The 5àsec Group attaches great importance to protecting the personal data and privacy of its customers and of all Users of its websites or mobile applications.
This Personal Data Protection Policy describes the types of personal data that the 5àsec Group may need to collect concerning you and the way that the 5àsec Group and its subcontractors may need to use these data.
For the purpose of data protection law, we are joint controllers in respect of your personal information collected and used through your use of the services provided by 5àsec and when you visit a 5àsec location. This is because we dictate the purpose for which your personal information is used and how we use your personal information. Sometimes franchisees, third parties and other companies in the 5àsec group will act as controllers of your personal information that we collect. This is where they determine the purposes and means of processing your personal information. They will use your personal information for their own legitimate purposes as described in their respective privacy notices.
All operations on your personal data are carried out in compliance with the regulations in force with effect from 25 May 2018, pursuant to “Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (the “Regulation”).
The User of the services, websites and applications of 5àsec acknowledges that he/she has read and accepted the terms of this Policy and of the general terms and conditions of service available on the websites concerned. If the User does not consent to these terms, he/she is free not to use the services and websites or mobile applications and not to supply any personal data.
ARTICLE 1 - DEFINITIONS
“Personal data“- any information relating to an identified or identifiable natural person
“Data subject“- an identifiable natural person is one who can be identified, directly or indirectly, by reference to an identification number or to one or more factors specific to the person.
“Processing of personal data” - any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Consent” - of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
“Controller” - the natural or legal person, public authority, agency or other body which, alone or jointly with others, collects and processes personal data.
“Joint Controllers” - where two or more controllers jointly determine the purposes and means of processing.
“Recipient” - the natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not.
“Processor” - the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Authorized third parties” - a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
“Supervisory authority“ - means an independent public authority which is established by a Member State pursuant to Article 51 of the Regulation.
ARTICLE 2 - IDENTITY OF THE JOINT CONTROLLERS
The personal data are collected by the 5àsec Group which consists of the following companies:
- Financière Hygie, 60 rte Sartrouville, 78230 LE PECQ, represented by Mr. Olivier BOCCARA, in his capacity as CEO, and its subsidiaries.
- Dry Cleaning Services S.R.L., 39 Tuzla Street, district 2, Bucharest, unique identification number RO26055050, registration number at the Trade Registry J40/9791/2009
- Superb Clean S.R.L., 16 Mitropolitul Andrei Saguna Street, district 1, Bucharest, unique identification number RO 24061323, registration number at the Trade Registry J40/3211/2020;
- DCS Global Cleaners S.R.L., 16 Mitropolitul Andrei Saguna Street, district 1, Bucharest, unique identification number RO 36862252, registration number at the Trade Registry J40/16715/2016
- Global Laundries S.R.L., 39 Tuzla Street, district 2, Bucharest, unique identification number RO 39738179, registration number at the Trade Registry J40/11522/2018
ARTICLE 3 - PROCESSING OF PERSONAL DATA
In providing its services and operating its websites and mobile applications the 5àsec Group collects data concerning you. These data are processed in compliance with the purposes specified at the time of collection.
If you are a customer:
When you pay for a purchase order or service at the cash desk of a store affiliated to the 5àsec Group, the data is collected directly by our employees in the store, in order to guarantee the confidentiality of your personally identifiable data. These employees will ask you for the information necessary to pay for your service and its performance, i.e. your name, first name, email address, mobile phone number and postal address.
As a general rule, the items of information that are essential for carrying out the service are marked by an asterisk on the data collection forms or are verbally identified as being essential at the time of collection. If you do not fill in the compulsory fields, we will not be able to perform the service.
In particular, the 5àsec Group may need to collect and use your personal data to access the functionalities and services proposed on our websites and mobile applications and to keep the information concerning you up-to-date, correct and relevant, especially for one or more of the following purposes:
Management of requests for information and/or documentation
Your identification data will enable us to process your request on the contact forms, for example:
- your personal details (title, name, first name, date of birth, postal address)
- your contact details (fixed line or mobile phone number, email address)
- email correspondence (content of your emails, your address and any correspondence sent to you)
- the internal processing code enabling us to identify the customer.
The recipients of the data are the 5àsec Group internal departments and, where applicable, the processors subcontracted by the company.
Transmission of commercial information
The 5àsec Group complies with the regulations stipulated in articles 6 and 7 of the EU Data Protection Regulation, which specifies that the prior consent (“opt-in”) of the User must be expressly obtained for the transmission of special offers, marketing, canvassing etc.
