Publisher: Laurence Job – laurence_job[at]carrefour.com
Website: All existing sites, web pages and online services offered by the Publisher.
The User: The person using the website and services.
The nature of data collected
In connection with the use of the Sites, the Publisher may collect the following data categories concerning its Users:
- Vital records, identity, identification
- Connection data (IP addresses, event logs)
Aggregation of data
Aggregation with non-personal data
We may publish, disclose and use aggregated data (data about all our Users or specific groups or categories of Users that we combine so that an individual User can no longer be identified or referred to), as well as non-personal data for market and market analysis, demographic profiling, promotional and advertising purposes, and other business purposes.
Aggregation with personal data available on the User’s social media accounts
If you connect your account to an account of another service for cross-posting, that service may provide us with your profile information, login information, and any other information you have authorised for disclosure. We may aggregate the data concerning all our other Users, groups, and accounts, and concerning the personal data available about the User.
Cookie storage period
In accordance with CNIL recommendations, the maximum cookie storage duration is 13 months maximum after they are first deposited on the User’s terminal, as is the duration of the validity of the User’s consent to the use of these cookies. The lifespan of the cookies is not extended with each visit. User consent must therefore be renewed at the end of this period.
Cookies may be used for statistical purposes, in particular to optimise the services rendered to the User, based on the processing of information concerning the frequency of access, the personalisation of the pages as well as the operations carried out and the information consulted.
You are informed that the Publisher may deposit cookies on your terminal. The cookie collects data concerning the browsing of the service (the pages you have visited, the date and time of your visit) that we will be able to read during your later visits.
Storage of technical data
Length of storage of technical data
Technical data are kept for the period strictly necessary for the accomplishment of the purposes mentioned above.
Storage period for personal data and anonymisation
Deleting data after deleting the account
Data purging means are set up in order to provide for their effective deletion as long as the storage or archiving period necessary for the accomplishment of the determined or imposed purposes is reached. In accordance with Law n° 78-17 of 6 January,1978 concerning data processing, files and freedoms, you also have the right to delete your data, which you can exercise at any time by contacting the Publisher.
Deleting data after 3 years of inactivity
For security reasons, if you have not logged into the Site for a period of three years, you will receive an e-mail inviting you to log in as soon as possible, otherwise your data will be deleted from our databases.
Deleting the account
Deleting the account on request
The User may delete their Account at any time by simply asking the Publisher OR via the delete my Account menu in the Account settings, where appropriate.
Deleting the account after violation of the TOS
In the event of a breach of one or more provisions of the TOS or any other document incorporated herein by reference, the Publisher reserves the right to terminate or restrict without prior notice and in its sole discretion, your use of and access to the services, your account and all Sites.
Indications in case of a security breach detected by the Publisher
User data in the event of a security breach
We undertake to implement all appropriate technical and organisational measures to ensure a level of security adapted to the risks of accidental, unauthorised or unlawful access, disclosure, alteration, loss or destruction of personal data about you. In the event that we become aware of illegal access to personal data about you stored on our servers or those of our service providers, or of unauthorised access resulting in the materialisation of the risks identified above, we commit to:
- Notifying you of the incident as soon as possible;
- Examining the causes of the incident and inform you about them;
- Taking the necessary measures, where reasonable, in order to reduce the negative effects and harms that may result from this incident.
Limitation of liability
Under no circumstances do the commitments defined above relating to notification in the event of a security breach amount to any acknowledgement of fault or responsibility for the occurrence of the incident in question.
In the event that the current TOS are changed, we commit to avoid substantially lowering the level of confidentiality without informing the persons concerned in advance.
We commit to informing you in the event of substantial changes to the current TOS, and to avoid substantially lowering the level of confidentiality of your data without informing you and obtaining your consent.