Safyr attaches great importance to the protection of your personal data. This Policy is intended to provide you with detailed information on how Safyr SRL protects your personal data.
Digital media concerned:
ARTICLE 1: PREAMBLE
• How their personal data are collected and processed. Personal data are all data by which a user can be identified. These include in particular first and last name, postal address, email address, the user’s location or his IP address;
• What rights users have in relation to these data;
• Who is responsible for the processing of personal data collected and processed;
• To whom are these data transmitted;
• The website’s policy on "cookies".
ARTICLE 2: GENERAL PRINCIPLES IN RELATION TO THE COLLECTION AND PROCESSING OF DATA
In accordance with the provisions of article 5 of European Regulation 2016/679, users’ data is collected and processed in accordance with the following principles:
•Lawfulness, fairness and transparency: the data can only be collected and processed with the consent of the user who is the owner of the data. Whenever personal data are collected, the user shall be informed that his data are being collected and of the reasons why his data are being collected;
• Limited purposes: data are collected and processed in order to meet one or more objectives set out in these general terms and conditions of use;
• Minimisation of the collection and processing of data: only the data necessary to fulfil the website’s objectives are collected;
• Data retention reduced over time: data are retained for a limited period;
• Integrity and confidentiality of data collected and processed: the controller undertakes to ensure the integrity and confidentiality of the data collected.
In order to be lawful and in compliance with article 6 of European Regulation 2016/679, personal data may only be collected and processed if at least one of the conditions listed below applies:
• The user has expressly given consent to processing;
• Processing is necessary for the performance of a contract;
• Processing fulfils a legal obligation;
• Processing is necessary in order to protect the vital interests of the data subject or of another natural person;
• Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority;
• The processing and collection of personal data are necessary for the purposes of the legitimate, private interests pursued by the controller or by a third party.
ARTICLE 3: PERSONAL DATA COLLECTED AND PROCESSED IN THE CONTEXT OF THE USE OF LYRA
A. DATA COLLECTED AND PROCESSED AND METHOD OF COLLECTION
The personal data collected on the Safyr digital media are the following:
• Identification information: last name, first name, login, password
• Employment information: company, organisational entity, job title
• Contact details: postal address, email, business telephone number
• IT information: IP address, geolocation
These data are collected when the user performs one of the following operations:
• Request for a quotation or for information
• Creation of an account in the customer area
• Request for support
• Response to a satisfaction survey
The controller keeps personal data relating to its customers in its IT systems under reasonable security conditions for the entire duration of the contractual relationship and for 5 (five) years after termination of the contractual relationship. Thereafter the data are archived for the period during which Safyr SRL may be held liable.
In the case of prospects, the data are kept for 1 (one) year.
The data are collected and processed for the following purposes:
• Management of the Safyr customer base, including potential customers;
• Communication of Safyr services, offers and news;
• Commercial prospecting or direct marketing in relations to Safyr’s business;
• Management of quotations, orders, deliveries and returns in respect of items purchased or leased on safyr-solution.com ;
• Management of subscriptions on lyra-system.com;
• Audience analysis for each digital medium;
• Improvement and personalisation of the user experience on each digital medium.
B. TRANSMISSION OF DATA TO THIRD PARTIES
Certain data may be transmitted to the third parties listed below:
• Atlassian Pty Ltd: management of requests for support and developments on lyra-system.com
• Exact Holding B.V. : management of customer relations
• Google LLC: IP address, geolocation for audience measurement
• Mailjet SAS: sending of communications by email
Safyr SRL undertakes not to transfer user data outside of the European Union.
If Safyr SRL has to do so, the users will be notified of the steps taken to control the transfer and ensure that their data are kept confidential.
C. DATA HOSTING
Safyr-solution.com is hosted by:
• OVH SAS: Prestashop e-commerce application
Lyra-system.com is hosted by:
• Auth0, Inc. User authentication data on Amazon Web Services (AWS US West 1 & 2)
• Heroku Inc.: Frontend and backend of the application on Amazon Web Services (AWS EU West 1)
• Microsoft Corporation: Storage and historisation of measurement data on Azure (North Europe)
• MongoDB, Inc.: Storage of the application data on Google Cloud Platform Belgium (Europe West 1)
The measurement data collected and processed by the application are hosted and processed exclusively in the European Union.
ARTICLE 4: THE CONTROLLER
A. THE CONTROLLER
The controller is Mr Julien Robidet, in his capacity as associate and technical director of the company Safyr SRL. He can be contacted by post, telephone or email:
Maison de l’Industrie Technologique, 20 Rue Auguste Piccard, 6041 Charleroi (Belgium)
The controller is responsible for determining the purposes of and resources used for the processing of personal data.
B. OBLIGATIONS OF THE CONTROLLER
The controller undertakes to protect the personal data collected, not to transmit them to third parties, including outside of the European Union, unless the user has been duly notified and to adhere to the purposes for which such data were collected.
The website has an SSL certificate in order to ensure that the information and data transfer through the website are secure.
The purpose of an SSL certificate ("Secure Socket Layer" Certificate) is to secure the data exchanged between the user and the website.
In addition, the controller undertakes to notify the user in the case of rectification or erasure of the data provided that this does not involve disproportionate formalities, costs and measures.