So, subject to your rights, your data may be used to inform you by email and/or SMS of offers, services, promotions and games/competitions proposed by the 5àsec Group and its subsidiaries.
Via the website, via our collection media or when you buy from one of our stores, 5àsec requests your prior consent by asking you to fill in your personal details.
For example:
- name, first name, address, date of birth, phone number (fixed line or mobile), email address
By way of exception, as part of our service, in your capacity as customer, without having given your consent, the 5àsec Group may process your data to send you marketing information by electronic means if you are already a 5àsec customer and if the purpose of this prospecting is to propose similar products or services. This information is sent pursuant to the legitimate interests of the 5àsec Group and in compliance with the balance of interests between the customer and the 5àsec Group.
In all cases, you have the option to refuse to receive these marketing messages by carrying out the following actions:
- In the case of email, by clicking the “unsubscribe” link provided in each mail.
- In the case of SMS prospecting, by sending a “stop SMS” text message to the number indicated on the received SMS.
Loyalty program
Your data will enable us to manage your membership of our loyalty program, for example:
- your personal details (title, name, first name, postal address)
- your contact details (billing address, email address)
- your fixed line or mobile phone number
Website traffic statistics, for example: IP address, cookies, pages consulted by the user, date and time of visit (see details concerning cookies below). The recipients of the data are the internal departments of the 5àsec Group and of its subsidiaries, and where applicable, the processors subcontracted by the company. Additionally, the 5àsec Group and its subsidiaries may need to collect personal data for other purposes, while taking care to obtain the prior freely given, specific, informed and unambiguous consent of the data subjects, including by electronic means.
Geolocation and mobile applications
We use technologies that enable us to determine the current location of your mobile device. This function requires your consent and can be deactivated on installing the “app” or, after its installation, in your phone settings. Unless you give your consent, the data relating to your movements will not be saved.
Collection of banking data
A secure payment system is available to Users for all purchase orders via a 5àsec website or mobile app.
This payment system is managed by 5àsec’s payment collection partner, in compliance with regulations. The bank card details are erased after each transaction or are archived by a secure system for a maximum period of about 13 months, in case of complaints or disputes.
If you are a job applicant:
Your career details (educational qualifications, certifications, CV, motivation letters etc.) will enable us to process your application. The recipients of these details are exclusively the internal departments of the 5àsec Group and its subsidiaries. Any communication of the data to third parties (e.g. recruitment firm, temporary employment agency etc.) will be conditional on prior consent by the person concerned (“data subject”).
ARTICLE 4 -DATA RETENTION PERIOD
The 5àsec Group will store your personal data in a secured environment for the period necessary for the purposes for which the data were collected or for the maximum storage period laid down by the laws of your country.
The table below summarizes the different maximum retention periods applicable, depending on the purposes for which the 5àsec Group may need to process your data.
These maximum periods will apply unless you request the erasure or discontinuation of use of your data before the end of the period, for a legitimate reason that is not in infringement of the minimum period imposed on the 5àsec Group by law.
Retention period
Video surveillance to ensure the security of merchandise and of the persons visiting the stores of 5àsec and its subsidiaries.
30 days
Statistical metering and personalization of websites and mobile applications, management of cookies
13 months
Management of requests for access to data and rectification of data
1 year from receipt of the requests
Management of objections to
processing
3 years from acceptance of the right to
objection
Replies to customer satisfaction surveys
2 years from the last contact
Promotional and loyalty operations, competitions and games, sending of offers
3 years from the end of the business relationship or the last contact initiated by the customer or prospect
Management and logging of purchases and services, warranties, debt recovery, complaints management
10 years from the last event, except for data concerning payment methods, which are processed by the 5àsec payment service providers - only for the prescription period of the payment operations.
ARTICLE 5 – RIGHTS OF DATA SUBJECTS
In compliance with (EU) Regulation 2016/679 on the protection of personal data, you have the following rights concerning your data: right of access, right to rectification, right to erasure (right to be forgotten), right to object, right to restriction of processing and right to data portability.
You can also define the guidelines on the storage, erasure and communication of your personal data after your death. For legitimate reasons relating to your specific situation, you can object to the processing of the data concerning you.
To exercise your rights, please address your message by email to the following:
- For the company Financière Hygie: it.gr@5asec.com.
- For the companies Dry Cleaning Services S.R.L., Superb Clean S.R.L., DCS Global Cleaners S.R.L. and Global Laundries S.R.L.: gdpr.ro@5asec.com
Please attach a copy of a valid ID document. Please note that we will not store the copy of your ID document and it will be used for the sole purpose of identification.
In the event of infringement of any of the above provisions, you have the right to submit a complaint to the competent authorities, as follows:
- For France: Commission nationale de l'informatique et des libertés, 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, tel: +33 (0)1.53.73.22.22, www.cnil.fr.
- For Romania: National Supervisory Authority for Personal Data Processing, 28-30 G-ral. Gheorghe Magheru Blvd, district 1, postal code 010336, Bucharest, Romania, tel: +04.318.059.211; +04.318.059.212; Fax: +04.318.059.220; e-mail: anspdcp@dataprotection.ro; web-site: www.dataprotection.ro.
ARTICLE 6 - COMMUNICATION OF PERSONAL DATA
The collected personal data are intended for the internal departments of the 5àsec Group. If the 5àsec Group subcontracts the data processing activities to external processors, it will only employ processors that provide adequate guarantees concerning implementation of the appropriate technical and organizational measures to ensure that the processing is in compliance with the reliability and security requirements of the applicable regulations and guarantees the rights of the data subjects.
The 5àsec Group may need to transfer data to Switzerland or the US, countries recognized by the European Commission as having an adequate data protection level. In the case of data communication to service providers located in the US, the 5àsec Group undertakes only to use companies with which they have signed the Standard Contractual Clauses for the collection, use and retention of personal data from the EU and Switzerland.
ARTICLE 7 – SECURITY MEASURES
In view of technological developments, implementation costs, the nature of the data to be protected and the risks to the life and liberty of persons, the 5àsec Group implements all appropriate technical and organizational measures to guarantee the confidentiality of the collected and processed personal data and a security level adapted to the risk.
ARTICLE 8 - COOKIES
The 5àsec websites use cookies to adjust its websites to user preferences and to optimize its web pages. Cookies or other technologies are used to enable you to connect to the website and services and to personalize them.
These cookies make browsing easier and improve the user-friendliness of the websites. A cookie records information concerning your computer’s browsing of our site (the pages you have consulted, the date and time of the visit etc.). We can then read this data on your future visits. You can refuse to accept the use of cookies by configuring the parameters of your web browser, as specified below. In this case, access to certain services and sections of the site may be altered or even impossible.
The purposes of the cookies installed on the website are as follows:
- to monitor website traffic statistics (Google Analytics)
- in the case of a sites requiring login, to keep your session open
- to enable or facilitate electronic communication
- to record the user’s language choice
- to record the user’s choice on whether cookies are accepted
To refuse cookies
You can refuse the recording of cookies by configuring the parameters of your web browser, in particular by taking the following steps:
- Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer...
- Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
- Google Chrome 4, Google Chrome 8 and higher: https://support.google.com/chrome/answer/95647?co=GENIE.Platf orm%3DDesktop&hl=fr
- Safari: https://support.apple.com/fr-fr/HT201265
- Opera: http://help.opera.com/Windows/10.20/fr/cookies.html
Where applicable, the user is informed that in this case access to certain services and sections of the site may be altered or even impossible.
The storage period of cookies varies according to the type of cookies. We mainly use cookies that self-destruct after disconnection. These cookies are termed “session cookies” or “transient cookies”. A log file also enables us to log the history of all accesses to our web pages or the downloading of the various files available on our sites. This information is retained for a period of 6 months. Finally, information concerning your consent to cookies is saved for a maximum period of 13 months. Cookies are used for internal purposes and are not accessible to third parties.
Google Analytics and Privacy
We use Google Analytics to track your activity on our websites and to determine the number of users visiting our pages and the content of the pages viewed. This analysis is anonymous. The Google Analytics cookies are stored on your terminal and can be transferred to a Google server located in the USA, where they will be saved. Google will use these data to analyze your use of the website, to produce website activity reports for the website operators and to provide other services relating to the use of the website and of the Internet. Where applicable, Google will also transmit these data to third parties, if this is required by law and/or if the third parties process the data under the authority of Google.
ARTICLE 9 - MODIFICATIONS OF THIS POLICY
If the present 5àsec Policy is changed, or if required by law, this will be published on our websites and shall take effect on publication. Consequently, we invite you to check the Policy each time you visit the site, to see the latest available version, which is always available on our websites and mobile applications.