Privacy Policy | Majorian

Version 1.1

Preamble

The www.majorian.fr website (hereinafter the “Website“) and the Services sold are operated by MAJORIAN, SAS, registered with the Nanterre Trade and Companies Register under number B 532 956 166, whose registered office is at 3 Esplanade du Foncet 92130 ISSY LES MOULINEAUX (hereinafter the “Data Controller“).

Access to the Site and its functions requires the collection and processing of Users’ personal data. It was therefore necessary to establish a policy for the protection of personal data in order to comply with the recommendations for the processing of personal data as laid down by the applicable laws and regulations.

The Site’s Data Protection Policy has been drawn up in accordance with the recommendations of the Commission Nationale de l’Informatique et des Libertés (CNIL). Its purpose is to inform Users of the Site of the way in which their personal data is processed and of the commitments and measures we have taken to ensure that the personal data of Users of the Site is respected.

It has been drawn up in accordance with the provisions of :

The Data Protection Act of 6 January 1978;
The European Regulation on Personal Data (known as the “GDPR”) of 23 May 2018;
The Law transposing the European Regulation on the Protection of Personal Data (R.G.P.D.) of 20 June 2018.

The version currently published on the Site is the current version of this policy. The Data Controller reserves the right to modify it at any time in order to comply with current legal obligations. Any changes made to the personal data protection policy will be communicated to Users in order to obtain their consent to the new policy.

By browsing our Site, Users acknowledge that they have read, understood and accepted this data protection policy. Any questions relating to this policy may be sent to the following address:contact@majorian.fr .

Article 1 – Definitions

1.1 Technical terms relating to the protection of personal data

On our Site, the terms below have the meaning ascribed to them in the R.G.P.D. (art.4):

Consent: “any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she signifies his or her agreement, either by a declaration or by a clear and positive act, to personal data relating to him or her being processed”;

Controller: “the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing operation; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or specific criteria for such designation may be laid down in Union law or in the law of a Member State”;

Processor: “the natural or legal person, public authority, department or other body which processes personal data on behalf of the controller”;

Processing: “any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction”;

Personal data breach: “a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed”.

1.2 Other terms used herein

“Services“: refers to the Services provided by the Data Controller;

“Site“: refers to the www.majorian.fr Site operated by the Data Controller and made available to the User;

“User“: refers to any individual using our Site and having access to its content.

Article 2 – What is personal data?

Personal data” refers to any information that can directly or indirectly identify a natural person (surname, first name, e-mail address, telephone number, postal address, etc.).

As such, the GDPR defines personal data as: “any information relating to an identified or identifiable natural person (hereinafter “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity;”.

Article 3 – Data relating to minors

In accordance with the provisions of Article 8 of European Regulation 2016/679 and the French Data Protection Act, only minors aged 15 or over may consent to the processing of their personal data

Users under the age of fifteen (15) are invited to seek the consent of a legal representative – required by the Data Controller – in order for their personal data to be collected and in order to be able to use the Site’s services.

The Data Controller may not be held liable in the event of any user providing personal data concerning a minor under the age of fifteen (15).

Article 4 – Collection of personal data

We collect your consent.

When browsing the Site, Users will be asked on several occasions to provide some of their personal data (for the purposes indicated in article 5).

By providing his/her data, the User therefore consents to the collection and processing of the personal data provided by the Data Controller for the exclusive purposes detailed in article 5 of the Policy. This consent, together with other reasons, serves as the legal basis for the processing of the data collected.

The Data Controller collects and processes data that is strictly necessary for the purposes for which it is processed. We undertake to our Users that we will not process data for purposes other than those mentioned below. If we were to offer a new service on the Site, or any other feature of the Site, requiring the collection and processing of data, we undertake to collect the Users’ consent once again before offering the new service in question.

Whenever the Site processes personal data, the Data Controller takes all reasonable steps to ensure that the personal data is accurate and relevant to the purposes for which it is processed.

Article 5 – Purpose of processing

We collect data from Users solely for the following purposes:

Contact form

A contact form is available on the Website enabling users to contact MAJORIAN. To send a request, users must provide the following information: surname, first name, company name, telephone number and e-mail address.

The information is processed for the purposes of :

Managing the contact request ;
Respond to and process the User’s request;
Plan any prospecting meetings;
Archive the request.

The legal basis is the User’s consent to the processing of his/her data.

By completing the form, the User may also consent to receiving information from MAJORIAN and its entities. Users may unsubscribe at any time by using the unsubscribe function contained in the emails or by sending an email to the Data Controller.

Solutions

The MAJORIAN Group offers its customers a range of solutions under the names CADHI, TERITORIA, CLOROFIL, MENTORHI, PEACE & WORK and JOB HOSPITALITY.

To find out how personal data is processed by the various entities referred to above, the User is invited to refer to the corresponding privacy policies of each solution, which are available online on their dedicated website.

Careers page – Submit an offer

On its Website, MAJORIAN places job offers online for employees in the hotel and restaurant sector. To apply for a vacancy, Users must provide the following information: surname, first name, e-mail address, telephone number, CV and portfolio.

