GDPR compliance

1. New General Data Protection Regulation

From 25 May 2018, the new European Regulation on the protection of personal data (GDPR) came into force.
This regulation is intended to restore European residents’ control over their personal data.
The ABRISUD Group and its subsidiaries decided to further strengthen your trust with more transparency regarding the processing and use of your personal data.
We would like to inform you that the ABRISUD Group ensures the protection of your personal data. Under no circumstances will your personal data ever be passed on to a third party without your consent.

2. We inform you that in order to comply with the GDPR, we undertake to:

Obtain the clear and explicit consent of the individual providing us with their personal data, unless the collection of the data is mandatory;
Inform you of the use that will be made by the ABRISUD Group of your personal data, whether it is your data or that of our suppliers;
Inform you on your rights with regard to the possibility, where appropriate, of objecting to or consenting to such use, as well as exercising a right of access, rectification, or deletion of the data;
Set retention periods for all categories of data according to the rules of prescription and legal archiving;
Not request more data than the ABRISUD Group needs for its activity.

3. Our privacy policy

Here is a list of the most significant changes to our privacy policy:

More detailed and clearer information about the data we collect and process each time you visit our website;
More transparency around how we may share data, with our contractors and partners, with your consent;
More detailed information on your rights and how to exercise them.
Providing greater control over the cookies we use in our business (in progress).
Communication of the contact details of the Data Protection Officer (DPO).

4. Personal data protection


The processing of your personal data is carried out in accordance with the “Freedom of Information” Act no. 78-17 of 6 January 1978 and as of 25 May 2018 with the European Regulation no. 2016/679 of 27 April 2016 on the Protection of Personal Data.

Definition of “personal data”.

Personal data is “any information relating to an identified or identifiable individual”.

“An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to a unique identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

What data do we collect?

The information collected through the forms on this site is used to better meet your expectations.

Please note that some answers are mandatory (those marked with an asterisk) because they are necessary for executing the agreement or for pre-contractual measures.

If you do not reply, we will not be able to process your request.

Other answers are optional.

The data we collect include:

Information relating to your identity such as your surname, first name, and gender;
Your contact details such as postal address, email address, and telephone number;
Information about your project such as cover, enclosure, etc.
Why do we collect your data? (Processing purposes)

Your personal data will only be collected and used if you have given your consent or if this use is based on one of the legal grounds provided by law. Namely:

Processing is necessary for the performance of the agreement or pre-contractual measures;
Processing is necessary for compliance with a legal obligation;
Processing is necessary for the protection of our legitimate interests.
Vos données sont collectées pour les finalités suivantes:

Preparation of quotations;
Execution of the order;
Possible after-sales processing;
Implementation of legal and commercial guarantees.
If you provided your consent, this data may also be used for the following purposes: 

Commercial prospecting;
Sending commercial offers;
Carrying out satisfaction surveys;
Establishment of statistics.
Transfer of your data

Your data is reserved for our files.
It may however be communicated to partner companies. These include companies belonging to our Group, companies belonging to our Network, and companies holding a partnership agreement with our Group.

We inform you that your personal data will not be transferred outside the European Union. 
Duration of data retention
We undertake not to retain your personal data for longer than necessary.

The personal data we collect is retained:

For a period of 3 years for a prospect
For a maximum period of 35 years for a client
At the end of these periods, your data will be destroyed or anonymised (made anonymous)

Your rights

We inform you that you benefit from:

A right of access to your personal data;
A right to rectify any inaccuracies in your personal data;
In certain circumstances, a right to delete data concerning you;
In certain circumstances, a right to object to the processing;
In certain circumstances, a right to the limitation of processing;
A right to portability of your data;
A right to withdraw consent (where consent is required).
In order to exercise these rights, you should write:

A postal letter to the following address:
For the attention of the Data Protection Officer (DPO)
15, Rue Louis Aygobère
ZA du Pont Peyrin

Or an email to the following address:
We inform you that you also have the right to lodge a complaint with a supervisory authority (CNIL) by writing to the following address:

CNIL, 3 Place de Fontenoy, TSA 80715 à 75334 PARIS Cedex – FRANCE

Data controller

The controller of personal data is: 
ABRISUD 15, Rue Louis Aygobère ZA du Pont Peyrin 32600 L’ISLE JOURDAIN, Auch Companies Register no. 397 909 938.