The StationOne Data Privacy Charter specifies the rules and measures for the protection of Personal Data i.e. of any information relating to an individual and which permits to identify him or her directly or indirectly (e.g. First name, last name, email address).
|
Request for the exercise of a right of access, rectification, and in certain circumstances, erasure, portability, and the right to restrict or object to certain processing or to report a non-compliance to the StationOne shall be sent to: data.privacy@station-one.com. |
Privacy
The protection of Personal Data is a fundamental right set forth in the Charter of Fundamental Rights of the European Union and a matter of concern for the StationOne. The StationOne is committed to protecting privacy by preserving the confidentiality and the integrity of each individual’s Personal Data stored on its platform according to (i) French Law No. 78-17 of 6 January 1978 on Information Technology, Data Files and Civil Liberties, as amended, and (ii) the European Union Regulation 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data (the “EU GDPR”) (referred to as “Data Privacy Regulations”).
The StationOne, as Processor, collects and processes Personal Data on the platform as follows, on behalf of the Customer, acting as “Controller”, in compliance with Customer’s instructions for the performance of StationOne Services (“processing” meaning any operation which is performed on Personal Data, from the point of collection up to and including the final destruction or deletion of the data) :
Transparency
The Personal Data on the StationOne are Personal Data required for the identification of Customers, their representatives (civility, first name, last name, e-mail, phone, nationality, birth data, birth place, fiscal code, identification number) and their means of payment (Iban, Bic, account number) as required by third party service providers in accordance with laws and regulations. They are collected by the StationOne by direct registration by the Customer and are transferred to third party service providers for transactions and payments automatically or through services, software and content provided by third party service providers. Third party service providers have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process that information in accordance with this Privacy Notice and as permitted by applicable data protection law.
Other Personal Data are not collected in the absence of Customer’s consent. Transfer of Personal Data may also be made as assets in case of business transfers where businesses or services are sold or bought.
The Personal Data are kept accurate on the platform and in a form which permits the identification only for the period of time necessary for the purposes for which they are processed.
Access
The Customer has access at all time to the StationOne to ensure the adequacy and the accuracy of such Personal Data. Assistance for access by Customer can be exercised by sending a request to support@station-one.com.
Proportionality
The StationOne will always process the Personal Data registered on the platform lawfully, fairly, and in a transparent manner. The processing is limited to the performance of StationOne Services including: delivery on the platform of Customers’ purchase requests and offers.
The processing of Personal Data by the StationOne or its third party service providers are to provide StationOne Services to Customers (such as publishing and web-hosting, strictly limited to professional commercial offers on products and services for professionals of the Mobility Sector, whether public or not, facilitation of an intermediation in the purchase and sale of Products and/or Services between professional legal entities of the Mobility Sector, editing of invoices on the behalf of the Customer vendor, editing purchase orders on the behalf of the Customer purchaser, providing statistics and data analysis, notably relating to the use of the StationOne by the Customers, help researches on the StationOne and facilitate the intermediation with a search engine for ranking of results based on criteria such as the key terms in the title and the body of the offer, the availability of the searched Products and/or Services, the delivery schedule, the minimum order quantity, the match between reference number included in the offer and the reference number searched, the compliance with technical standard and technical features according to the Products and/or Services category), for the process of transactions (including registrations, subscriptions, purchases and payments), for advertisements, marketing of the StationOne, communication with the Customers in relation to the Market Place, via different channels (e.g., by phone, email, chat), responses to Customers’ requests, communication of recommendation that might be of interest to you by identifying your preferences, and personalizing your experience with the StationOne, prevention and detection of fraud and abuse, scoring to assess and manage credit risks, measurement of use of, analyse performance of, fix errors in, provide support for, improve, and develop StationOne Services and operation, improvement and maintenance of the StationOne.
The Personal Data are not further processed in the absence of Customer’s consent or in a manner that is incompatible with the purposes of StationOne Services and they are not sold to third parties.
The Personal Data are stored only for the duration of StationOne Services and thereafter for the time necessary to satisfy contractual and legal obligations (including for liability or tax purposes). They are deleted after the end of this retention period.
Security
The security measures in place organize the protection of your Personal Data.
The StationOne ensures that appropriate security, integrity, and confidentiality measures are implemented to provide protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical and organizational measures.
It informs the Customer in less than 72 hours if it discovers a Personal Data breach on the platform and provide reasonable assistance to the Customer to notify such breach to the concerned supervisory authority.
Location
Personal data are stored in the European Economic Area and shall not be transferred outside the EEA in the absence of European Standard Contractual Clauses (EU SCC) established in compliance with the model published by the European Commission. The StationOne shall ensure that appropriate safeguards are implemented in order to provide an adequate level of protection to the Personal Data in case of international transfer outside the EEA and adequate countries as per the list published by the European Commission.
Sub-contractors, recipients and third parties
The Customer manages the disclosure of Personal Data to other Customers and to third parties. The StationOne does not disclose Personal Data to third parties in the absence of Customer’s consent except to the StationOne subcontractors and suppliers in particular for the payment of the transactions and unless the StationOne is required to do so to comply with the law, or with a valid and binding order of a governmental or regulatory body or with a court order. The StationOne ensures that its subcontractors and suppliers maintain adequate security and organizational measures.
The StationOne may release account and other Personal Data when it believes release is appropriate to comply with the law, enforce or apply terms and conditions or other agreements or protect the rights, property, security of the StationOne, its customers or other. This includes exchanging of information with other companies and organizations for fraud prevention and detection and for credit risk reduction. Unless the StationOne is prohibited from doing so or if there is a notice of illegal conduct in connection with the collect and processing of Personal Data, the StationOne notifies the Customer of such disclosure as provided in applicable data privacy regulations.
The StationOne platform may include third-party advertising and links to other websites and applications and therefore invite Customers to check directly their data privacy rules.
Governing Law & Dispute Resolution
The Platform and the Terms are governed by, construed and applied in accordance with French law, excluding it rules pertaining to conflicts of laws.
Any dispute or litigation that could not be resolved amicably between the parties will exclusively be submitted to the jurisdiction of the competent French courts.