The information is processed for the purposes of :

Collecting applications ;
Processing the application ;
Provide an answer to the candidate ;
If the application is shortlisted, it will be forwarded to MAJORIAN’s partner companies that have published the vacancy;
If the Candidate has given his/her consent, keep the Candidate’s CV in a “Candidates” database for a period of two (2) years.

The legal basis is the Candidate’s consent to the processing of his/her data and the execution of a Contract between MAJORIAN and the partner company that submitted the offer, for the transmission of qualified applications.

Analysis of navigation information

When browsing the Site, Users may be asked to enter their personal connection details.

Connection data and browsing information are used solely for statistical studies (analysis of site traffic and user experience) and other purposes mentioned in the cookies policy.

The legal basis is as follows: Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller, in particular to offer Users a smooth and improved browsing experience.

Connection data is also used to prevent and combat computer fraud.

The legal basis is the response to a legal obligation.

Article 6 – Data retention period

We do not exceed the legal data retention periods and User data is only retained for as long as is necessary for the purposes for which it was collected.

The retention periods are as follows:

Data on Users who are prospects: this is kept for a maximum of three (3) years after the last clear interaction from the User, or earlier if the User has exercised a right in application of the General Data Protection Regulation;
Data from Users who have used the contact form: this is kept for a maximum of three (3) years after the last clear interaction from the User, or earlier if the User has exercised a right under the General Data Protection Regulation;
Candidate data: kept for up to two (2) years after transmission of the application.
Connection data: this is kept for a maximum of 13 months.

In establishing our data processing policy, we have drawn up a reference grid for data retention periods, based on the recommendations of the CNIL. In addition, the Data Controller may retain certain personal data in order to fulfil its legal or regulatory obligations, to enable users to exercise their rights, or for statistical purposes. At the end of the retention period, personal data will be deleted or made anonymous.

Article 7 – Access to data

Data collected via the Site is intended exclusively for the following recipients.

7.1 hosting

The Site is hosted by AMAZON WEB SERVICES on servers in France and Ireland.

The host has access to the data within the limits of its respective remits, for the purposes of hosting the Site. It has limited access to User data as part of the performance of these services and has a contractual obligation to use it in accordance with the provisions of the applicable regulations on the protection of personal data.

7.2 service providers

The Site and the Data Controller rely on certain third-party services to provide certain functions. These third parties have limited access to User data for the purposes of providing these services and are contractually obliged to use it in accordance with the provisions of the applicable regulations on the protection of personal data.

NAME	Function	Accessible data
AWS	Site hosting	All data supplied by Users on the Site
MIRACLE	Website creation	All data supplied by Users on the Site
DJUST	Website creation	All data supplied by Users on the Site
HUBSPOT	CRM for processing the data of Users with prospect status	Surname, first name, e-mail address, telephone number, addresses.

Users’ statistical data (cookies) are used to improve the user experience and to enhance the Site’s functionalities. Users are invited to refer to the site’s cookies policy.

7.3 Legal obligations

Data may also be transmitted by the Data Controller to third parties and competent authorities in order to comply with legal, judicial, fiscal or regulatory obligations. The Data Controller guarantees Users that no personal data will be transferred to an unauthorised third party without the User’s prior, voluntary, informed, express and written consent.

The Data Controller undertakes not to process, host or transfer Information collected from its users to a country outside the European Union or recognised as “non-adequate” by the European Commission without first informing the owner of the data and obtaining its consent.

Article 8 – Data protection

The Data Controller has taken all the necessary precautions, in line with the state of the art, to protect your information in a secure environment in order to prevent any destruction, loss, alteration, distribution or unauthorised access. Despite our best efforts, no method of transmission over the Internet and no method of electronic storage is completely secure. Consequently, we cannot guarantee absolute security. If we become aware of a breach of security, we will notify the users concerned so that they can take appropriate action. Our incident notification procedures take account of our legal obligations, whether at national or European level.

In the event that the integrity and confidentiality of your data are compromised, the data controller undertakes to comply with the procedures put in place under the French Data Protection Act of 6 January 1978 and the European Data Protection Regulation (“RGPD”).

The Data Controller does not resell or outsource User data.

Article 9 – Individual rights

In accordance with the French Data Protection Act of 6 January 1978 and the European Data Protection Regulation (“E.D.P.R.”), Users of the Site have the following rights:

9.1 Right of access, rectification and deletion

Users may find out about, update, modify or request the deletion of data concerning them by sending an e-mail to the person responsible for processing personal data, specifying the subject of their request and using the contact e-mail address: . dpo@majorian.fr

9.2 Right to

The User has the right to request the portability of his/her personal data, held by the Site or by the Data Controller, to another site, by making a request for the portability of his/her personal data to the Data Controller, by sending an e-mail to the address provided above.

9.3 Right to limit and object to data processing

The User has the right to request the restriction of or to object to the processing of his/her data by the Data Controller, without the latter being able to refuse, unless it can demonstrate the existence of legitimate and overriding reasons, which may override the interests and rights and freedoms of the User.

