Search
Close this search box.

Personal Data Protection Policy

SERMA, committed to ensuring the integrity and confidentiality of your personal data, undertakes technical and organizational measures regarding the protection of personal data.

In compliance with current regulations in France and Europe, SERMA is committed to implementing appropriate measures to ensure the protection, confidentiality, and security of personal data collected from individuals.

The purpose of SERMA’s data protection policy is to illustrate the commitments and practical measures taken to ensure the respect of your personal data.

Finally, this privacy policy may evolve depending on the legal and regulatory context and the CNIL’s guidance.

 

1. Scope of Application

This personal data protection policy applies to all personal data processing carried out by a company within the SERMA Group, concerning external individuals.

Therefore, this Policy does not apply to third-party websites, including those that may be mentioned on our websites through an Internet link.

Websites of the SERMA Group companies:

https://www.serma.com

https://www.serma-technologies.com

https://www.serma-ingenierie.com

http://www.aw2s.com

https://knsystemes.fr

https://www.serma-safety-security.com

https://sitrend.com

https://www.serma-energy.com

https://www.serma-microelectronics.com

https://www.id-mos.com

https://www.pe-gmbh.com

 

2. Definitions

In this personal data protection policy, the following terms are defined as follows:

  • Personal Data: Information relating to an identified or identifiable natural person.
  • Processing: Any operation or set of operations performed on personal data, such as collection, recording, use, transmission, or communication.
  • Data Controller (DC): A natural or legal person, a service, or another organization that, alone or jointly with others, determines the purposes and means of the processing.
  • Processors: A natural or legal person, a service, or another organization that processes personal data on behalf of the Data Controller.
  • Recipient: A natural or legal person, a service, or another organization that receives personal data, whether a third party or not.

 

3. Data Collected

To provide certain services, with your prior consent, SERMA may ask you to provide personal data, for example, to respond to a contact request, follow up on a job application, or send a newsletter.
We may collect and process all or part of the following data:

  • Your contact details: postal address, email, phone number,
  • Your identity: first name, last name, title, date of birth, job title, email address,
  • Your contact details: postal address, email, phone number,
  • Your application information: CV, cover letter, interview notes,
  • Your computer data: IP address, etc.
  • Any specific information you may provide via the services offered on our websites.

The mandatory nature of the information you must provide is usually indicated at the time of data collection on the corresponding forms by an asterisk.

In any case, SERMA ensures that personal data collected and processed is relevant, adequate, not excessive, and strictly necessary to achieve the purposes determined in advance. SERMA takes all appropriate measures to ensure that your data is accurate, complete, and, if necessary, updated.

 

4. Purposes of Collection

SERMA is committed to collecting your data in compliance with the provisions set out by the CNIL.

Your data is primarily processed for the following purposes:

  • Your subscription to our newsletter,
  • The management of your job application,
  • Your contact request via the contact form,
  • Ensuring the security of our websites,
  • Marketing actions,
  • Registering you in our databases as a new client or supplier,
  • Analyzing the relevance of our websites’ content.

 

5. Legal Basis

The collection of data is based on a legal basis articulated around two axes:

  • Execution of a contract,
  • Legitimate interest of the SERMA Group.

 

6. Data Recipients

SERMA only communicates your personal data to authorized and identified recipients, in accordance with the applicable regulations.

SERMA may grant access to your personal data to its group companies, partners, and possible third-party service providers, acting as processors, to perform services related to SERMA’s IT services and applications (including hosting, data storage, data processing, database management, or IT maintenance services).

These third-party providers, acting only on SERMA’s instructions, will have access to your personal data solely for the purposes intended at the time of data collection and will be subject to the same security and confidentiality obligations as SERMA.

SERMA Group operates in many countries worldwide. Thus, sharing your personal data with certain recipients may result in the transfer of your data outside the European Economic Area (EEA).

This transfer may occur, notably, with the SERMA International subsidiary located in Tunisia. SERMA pays close attention to the protection of your personal data. When such transfers outside the EEA must occur, SERMA implements appropriate safeguards beforehand by signing the European Commission’s standard contractual clauses with the entity outside the EEA that processes your personal data.

You can obtain a copy of these clauses by sending a request via one of the emails mentioned below.

 

7. Data Retention

SERMA only retains your data for the time necessary for the operations for which it was collected and in compliance with applicable legislation.

For instance:

  • Candidate files may be retained for up to 2 years from the last contact with the candidates, unless the latter agree to a longer retention period,
  • Data related to your newsletter subscription is retained until you withdraw your consent via the “unsubscribe” option,

When your data is collected via the contact form, SERMA retains this data for the time necessary to process such requests.

 

8. Security

SERMA ensures the security of your personal data by implementing enhanced data protection through the use of physical and logical security measures.

 

9. User Rights

In accordance with the applicable personal data protection legislation, you have a number of rights regarding the collection and processing of your personal data, namely:

  • Right of access, rectification,
  • Right of erasure,
  • Right to restrict processing,
  • Right to data portability,
  • Right to rectification,
  • Right to restrict processing,
  • Right to object.

To exercise these rights, you can send a request to the following address: dpo@serma.com, attaching a copy of an identification document to your request.

 

10. Policy Updates

The SERMA Group reserves the right to update this policy in order to:

  • Comply with regulatory changes,
  • Follow the evolution of the SERMA Group,
  • Follow changes in the SERMA Group’s websites.

    For any question: