“Keolis Gironde” company makes every effort to protect your personal data in accordance with the applicable European and French regulations.
I – GENERAL DISPOSITIONS
1) Person in charge of the treatment
2) General Terms and Conditions of Use
3) Applicable law and competent administrative authority
4) Links to third-party websites
We encourage you to review the privacy policies, procedures and practices of these third parties.
II – THE PERSONAL DATA WE COLLECT
- Completion of our subscription or collection forms on paper or electronically or during operations or events organised by Keolis Gironde in which you participate;
- Visiting one of our physical sales outlets and/or purchasing one of our services;
- Request for contact or exchanges by e-mail/mail and/or telephone with our customer relations departments;
- Receipt of supplier/prospect information in the context of managing pre-contractual and contractual relations;
- Processing of video-protection images from cameras installed in our facilities open to the public (commercial agencies, transport vehicles);
- Validation of tickets, access control to our services (urban and interurban transport, collective or individual, medical, vehicle rental or parking, etc.) or processing of offences and recovery of fines;
- Use of our services, including our ticketing systems and applications.
- Violation processing and fine collection;
- Browsing our websites https://30direct.com/
- Receiving and sending e-mails, text messages and other electronic messages between you and Keolis Gironde;
- Telephone or voice exchanges between you and Keolis Gironde or one of its service providers;
- Exercising your rights under the RGPD by letter and/or e-mail to Keolis Gironde.
III- USE OF COLLECTED DATA AND RETENTION PERIODS
We collect and use your personal data for the main purposes described below:
- To respond to your requests and provide you with information, based on your consent,
- To better understand your needs and expectations regarding the site and its use, to measure its use in order to improve it, based on your consent,
- To process the exercise of your rights and your claims, based on legal obligations,
- To comply with the law, regulations, and legal requests and orders.
IV – DATA TRANSMISSION
Your personal data may be communicated by us:
1) In the Keolis Group
We may share your personal data with certain entities of the Keolis Group, in order to ensure the continuity of responses to your requests.
2) To third-party providers
We may share your personal data with trusted third parties, located inside or outside the European Union, to help us operate the site and in particular to ensure its proper functioning.
4) To third-parties for legal reasons
In the event that we are required to comply with laws and regulations and legal requests and orders or if permitted by law.
5) In any case
We always require these recipients to provide sufficient guarantees of confidentiality and security and to take the physical, organizational and technical measures necessary to protect and secure your personal data, in accordance with the legislation in force. Any transfers of data outside the European Union are governed by the mechanisms validated by the European Commission or the competent authorities
V – DATA SECURITY
We secure your personal data by implementing appropriate physical, organizational, and technical measures to prevent unauthorized access, use, disclosure, modification, or destruction in accordance with applicable regulations.
These measures include:
- Storage on secure servers within the European Union;
- Security of your data, in particular through pseudonymization processes, encryption of transmitted data and the implementation of means to guarantee the confidentiality, integrity and availability of your data;
- Limited access to your data on a “need to know” basis.
Although we take all possible measures to protect your personal data, we cannot guarantee the security of information transmitted on the website when a security flaw affects your terminal or browser.
VI – YOUR RIGHTS REGARDING YOUR PERSONAL DATA
Under the RGPD and the Data Protection Act, you have various rights including:
1) Access, modification, update and deletion of your personal data
You may request access to your personal data held and processed by us, view it, obtain a paper or electronic copy, and request that it be corrected, updated or deleted.
You may, at any time, request that some of your data no longer be processed.
You may request that your data, which is being processed, be provided to you in an open, machine-readable format, either for your own use or for transfer to another controller.
4) Limitation of treatment
In some cases, you can request that the processing of your data be restricted.
5) Complaint to a Supervisory Authority
Without prejudice to any other legal remedy, you have the right to lodge a complaint with the supervisory authority of the country of the European Union in which you reside, work or in which you consider that a violation of your rights has been committed.
6) Post-mortem fate of your data
You have the possibility to define the post-mortem fate of your data.
You may exercise all of these rights by sending us a written request, accompanied by proof of identity (where this is necessary to verify your identity), to the contacts mentioned in Article IX “Contacting us”.
We will endeavour to respond to your requests as quickly as possible and in accordance with the applicable regulations. Nevertheless, in some cases, we may not be able to respond favorably to your request in order to meet our legal or contractual obligations.
VII – RETENTION PERIODS FOR COLLECTED DATA
We keep your personal data only for as long as is necessary to fulfill the purposes set out in the “Use of your personal data” section above, except where we are permitted or required by law to keep it longer.
The table below summarizes the different maximum retention periods applicable or imposed on us according to the purposes for which your personal data may be processed. These maximum retention periods apply unless you request the deletion or cessation of use of your data prior to its expiry for a reason consistent with any legal obligation that may be imposed on us.
|Processing your information requests||1 year from the date of request|
|Processing your applications||Retained 2 years after transmission of information or last contact with the applicant, unless otherwise specified by the applicant|
|Claims management||5 years from the closing of the claim|
|Audience measurement and personalization of the site and management of cookies/trackers||13 months from the deposit of the cookie and / or the tracer|
|Management of requests for access, rectification, deletion, opposition, limitation, portability of personal data||5 years from receipt of the request|
We encourage you to check this page periodically for changes and to stay informed about the steps we take to protect your personal information.
IX – CONTACT US
If you have any questions about the processing of your personal data, you can also contact our Data Protection Officer firstname.lastname@example.org.