Advanced” tab, choose the desired level or follow the following link: https://support.microsoft.com/fr-fr/help/4027947/microsoft-edge-delete-cookies

On Mozilla Firefox

Open the “Tools” menu, then select “Options”; click on the “Privacy” tab then choose the desired options or follow this link: https://support.mozilla.org/fr/products/firefox/protect-your-privacy/cookies

On Safari Mac / iPhone / iPad

Choose “Safari > Preferences” then click on “Security”; In the “Accept cookies” section choose the desired options or follow this link: https://support.apple.com/fr-fr/HT201265 or https://support.apple.com/fr-fr/guide/safari/sfri11471/mac

On Google Chrome

Open the configuration menu (wrench icon), then select “Options”; click on “Advanced Options” then in the “Privacy” section, click on “Content Settings”, and choose the desired options or follow the following link: https://support.google.com/chrome/answer/95647?hl=fr

On iOS

https://support.apple.com/fr-fr/guide/safari/sfri11471/mac

You can also type “cookies” in the “help” section of your browser to access the configuration instructions.

For more details, you can also consult the CNIL website: https://www.cnil.fr/cnil-direct/question/198

 

11 / Update to This Policy

This policy may be regularly updated to take account of changes in personal data regulations.

Date of last update: 15/06/2021.