Personal Data Protection Policy
GeoPost is committed to personal data protection both during our business operations and as part of the services provided.
This Policy sets out the principles and guidelines we apply to protect your Personal Data. It is designed to explain:
- The types of Personal Data we collect and the reasons why we collect it;
- How we use your Personal Data;
- Your rights as the data subject.
This Policy applies to all services of GeoPost SA.
How does GeoPost deal with Personal Data Protection?
GeoPost considers the protection of your Personal Data and privacy when designing new products and services. To ensure the security of your Personal Data and safeguard the proper exercise of your rights, GeoPost implements measures designed to protect your Personal Data.
What Personal Data are used by GeoPost?
GeoPost undertakes to only collect the data that is strictly necessary for the provision of the requested services.
If optional data is requested, you will be given a clear explanation of the Personal Data GeoPost needs to provide the requested service and the data you may decide to provide voluntarily.
Your Personal Data is collected from you directly or from the sender of your parcel and will only be used for the purposes notified to you.
Your Personal Data will only be used to propose other services if you have agreed to receive commercial communication.
To which services or companies are your Personal Data transferred to?
Your data may be transferred to:
- Departments within GeoPost: departments in charge of performing the requested services;
- External providers: technical service providers, including sub-contractors;
- Companies of La Poste Group, for the performance of the services.
Can your Personal Data be transferred to non-EU countries?
GeoPost carries out all Personal Data processing activities within the European Union (EU).
However, for some specific services, GeoPost may use data processors located outside of the EU. Some of your Personal Data may therefore be transferred to them for the strict purposes of their services. In such cases and in accordance with the regulations in force, GeoPost requires its data processors to provide the necessary safeguards to ensure regulated, secure transfers, mainly by requiring them to sign the European Commission’s standard contractual clauses.
How long will GeoPost keep your Personal Data?
Different retention periods apply for the various services we provide. GeoPost undertakes not to retain your Personal Data any longer than is necessary for the provision of the service or for compliance with the retention periods arising from the applicable limitation periods.
Are your Personal Data protected?
GeoPost undertakes to adopt all measures protecting the security and confidentiality of your Personal Data and, in particular, to prevent any damage, erasure or unauthorised access by a third party.
If your Personal Data is affected by a security breach (destruction, loss, alteration or disclosure), GeoPost undertakes to fulfil our obligation to notify Personal Data Breaches, in particular to the French Data Protection Authority (CNIL).
What are your rights concerning your Personal Data?
You may contact GeoPost to exercise your rights held under the personal data regulations in force at any time:
- Right of access: you may obtain a copy of your Personal Data being processed by GeoPost;
- Right to rectification: you may update your Personal Data or ask us to rectify your Personal Data processed by GeoPost;
- Right to object, in particular to prevent direct marketing: you may notify your preference not to receive direct marketing from GeoPost or ask GeoPost to stop processing your Personal Data;
- Right to erasure: you may ask GeoPost to delete your Personal Data;
- Right to restrict processing: you may ask GeoPost to suspend the processing of your Personal Data;
- Right to data portability: you may ask GeoPost to retrieve your Personal Data for reuse.
Whenever you sign up for a service or provide Personal Data, GeoPost will state the postal and/or email address to which any data subject requests may be sent.
All requests must be submitted with proof of your identity. GeoPost undertakes to respond to your data subject requests without undue delay and in any event, within the times imposed by law.
Has GeoPost appointed a Data Protection Officer?
The appointment of a Data Protection Officer reflects GeoPost’s commitment to ensuring the protection, security and confidentiality of Personal Data.
Our Data Protection Officer may be contacted at the following address:
Data Protection Officer
9 Rue du Colonel Pierre Avia
Glossary Data Protection Policy
All capitalised terms are defined as follows:
“Data Protection Policy”: Means this Policy describing the measures adopted for the processing, exploitation and management of your Personal Data and your data subject rights.
“Personal Data”: Means any information relating to you that can be used to identify you, directly or indirectly.
“Processing”: Means any operation or any set of operations performed on your Personal Data.
“Personal Data Breach”: Means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your Personal Data.