Privacy policy
What is the purpose of this policy?
Provost Distribution, which manages the provost.fr website, attaches great importance to the protection and confidentiality of your personal data, which represents for us a pledge of seriousness and trust.
The data privacy policy precisely reflects our desire to ensure that Provost Distribution complies with the applicable rules on data protection and, more specifically, those of the General Data Protection Regulation ("GDPR").
In particular, the privacy policy aims to inform you about how and why we process your data as part of the services we provide.
Who does this policy apply to?
The policy applies to you, regardless of where you live, if you are a customer or visitor to the provost.co.uk website.
If you are a candidate for a position within Provost Distribution, you can consult the "candidate" policy which is accessible at all times on our dedicated page on provost.fr.
Why do we process your data?
As part of the services we offer, we necessarily need to process your personal data in order to:
● browse our website, benefit from our services and so that we can respond to your requests (e.g. requests for information, complaints, etc.) on the basis of our general terms of use and our legitimate interest in providing you with the best possible service.
● to keep you informed of our latest offers and events by email, telephone and post, based on our legitimate interest in building customer loyalty and prospecting for potential new customers.
● follow us and comment on our publications on social networks on the basis of our legitimate interest in benefiting from a dedicated page on social networks.
● use our instant messaging service on the basis of our legitimate interest in exchanging easily with you.
● receive our newsletter informing you about all the news concerning our services on the basis of your consent.
● operate the videos on our site on the basis of our legitimate interest in offering you content in video format.
● display public reviews written by users of our service on the basis of our legitimate interest in promoting our service.
● ensure your safety and that of our teams within our premises by using video protection cameras on the basis of our legitimate interest.
Your data is collected directly from you when you use our website and we undertake to process your data only for the purposes described above.
On the other hand, when you voluntarily publish content on the pages we publish on social networks, you acknowledge that you are entirely responsible for any personal information you may transmit, whatever the nature and origin of the information provided.
At most, we only use cookies that are anonymized and therefore exempt from consent, in accordance with the provisions of the French Data Protection Authority (CNIL).
For information on cookies, please consult our dedicated Cookie Policy on our website.
What data do we process and for how long?
We have summarized the categories of personal data we collect and their respective retention periods.
If you would like even more details on the retention periods applicable to your data, you can contact us at: dpo@dipeeo.com.
● Professional identification data (e.g. surname, first name, position, company, etc.) and contact details (e.g. email address and business telephone number, etc.) retained for the entire duration of the provision of the service, plus the statutory limitation periods, which are generally 5 years.
● When there is confusion between the name of your organization and your personal name (e.g.: self-employed entrepreneur, very small business, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) retained for the duration necessary for the transaction and the management of invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.
● Email address for our commercial prospecting campaigns by email, kept for a maximum of 3 years from the last contact we had with you.
● Telephone number as part of our commercial prospecting campaigns by telephone, kept for a maximum of 3 years from the last contact we had with you.
● Postal address for our commercial prospecting campaigns by mail, kept for a maximum of 3 years from the last contact we had with you.
● Email address to receive our newsletter, kept until the end of your newsletter subscription.
● Statistical data relating to the viewing of our videos which are anonymized and kept indefinitely.
● Connection data (e.g. logs, IP address, etc.) kept for 1 year.
● Cookies which are generally kept for a maximum of 13 months. For more details on how we use your cookies, you can consult our cookies policy accessible at any time on our website.
Once the retention periods described above have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you after this period. At most, we can only keep anonymous data for statistical purposes.
Please also note that in the event of litigation, we are obliged to retain all data concerning you for the duration of the case, even after the expiry of the retention periods described above.
What rights do you have to control the use of your data?
Applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge, to control how we use your data.
● Right to access and copy your personal data, provided that this request does not conflict with business secrecy, confidentiality or the secrecy of correspondence.
● Right to rectify any personal data that may be erroneous, obsolete or incomplete.
● Right to object to the processing of your personal data for commercial prospecting purposes.
● The right to request the erasure ("right to be forgotten") of personal data that is not essential to the proper functioning of our services.
● Right to the limitation of your personal data, which makes it possible to photograph the use of your data in the event of a dispute over the legitimacy of a processing operation.
● Right to portability of your data which allows you to retrieve part of your personal data in order to store or transmit them easily from one information system to another.
● Right to give instructions on the fate of your data in the event of your death either through yourself or through a trusted third party or beneficiary.
For a request to be taken into account, it must be sent directly by you to dpo@dipeeo.com. Any request not made in this way cannot be processed.
Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the person making the request.
We will respond to your request as quickly as possible, within one month of receipt, unless the request is complex or repeated. In this case, the response time may be up to three months.
Please note that we can always refuse to respond to any excessive or unfounded request, particularly in view of its repetitive nature.
Who can access your data?
WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS. ALL YOUR PERSONAL DATA IS USED EXCLUSIVELY BY OUR TEAMS OR BY OUR IT SERVICE PROVIDERS.
More specifically, we only share your data with people who are duly authorized to use it to provide you with our service, such as our IT department or our customer relations department.
Your personal data is also transferred to our IT service providers for the sole purpose of technically operating our service (e.g. data hosting).
Please note that we check all our IT service providers before hiring them, to ensure that they scrupulously comply with the applicable rules on the protection of personal data.
How do we protect your data?
We implement all the technical and organizational means required to guarantee the security of your data on a day-to-day basis and, in particular, to combat any risk of unauthorized destruction, loss, alteration or disclosure of your data (e.g. training, access control, passwords, antivirus, backup servers, "https", etc.).
Can your data be transferred outside the European Union?
Unless strictly necessary and on an exceptional basis, we never transfer your data outside the European Union, and your data is always hosted on European soil. Furthermore, we do our utmost to recruit only service providers who host your data within the European Union.
Should our service providers nevertheless transfer your personal data outside the European Union, we take great care to ensure that they implement appropriate safeguards to ensure the confidentiality and protection of your data.
Who can you contact for further information?
To best guarantee the protection and integrity of your data, we have officially appointed an independent Data Protection Officer ("DPO") with our supervisory authority.
You can contact our DPO at any time, free of charge, at dpo@provost.fr for further information or details on how we process your data.
How can you contact the CNIL?
You may at any time contact the "Commission nationale de l'informatique et des libertés" or "CNIL" at the following address: CNIL Complaints Department, 3 place de Fontenoy - TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.
Can the policy be modified?
We may modify our privacy policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.
Certified by Dipeeo ®