In the event that the integrity, confidentiality or security of the user's personal data is compromised, the controller undertakes to notify the user by any suitable means.
ARTICLE 5: RIGHTS OF THE USER
In accordance with the law of 8 December 1992 concerning the protection of a private life with regard to the processing of personal data, as amended by the law of 11 December 1998 and European Regulation 2016/679, the user has the rights listed below.
In order for the controller to comply with his request, the user is asked to send a letter or email to the controller giving his last name, first name, the subject of his request and, if applicable, his customer area User ID, together with proof of identity.
The controller has an obligation to reply to the user within a maximum of 30 (thirty) calendar days.
A. PRESENTATION OF THE RIGHTS OF THE USER WITH RESPECT TO THE COLLECTION AND PROCESSING OF DATA
a. Right of access, rectification and erasure
The user may access, update, modify of request the erasure of data concerning him within the limits provided for in the Regulation by following the procedure set out below.
If the user has a customer area, he may request its deletion by following the same procedure.
b. Right to restriction of and to objection to data processing
The user has the right to request restriction of or to object to processing of his data by digital medium without Safyr being able to refuse, unless it demonstrates compelling legitimate grounds which override the interests, rights and freedoms of the user.
In order to request restriction of the processing of his data or to formulate an objection to the processing of his data, the user must follow the procedure set out below.
c. Right not to be subject to a decision based solely on automated processing
In accordance with the provisions of Regulation 2016/679, the user has the right not to be subject to a decision based solely on automated processing if the decision produces legal effects concerning him or similarly significantly affects him.
d. Right to data portability
The user has the right to request portability of his personal data held on a digital medium to another digital medium by following the procedure set out below.
e. Right to lodge a complaint with the competent supervisory authority
In the event that the controller decides not to comply with the user’s request and the user wishes to contest this decision, or if he believes that one of the rights listed above has been infringed, he is entitled to lodge a complaint with the Data Protection Authority https://www.autoriteprotectiondonnees.be, or any competent court.
B. PERSONAL DATA OF MINORS
In accordance with the provisions of article 8 of European Regulation 2016/679, only minors of age 13 and above can consent to the processing of their personal data in Belgium.
If the user is a minor aged under 13 years, the agreement of a legal representative is required for personal data to be collected and processed.
Safyr digital media are intended for persons at least over the age of 13.
A cookie is a small text file stored by the website in the memory or on the user’s hard disk, containing information relating to the session or the user’s browsing habits.
These files enable the website to facilitate browsing, control access to the customer area, analyse traffic or improve the service offered to the user.
Such user consent is deemed to be valid for a maximum period of 13 (thirteen) months. At the end of this period, the digital medium will again request authorisation from the user to place cookies in the memory or on his hard disk.
The user is hereby informed that he may reject the placing of cookies by configuring his browser software.
For your information, the user can find the steps to follow in order to configure his browser software to reject the placing of cookies at the following addresses:
• Chrome: https://support.google.com/accounts/answer/61416?hl=fr
• Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
• Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
• Opera: http://www.opera.com/help/tutorials/security/cookies/
• Safari: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
If the user decides to disable the cookies, he can continue to browse on the digital medium. However, any malfunction of the digital medium caused by this action could not be regarded as attributable to Safyr.
b. Description of the cookies used by Safyr digital media
Safyr draws the user’s attention to the fact that the following cookies are necessary for browsing any of the Safyr digital media:
Name Medium Purpose Expiry
PHPSESSID safyr-solution.com Management of the user session Session
PrestaShop safyr-solution.com Control of access to the customer area, management of the basket 20 days
legacy_auth0.is.authenticated app.lyra-system.com Control of access to the application 24 hours
__stripe_mid app.lyra-system.com Subscription, payment and invoicing 12 months
The user is hereby informed that in browsing any of the Safyr digital media preference or third party cookies may be placed.
Name Provider Purpose Expiry
_cfduid globalsign.com Validation of SSL certificate 12 months
xxxx safyr-solution.com app.lyra-system.com Record of user consent 12 months
ga safyr-solution.com app.lyra-system.com Unique user ID used by Google Analytics to generate statistical data on the way the user browses the website. 24 months
gat safyr-solution.com app.lyra-system.com Reduction in the number of requests by Google Analytics Session
gid safyr-solution.com app.lyra-system.com Unique user ID used by Google Analytics to generate statistical data on the way the user browses the website. Session
The Safyr digital media use Google Analytics, an audience analysis service provided by Google Analytics LLC. The cookies used by Google Analytics enable the use of each digital medium to be followed and analysed and activity reports generated. Anonymised data may be processed in the United States
In addition, the Safyr digital media may contain links to videos presenting products and services and social media buttons enabling the user to share his activity on each of the digital media. Cookies from video content and social media distribution platforms are, therefore, likely to be stored on the user’s terminal when he uses these functionalities.
The user’s attention is drawn to the fact that these websites have their own privacy policies and general terms and conditions of use which may be different from those of this website. Safyr invites uses to consult the privacy policies and general terms and conditions of use of such websites.
Safyr reserves the right to modify it in order to ensure compliance with the law in force. Any translation of this policy, in English or Dutch, is provided solely for the user’s convenience. In the event of any inconsistency or conflict between the French version and any translation, the French version shall prevail.