Access the header Skip to main content Go to footer

5àsec Personal Data Protection Policy

PERSONAL DATA PROTECTION POLICY AND WEBSITE TRACKERS

The 5àsec Group attaches the utmost importance to protecting the personal data and privacy of its customers and all users of its websites and mobile applications.

The purpose of this Personal Data Protection Policy is to inform you about:

  • The types of personal data we collect about you;
  • How your personal data is processed;
  • The terms and conditions of use of your personal data and your rights in this regard.

All operations involving your personal data are carried out in accordance with the regulations in force, in particular Regulation No. 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”), and any national legislation applicable to data protection.

If you do not agree with these terms, you are free not to provide any personal data. However, you are advised that the provision of certain data is a condition of access to the Services and that, in the absence of such data, certain features may be impaired.

ARTICLE 1 – DEFINITIONS

The following terms shall have the following meanings:

“Personal Data” means any information relating to an identified or identifiable natural person, directly or indirectly.

“Processing of personal data” means any operation or set of operations which is performed on personal data, regardless of the process used (collection, recording, organization, storage, adaptation, modification, extraction, consultation, use, communication by transmission or dissemination or any other form of making available, reconciliation).

The “Data controller” is the legal or natural person who determines the purposes and means of processing, i.e., the objective and the manner in which it is carried out. In practice and in general, this is the private or public body, represented by its legal representative.

A “recipient” is the natural or legal person, public authority, service, or any other body that receives communication of personal data, whether or not it is a third party.

A “processor” is the natural or legal person or any other body that processes personal data on behalf of the controller.

An “authorized third party” is the public authority, service, or body that may access certain data contained in public or private files because it is expressly authorized to do so by law.

The “Site” refers to the website www.5asec.fr

ARTICLE 2 – IDENTITY OF THE DATA CONTROLLER

Personal data is collected by the 5àsec Group – Financière Hygie, located at 20 rue du Sentier 75002 PARIS, represented by Mr. Olivier BOCCARA in his capacity as CEO, and its subsidiaries.

ARTICLE 3 – LEGAL BASIS FOR PROCESSING

Processing is based on:

  • Either on the establishment and execution of a contract or pre-contractual measures at the request of the data subject;
  • Either on the need to comply with legal or regulatory obligations in force;
  • Either on the consent of the data subjects;
  • Or on the need to satisfy the legitimate interests of 5àsec.

ARTICLE 4 – PURPOSES OF PROCESSING AND PERSONAL DATA COLLECTED

In the context of providing services and operating its websites and mobile applications, 5àsec collects data about you. This data is processed in accordance with the purposes specified at the time of collection.

In general, the information collected that is essential for us to provide the service is identified by an asterisk on the collection forms or specified as such verbally at the time of collection. If you do not fill in these mandatory fields, we will not be able to provide the service.

In particular, 5àsec may collect and use your personal data for one or more of the following purposes:

  • Management of orders and services in store:

When you place an order or request a service at a 5àsec affiliated store, our sales staff will collect the personal data necessary to fulfill the following purposes directly from you at the checkout: the performance, payment, and invoicing of your service and notification by text message and/or email when it has been completed.

When providing services in-store, the personal data that may be collected by 5àsec mainly includes:

  • Identity data: your surname, first name, contact details (postal address, landline or mobile phone number, email address)
  • Instructions given to sales staff
  • Management of requests for information and documentation:

In contact forms, 5àsec may collect the following data:

  • Identity data: title, last name, first name, date of birth, contact details (postal address, landline or mobile phone number, email address);
  • Contact details: message sent, subject, correspondence that may be sent to us, department to which the request is addressed;
  • Internal processing code enabling customer identification.
  • Newsletter management:

In the newsletter subscription form, 5àsec may also collect the following data:

  • Identity data: last name, first name;
  • Personal details: email address.
  • Job application management:

When you submit your application for a position, 5àsec may collect the following information:

  • Identity data: last name, first name, contact details (postal address, landline or mobile phone number, email address);
  • Professional data: resume, cover letter;
  • Contact details: messages sent to the Website via contact forms, any correspondence that may be sent to us, the department to which the request is addressed.
  • Sending commercial information and participation in competitions:

In general, 5àsec complies with the rules laid down in Articles 6 and 7 of the European Data Protection Regulation, which requires the prior express consent of the User for the sending of commercial solicitations by email and/or SMS (sending of advertising messages, offers, promotions, contests).

Through the website, via our collection media, or when you visit a store, 5àsec requests your prior consent by inviting you to fill in your personal information:

  • Identity data: surname, first name, contact details (postal address, landline or mobile phone number, email address), date of birth

As an exception, in the context of the service, as a customer, without your consent, 5àsec may process your data to send you commercial information by electronic means, provided that you are already a 5àsec customer and that the purpose of the mailing is to offer you similar products or services. These messages are sent for the legitimate interests pursued by 5àsec and in accordance with the balance of interests between customers and 5àsec.

In all cases, you have the option to opt out of receiving this commercial information by taking the following actions:

  • For emails, by clicking on the unsubscribe link provided in each email;
  • For text messages, by sending “STOP SMS” to the number indicated in the message;
  • Write todpo.fr@5asec.com
  • Loyalty program:

In order to manage your membership in the loyalty program, 5àsec may ask you for the following information:

  • Identity details: title, surname, first name, contact details (postal address, landline or mobile phone number, email address), date of birth
  • Payment management and collection of banking details

For all orders placed via a 5àsec website or mobile app, a secure payment system is available to Users.

This payment system is managed by 5àsec’s banking partner, in accordance with current regulations. Credit card details are deleted after the transaction has been completed or securely archived by the banking partner in the event of a complaint or dispute for a maximum of 13 months.

  • Video surveillance

In order to ensure the safety of property and people, 5àsec has installed video surveillance in its establishments.

The following data may be processed:

  • Image, area name, date, and time
  • Traffic statistics on 5àsec websites:

Cookies and other trackers may be stored and/or read on your device when you visit the websites of 5àsec and its subsidiaries.

The data that may be processed is:

  • Connection data: IP address, pages viewed by the user, date and time of the visit (see details about cookies below).
  • Geolocation of mobile applications

We use technologies that allow us to determine the current location of your mobile device. This feature requires your consent and can be disabled when installing the application or later in your phone settings. Unless you give your consent, information related to your movements is not stored.

  • Management of GDPR rights requests addressed to the DPO

In the context of managing requests to exercise GDPR rights, 5àsec may process the following information:

  • Identity data: last name, first name, postal address, email address
  • Contact details: subject of the request, follow-up, data relating to the applicant recorded in 5àsec’s processing (in the case of exercising their rights), statistics

In addition, 5àsec and its subsidiaries may collect personal data for other purposes, based on legal obligations, the legitimate interest of 5àsec, or by taking care to obtain the prior consent of the individuals concerned in a free, specific, informed, and unambiguous manner, including by electronic means.

ARTICLE 5 – DATA RETENTION PERIOD

5àsec will store your personal data in a secure environment for the period necessary to fulfill the purposes for which it was collected or for the maximum storage period provided for by the applicable legislation in your country.

The table below summarizes the main maximum retention periods applicable, depending on the purposes for which 5àsec may need to process your data. These periods may be subject to change depending on the legislation of the country where the subsidiary is located.

These maximum periods apply unless you request the erasure or cessation of use of your data before the expiry of these periods, for a legitimate reason that does not conflict with a legal period imposed on 5àsec.

Purposes Retention periods
Responses to satisfaction surveys 2 years from the last contact
Customer file, promotional and loyalty operations, contests, sending commercial offers Until consent is withdrawn or 3 years from the end of the commercial relationship or the last contact initiated by the customer or prospect, unless they object
Newsletter management Until the person unsubscribes
Management of orders and in-store services 10 years for accounting data
Duration of the contractual relationship, plus 5 years for intermediate archiving
Payment management Data concerning means of payment is processed by 5àsec’s payment service providers only for the duration of the limitation period for payment transactions.
Video surveillance for the purpose of ensuring the safety of property and persons visiting 5àsec stores and its subsidiaries 30 days from recording
Audience measurement and personalization of websites and mobile applications, cookie management 13 months maximum
User’s choice to accept or refuse cookies: 6 months
Management of GDPR rights requests Right to erasure and right to rectification: 1 year from receipt of the request

Right of access: 5 years from closure

Right to object: 6 years after the deadline by which the organization was required to respond to the data subject

Proof of identity: 1 year from the date of the request, except in cases where the right to object is exercised
Application management Recruitment process time

ARTICLE 6 – SECURITY MEASURES

Taking into account technological developments, implementation costs, the nature of the data to be protected, and the risks to individuals’ rights and freedoms, 5àsec implements all appropriate technical and organizational measures to ensure the confidentiality of the personal data collected and processed and a level of security appropriate to the risk.

ARTICLE 7 – COMMUNICATION OF PERSONAL DATA

The personal data collected is intended for the specially authorized internal departments of 5àsec and its subsidiaries.

In the event that 5àsec entrusts data processing activities to subcontractors, only subcontractors who provide sufficient guarantees regarding the implementation of appropriate technical and organizational measures are used, so that the processing meets the reliability and security requirements of the applicable regulations and guarantees the protection of individuals’ rights.

5àsec reserves the right to transmit your personal data in order to comply with its legal obligations, and in particular if it is required to do so by court order.

In accordance with the regulations in force, your personal data may be transmitted to organizations, court officers, and public officials authorized by a legislative or regulatory provision, in the context of a specific mission or the exercise of a right of communication. When 5àsec receives a request for communication from a third party based on a text, 5àsec ensures that the provision put forward is in force and that it effectively provides for a right of communication for the benefit of the requester.

5àsec ensures that it only transmits the data provided for in the text or, in the event of any inaccuracy in the latter, only the data that it considers strictly necessary to achieve the intended purpose. The communication of data will be carried out in accordance with procedures that ensure its security, adapting the measures taken to the nature of the data and the risks involved.

Your data may also be transmitted to 5àsec’s commercial partners, subject to your prior consent, for the purpose of commercial solicitation.

You may subsequently object to receiving such information from our partners by taking the following actions:

  • For emails, by clicking on the unsubscribe link provided in each email;
  • For text messages, by sending a text message saying “stop” to the number indicated in the message;
  • Write todpo.fr@5asec.com

The list of 5àsec’s commercial partners who may receive your personal data is available by clicking on the following link: List of partners

ARTICLE 8 – TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION

5àsec processes personal data mainly within the European Union.

5àsec may transfer data to its subsidiary in Switzerland, a country recognized by the European Commission as having an adequate level of data protection.

In the event of a transfer to its subsidiaries or partners outside the European Union and outside countries that have been subject to an adequacy decision by the European Commission, 5àsec will put in place tools or mechanisms to regulate data transfers in accordance with European regulations.

ARTICLE 9 – INDIVIDUAL RIGHTS

In accordance with Regulation (EU) 2016/679 on the protection of personal data, you have the following rights over your data: right of access, right of rectification, right to erasure (right to be forgotten), right to object, right to restriction of processing, right to portability.

You may also set guidelines for the storage, erasure, and communication of your personal data after your death.

5àsec has a Data Protection Officer (DPO) whom you can contact in case of difficulty.

To exercise your rights, you can contact us by:

  • Postal mail to the Data Protection Officer: DPO 5àsec – Avenue Vibert 38, 1212 Grand-Lancy SWITZERLAND
  • Email at dpo.fr@5asec.com

Please specify the subject of your request and the right(s) you wish to exercise. If there is reasonable doubt about your identity, you may be asked to provide proof of identity.

If, after contacting us, you feel that your rights have not been respected, you may lodge a complaint with the CNIL or the data protection supervisory authority in your country.

ARTICLE 10 – COOKIES: purposes and settings

5àsec websites use cookies to ensure the proper functioning and optimization of the website and the services offered, and to compile visitor statistics.

A cookie records information relating to your computer’s browsing on our website (the pages you have visited, the date and time of the visit, etc.) which we can read during your subsequent visits. You can refuse the recording of cookies by configuring your browser settings as indicated below. In this case, access to certain services and sections of the site may be altered or even impossible.

Functional cookies facilitate navigation and improve the user-friendliness of websites.

Audience measurement cookies record information about your computer’s browsing activity on our site (the pages you have visited, the date and time of your visit, etc.).

More specifically, the cookies installed on the site are intended to:

  • to track audience statistics
  • on sites with a login, to allow you to log in or keep the session active
  • to enable or facilitate electronic communication
  • record your choice to accept cookies

You can refuse the recording of audience measurement cookies by clicking on the “refuse all” pop-up window or by configuring your browser settings as indicated below.

To refuse cookies:

You can refuse cookies via the pop-up window when you access the site or by configuring your browser settings, in particular as follows:

For Microsoft Edge: https://support.microsoft.com/fr-fr/microsoft-edge/supprimer-les-cookies-dans-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

For Firefox: https://support.mozilla.org/fr/kb/effacer-les-cookies-pour-supprimer-les-information

For Google Chrome: https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=fr

For Safari: https://support.apple.com/fr-fr/HT201265

Where applicable, users are informed that access to certain services and sections of the website may, in this case, be altered or even impossible.

The retention period for cookies varies depending on the type of cookie. We mainly use cookies that self-destruct after the end of the connection. These are known as session or navigation cookies.

Finally, information concerning your consent to cookies is stored for a maximum period of 13 months.

Google Analytics and Privacy

We use Google Analytics to track activity on our websites and to find out how many users visit our pages and what content and pages are viewed. The analysis is anonymous. Google Analytics cookies are stored on your device and may be transferred to a Google server in the US, where they will be stored. Google will use this information to evaluate your use of the website, to compile reports on website activity for website operators, and to provide other services related to website and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf.

ARTICLE 11 – CHANGES TO THIS POLICY

In the event of a change to this Policy by 5àsec or if required by law, it will be published on our websites and will be effective upon publication. We therefore invite you to refer to it each time you visit our websites and applications in order to familiarize yourself with the latest version available.

Find my store