Data protection policy

The protection and security of your personal data is very important to us. We are therefore committed to protecting your privacy and handling your data confidentially. In this document, we are pleased to provide you with information about the specific data collected during your visit and the purposes for which it is used.

1. Preamble

Quarks Safety attaches particular importance to respecting the privacy of each individual, as well as all fundamental rights and freedoms, from which the protection of personal data derives.

2. Purpose and scope of application

The purpose of this Policy is to inform you of the way in which Quarks Safety handles personal data and to demonstrate its commitment to the protection of such data.
This policy applies to personal data processed within the framework of the activities and marketing of Quarks Safety software, by the employees of Quarks Safety.

3. Definitions

Personal data (hereafter “personal data“) is defined as any information relating to an identified or identifiable natural person. This data may make it possible to identify a person directly or indirectly.
The term “data subjects” refers to persons directly or indirectly identified or identifiable by personal data processed in the context of Quarks Safety’ activities.
The “data controller” in this case is Quarks Safety, which is the legal entity that determines the purposes and means of data processing, alone or jointly with others.
The term “service” or “product” refers to the Quarks Safety software.
Processing is defined as any operation or set of operations applied to personal data. These operations may or may not be carried out using automated processes, either by means of an IT tool or in writing. They may include collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

4. Commitments

Quarks Safety undertakes to ensure an optimal and appropriate level of protection of the personal data of its clients and users of its services, concerned by the processing of such data.

Quarks Safety undertakes to comply with the rules, obligations and principles of the regulations applicable to the processing of personal data, in particular those set out in Law no. 78-17 of 6 January 1978 relating to information technology, files and freedoms (known as the Loi Informatique et Libertés), amended by European Regulation 206/679 of 27 April 2016, known as the General Data Protection Regulation ( GDPR).

Quarks Safety undertakes in particular to respect the following principles:

• The lawfulness, fairness and transparency of personal data processing;
• Purpose limitation: personal data is processed for specified, explicit and legitimate purposes and is not further processed in a way incompatible with those purposes;
• Data minimisation: the collection and processing of data are limited to what is strictly necessary for the purposes identified, and are carried out in a way that is relevant and appropriate to those purposes;
• The personal data processed is accurate and kept up to date;
• The length of time that personal data is kept is determined in the light of the purposes identified and does not exceed what is necessary;
• Security measures are put in place to ensure the integrity and confidentiality of data processing.

5. Purposes of processing and legal basis

Quarks Safety only processes personal data for specific, explicit and legitimate purposes. Personal data is not processed in a way that is incompatible with these purposes, either now or in the future.

Contract performance:
Quarks Safety processes personal data in order to meet the performance requirements of contracts entered into with its customers. In this context, several purposes are determined:

• Management and operation of the Quarks Safety software
• Front / Mobile application development
• Importing customer data onto platforms
• Customer platform management
• Platform logging/tracking system
• Testing the platforms in real-life conditions on copies of customer databases

Legitimate interests:
Quarks Safety processes personal data for the purposes of legitimate interests pursued in order to ensure the smooth running of the company and the exercise of its activities. Within this framework, several purposes are determined:ice de ses activités. Dans ce cadre, plusieurs finalités sont déterminées :

• Communication between the company and external stakeholders (customers, organisations, employees, etc.)
• Management of company contacts in the form of a contact directory
• Training trainees on the Quarks Safety platform
• Website traffic analysis

Consent:
Quarks Safety may process personal data concerning individuals who have expressly agreed to provide such data, for the following purposes:

• Sending newsletters to subscribers
• Registration for events
• Management and processing of requests to exercise personal data rights

6. Categories of data processed

Quarks Safety processes personal data either collected directly from individuals or resulting from the need to use the services or solutions offered by the company. Only personal data that is strictly necessary for the purposes pursued is processed.

Different categories of personal data are processed:

• Identity: Surname, first names; Personal and/or business e-mail address; Personal and/or business telephone number; Login; Photographs
• Connection data: IP address; Cookies; Attempted connections
• Location details: Business address

Not all categories of data are processed for each purpose. Only the categories of data necessary for the purposes of each processing operation are processed.

7. Data access

The personal data collected and processed by Quarks Safety is intended for the company’s internal departments and for employees authorised to access it for the purposes of their professional activities.
Some of the data required to contact you may be passed on to commercial partners, solely for the purposes of commercial contacts and professional networking.
As part of the use of the Quarks Safety platform, certain data relating to the operation and use of the platform are accessible to client administrators. Each client administrator may only access data relating to the use of the platform by the company that employs them.

8. Shelf life

Personal data collected by Quarks Safety is processed and stored only for the time necessary to achieve the specified purposes.

Quarks Safety retains the personal data of the persons concerned in accordance with the retention periods that may be imposed by the applicable legislative and regulatory provisions, where applicable.

More specifically, for each processing of personal data carried out in the context of Quarks Safety’ professional activities, the retention periods for the data concerned are as follows:

Special data
Certain types of data, due to their special nature and scope, are not deleted after the stipulated retention period. This data concerns the chemical exposure of our customers’ employees. Data of this kind need to be kept for a long time, as the consequences of chemical exposure may only become apparent after several decades.

9. Data security

Quarks Safety ensures that personal data is treated with the utmost security and confidentiality. To this end, technical and organizational measures are implemented to prevent any accidental or unlawful destruction, loss, misuse, alteration, disclosure, intrusion or unauthorized access to such data. These measures are adapted and appropriate to the nature, scope and context of the data processed, and to the company’s activities.

Quarks Safety also requires any subcontractor to present appropriate guarantees to ensure the security and confidentiality of personal data.

10. Employees

All employees are required to sign a confidentiality agreement as soon as they join the company.

The purpose of this agreement is to ensure that employees undertake not to divulge any information or data processed in the course of the company’s business activities, whether this is the company’s own information or information relating to or belonging to the company’s business partners, customers or service providers.

11. Personal rights

Any person affected by one or more personal data processing operations carried out by Quarks Safety has various rights in respect of such data:

• Right of access
• Right of rectification
• Right of deletion
• Right to object to processing
• Right to restrict processing
• Right to data portability (the right to recover your data in an open and readable format)

It is also possible for data subjects to set instructions concerning the retention, deletion and communication of their personal data, which will be followed in the event of their death. These instructions may be communicated directly to Quarks Safety at the address: dpo@quarks-safety.com. It may also be transmitted via a trusted third party responsible for ensuring that people’s wishes are respected, in accordance with the applicable legal framework and requirements.

12. Exercise of rights

It is possible to exercise the aforementioned rights at any time by completing and sending the rights exercise form provided by Quarks Safety.
This document is appended to this Policy.
Requests or questions relating to the management, processing and protection of personal data can also be sent by Quarks to the following address: dpo@quarks.pro .

13. Changes to the policy

This Policy may be modified and adapted from time to time.
Quarks Safety therefore invites you to consult it regularly in order to be aware of any changes to this Policy.

Last update 13/07/2021.

Download the form for exercising your personal data rights