1. Definitions

Source: article 4 of the RGPD.

Personal data: any information relating to a natural person who is identified or can be identified directly or indirectly by reference to an identifier such as surname, first name, identification number, location data or online identifier.

Processing (of data ): any operation or set of operations carried out with or without the aid of automated processes and applied to personal data or to a set of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination or otherwise making available, alignment or combination, limitation, erasure or destruction.

Data controller: the natural or legal person, public authority, department or other body which, alone or jointly with others, determines the purposes and means of processing.

Subcontractor: the natural or legal person, public authority, department or other organization that processes personal data on behalf of the controller.

Recipient: the natural or legal person, public authority, service or any other organization that receives the communication of personal data, whether or not it is a third party.

Third party: the natural or legal person, public authority, service or any other body, other than the data subject, controller or processor, who is authorized by the controller to receive and process personal data.

Consent: any free, specific, informed and unambiguous expression of will by which the data subject accepts, by a declaration or clear positive act, that personal data concerning him or her may be processed.

Cookies: small file stored by a server on a user's terminal (computer, telephone, etc.) and associated with a web domain (i.e. in most cases, with all the pages of a single website). This file is automatically sent back when the user contacts the same domain again.

2. Personal data processed by SUNDIS

When you browse the sundis.com website, we collect personal data about you. The categories of personal data concerned are as follows:

Identification data: title, surname, first name, e-mail address, telephone number

Connection data: IP address, connection data

SUNDIS may also collect personal data indirectly through the use of cookies and from our business partners who may have obtained your consent to pass on your details for the purposes set out below.

3. Purposes of collecting and processing personal data

SUNDIS collects and processes your personal data for several purposes:

With your consent : 

- Newsletter mailing

- Electronic commercial prospecting

- Depositing cookies and tracers on your terminal

- Analyze the audience of our website

- Geolocate our customers

- Targeted advertising

On the basis of a contract concluded between you or our company:

- Claims management

On the basis of our legitimate interest :

- Carry out statistical analyses (visitor numbers, pages visited, etc.)

- Improve the performance of our website

4. Recipients of personal data

Within the limits of their respective responsibilities, several recipients have access to the personal data you provide to us:

- The SUNDIS marketing department

- SUNDIS subcontractors

Your personal data may also be disclosed to third parties in application of a particular regulation, or by virtue of a decision by a competent regulatory or judicial authority.

5. How long we keep your data

At the end of the retention period, personal data is deleted.

Newsletter mailing and targeted advertising

Until you withdraw your consent or, for prospects, 2 years from the last contact and, for customers, 3 years from the last purchase.

Cookie data

For the lifetime of the cookie, i.e. 13 months, or until you delete the cookie from your terminal.

The information collected through these tracers is kept for a maximum of twenty-five months.

Data for statistical purposes

3 years

6. Data protection

SUNDIS undertakes to implement all necessary security measures to protect the security of your personal data and to guarantee their confidentiality.

7. Your rights

In accordance with the regulations governing the protection of personal data, you have the right to control the processing of your data.

- A right of access to your personal data;

- A right to rectification if you discover an error, or if your data needs to be modified for any reason;

- A right to erase your personal data if you no longer wish our site to have your personal data, or if you consider that we no longer need them;

- A right to limitation if you fall within one of the conditions cited in Article 18 of the RGPD;

- The right to object to commercial prospecting

- A right to challenge any decision made by an algorithm without human intervention that would have legal or similar effects;

- A right to the portability of your personal data;

- A right to define directives concerning the fate of your personal data after your death. Failing that, your heirs can exercise this right after your death.

You can exercise your rights by contacting SUNDIS : 

- By post: ZI, rue de l'Epau 59230 Sars-et-Rosières

- By email to contact@sundis.com

If in doubt about your identity, you may be asked to provide proof of identity.

If you have a complaint, you can contact the Commission Nationale de l'Informatique et des Libertés (CNIL). You can also visit its website for further information.

8. Modification

This data protection policy may be updated at any time, in particular to comply with any changes in legislation, regulations, case law or technology.

Modifications come into effect as soon as they are published on sundis.com. It is therefore advisable for the user to consult the privacy policy regularly in order to be aware of any changes.