Privacy Policy

Our website complies with all the rules defined in the “General Data Protection Regulation” (GDPR) of the European Union.

Data Protection Officer: Sylvie ROMANO

For any request concerning the application of your rights: info [at] cristalcreditgroup.com

Use of personal data collected

Contact Forms

The data from the contact forms are sent by email to our administrators and are stored in parallel in our databases. This data is made up of all the fields filled in the form, the time stamp of the sending but also your IP address (in order to identify spam attempts).

Member profile, Customer account, Information sheet, Directory, etc.

If the site offers a function for recording and / or presenting data containing personal data, we only store the personal data indicated during registration, the time stamp and the IP address. Any user can see, modify or delete their personal information at any time directly or by asking a site administrator (note: only the account ID can not be modified). Site managers can also view and edit this information.

Cookies

Cookies are small text files placed on your device to store data. The site uses the following cookies: Technical cookies: necessary cookies (permitted by law). They are intended for site protection, load balancing, connection management, shopping cart management, etc. The site cannot function without them. Personalization cookies: they allow the site to be adapted to your needs and wishes. Third-party tools cookies: they are used to offer specific features on the site (maps, sharing tools, etc.). Statistical cookies: they allow you to analyze your browsing and allow us to measure the website audience. Apart from technical cookies, you can accept or refuse the placement of cookies using the cookie management banner offered on the site.

Content embedded from other sites

Articles on this site may include embedded content (eg videos, images, articles, etc.). Content embedded from other sites behaves the same as if the visitor were to that other site. These websites could collect data about you, use cookies, embed third-party tracking tools, track your interactions with these embedded content if you have a connected account on their website.

Statistics and audience measurements

This website uses the services of Google Analytics for its statistical monitoring. Google Analytics uses cookies to carry out its statistics.

 

Use and transmission of your personal data

We do not pass on any of the data we have about you to companies / services outside our company. All data concerning you is for internal use only and we do not perform any profiling on this data. If you have subscribed to our newsletter, you can modify or delete your subscriptions to it at any time.

Storage period of the information collected

Cookies are kept for a maximum of 13 months. Account data and other personal data are kept for a maximum of 36 months after the last detected account activity. At the end of the legal retention period, the data is erased or anonymized.

The rights you have over your data

If you have a member / customer account, if you have left comments on the site or if data concerning you is available on any page of the site (eg: member directory), you can request to receive a file containing all the personal data we hold about you. You can also request the modification or deletion of personal data concerning you. This does not take into account data stored for administrative, legal or security purposes.

 

Additional Information

How we protect your data

Your data is protected against loss, manipulation, unauthorized access, etc. using current security and archiving standards. We are constantly adapting our security measures by following technological progress and developments. The secure SSL protocol is used for all exchanges between your browser and the website and all sensitive data is encrypted.

Procedures implemented in the event of a data breach

In accordance with the law, in the event of a leak or anomaly concerning the personal data in our possession, we will inform the competent authorities (CNIL) and warn you of the nature of the data that has leaked within a maximum period of 72 hours after the problem has been discovered.

Third-party services that send us data

No third-party service transmits personal data to us.