The User must make a request to the data controller to restrict the processing of his/her personal data, by sending an e-mail to the above address.

9.4 Right not to be subject to a decision based exclusively on an automated process

In accordance with the provisions of Regulation 2016/679, the User has the right not to be subject to a decision based exclusively on an automated process if the decision produces legal effects concerning him or her, or significantly affects him or her in a similar way.

9.5 Right to determine the fate of data

Users are reminded that they may organise what is to become of their data collected and processed if they die, in accordance with law no. 2016-1321 of 7 October 2016.

Article 10 – Exercise of Rights

10.1 How to exercise rights

To exercise any of your rights, simply :

Write to the Data Controller at the address of its registered office;
Or send an e-mail to dpo@majorian.Fr.

Enter your full name and address and enclose proof of identity.

The data controller is Mr Kenny Van Looveren dpo@majorian.fr

Requests will be processed within one month, unless a compelling reason is given and justified by the Data Controller to extend the deadline.

10.2 Referral to the

If the Data Controller does not satisfy the User’s request, the User is entitled to refer the matter to the CNIL (Commission Nationale de l’Informatique et des Libertés, https://www.cnil.fr) in order to assert his/her rights.

Article 11 – Cookie policy

11.1 What is a Cookie

The User is informed that a cookie is a small file deposited on the terminal of any user (computer, tablet or mobile device), by the Site, during its consultation. It does not contain any personal information, but enables a link to be made between the User’s device and their preferences for use and experience on the Site (e.g. location, language, font size).

11.2 consent

For the use of “cookie” files involving the storage and analysis of personal data, the User’s consent is always requested. This consent is valid for a period of thirteen (13) months, with one or more exceptions (see table Art.13), at the end of which the User will be asked for a new authorisation.

Article 12 – Use of cookies

In accordance with CNIL deliberation no. 2013-378 of 5 December 2013, the Data Controller informs Users of the Site that cookies record certain information which is stored in the memory of their hard disk. This information is used to generate audience statistics for the Site and to offer services according to the information they have already selected during their previous visits.

A warning message, in the form of a banner, asks each User visiting the Site whether they wish to accept cookies beforehand. In order to guarantee the free, informed and unequivocal consent of the User visiting the Site, the banner will not disappear until the User has continued browsing and configured his/her choices.

Unless the User has given their prior consent, cookies will not be deposited or read:

If any person who visits the Site (on the home page or directly on another page of the Site using a search engine, for example) does not continue browsing: a simple absence of action cannot be assimilated to an expression of will;
Or if they click on the link in the banner allowing them to set their cookie parameters and, where applicable, refuse to accept cookies.

We use and collect cookies in order to :

To process statistics and information on traffic on our Site and to optimise it as much as possible;
To offer our users a fluid browsing experience by adapting the presentation of the Site to the display preferences of the user’s terminal;
To store information provided on the Site by the User.

Article 13 – List of cookies

The list of cookies on the Site is :

Cookies	Purpose	Nature of the Cookie	Shelf life
GOOGLE ANALYTICS	Study of Site traffic statistics	Functional	13 months
HUBSPOT	Study of Site traffic statistics	Functional	13 months

Article 14 – Opposition and configuration

All Users may refuse to accept cookies by configuring their browser in the following way(s):

Open a private browser window ;
Configuration of cookies via the “Cookies” Widget available on the Site’s home page;
Configuring your computer so that a message appears asking you to accept, personalise or refuse cookies on each Site or systematically;
Or any other means available to the user.

Users may at any time choose to express and modify their wishes with regard to cookies. The Data Controller declines all responsibility for the consequences resulting from the operation of the Site and any services offered:

Refusal of cookies by the user ;
And/or the impossibility for the Site to record or consult the cookies necessary for their operation as a result of the user’s choice.

Article 15 – Browser software settings

Users can configure their browser software in such a way as to configure their choices regarding the use of cookies:

For Microsoft Edge^(TM): https://support.microsoft.com/en-us/microsoft-edge
For Safari^{TM :}http://docs.info.apple.com/article.html?path=Safari/3.0/fr/9277.html
For Chrome^(TM):http://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647
For Firefox^(TM):http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
For Opera^TM(:http://help.opera.com/Windows/10.20/fr/cookies.html

The User may also set their browser to accept or refuse cookies on a case-by-case basis before they are installed, or delete cookies from their terminal. The User is informed that by setting his/her browser to refuse cookies, certain functions of the Site may not be accessible and the Data Controller or Web Host may not be held liable in this respect.

Article 16 – Modification of the confidentiality policy

The Data Controller reserves the right to modify this Policy at any time. If a change is made to this Policy, the new version will be published immediately on the Site and the User’s agreement will be sought again. If the User does not agree with the terms of the new version of the Policy, he/she may no longer use the Site’s Services and no longer browse the Site.

Article 17 – Acceptance of the privacy policy by the User

By browsing the Site, the User certifies that he/she has read and understood this privacy policy and accepts its terms, particularly with regard to the collection and processing of his/her personal data and the use of cookies.