This personal data protection policy defines and informs you on how GMED uses and protects the personal data that you may communicate to us.
The processing of personal data implemented by GMED as data controller, is carried out in accordance with the General Data Protection Regulation (GDPR) 2016-679 of 27 April 2016, and French law no. 78-17 of 6 January 1978, the “Data Protection Act,” as amended, and its implementing decree no. 2019-536 of 29 May 2019.
Data controller identity
The data controller is GMED, a wholly-owned subsidiary of LNE, an Industrial and State-owned Establishment. GMED is a simplified joint-stock company (SAS) with its registered office at 1 rue Gaston Boissier 75015 Paris, France, Tel. + 33 1 40 43 37 00, sales@lne-gmed.com, https://lne-gmed.com.
Ways to collect personal data
As part of our relations, you will likely send us your personal data in a variety of ways and, in particular, through our website by filling out an information form when you request a service, when you submit an application, when you establish any contact with GMED, or when you send us your personal data in any other way.
Purposes of personal data processing
GMED may process your personal data for the following purposes (non-exhaustive list):
- responding to your requests
- process your job or internship applications
- handling your service requests and managing our business relationships
- facilitating the completion of administrative formalities for signing up for our training sessions, forums, webinars, and other events organized by GMED
- providing you with information about GMED and technical, regulatory, or standard developments that are likely to interest you
- ensuring that our information, offers, and other forms of services correspond as much as possible with your interests
GMED processes your personal data for the purposes of legitimate interests pursued by GMED, and in particular for the development and improvement of our services and our service offering, with your consent when it comes to processing your data for specific purposes, or in a pre-contractual framework if applicable.
GMED undertakes not to act against your interests, freedoms, or fundamental human rights.
Personal data recipients
The sole recipient of personal data is GMED, more specifically: the Sales, Marketing and Communications department for marketing and sales processes; the operations departments to respond to service requests (certification, training); the administrative and financial department for service billing; the human resources department for the job processing or internship applications.
GMED does not commercialize personal data.
GMED may, however, use third-party service providers to process personal data on its behalf, such as for telemarketing campaigns, mailings, customer satisfaction surveys, and, where applicable, to host data. GMED only uses trusted subcontractors and within the framework of contractual relations compliant to the GDPR.
Personal data retention period
Personal data is stored no longer than necessary to fulfill the purpose of the processing, while complying with applicable legal and regulatory limits; or for another period taking into account operational constraints and efficient customer relations management; or responses to legal claims, or requests from supervisory authorities.
For existing GMED’s customers, information is stored for the duration of the contractual relations and for 10 years after the end of the contractual term.
For prospective customers, information is stored for 3 years from the time it was collected or from the last contact with the prospective customer.
For candidates to a job or internship, information is stored for 2 years from the last contact with the candidate.
In addition, GMED regularly analyzes the data stored and removes data that appears obsolete or expired.
Rights of the persons whose personal data is collected
In accordance with applicable regulations on personal data protection, you have the right to access, correct, and delete your personal data, as well as the right to restrict and object to the processing and portability of your data.
You can exercise these rights by sending an email to sales@lne-gmed.com or by letter to the following address:
GMED
Direction Commerciale, Marketing et Communication (DCMC)
1 rue Gaston Boissier
75015 PARIS
FRANCE
GMED will respond to anyone exercising their aforementioned rights within a period of one (1) month of receiving the request. This deadline may be extended by two (2) months, taking into account the complexity and number of ongoing requests.
You also have the right to appeal to the French Data Protection Commission (Commission nationale de l’informatique et des libertés – CNIL) in the event of any violation of applicable regulations on personal data protection.
Information systems security
GMED implements all reasonable technical and organizational measures, with regard to the nature, scope, and context of the personal data you share with us and the risks of processing it, to keep your personal data secure, and, in particular, to prevent any destruction, loss, alteration, disclosure, intrusion, or unauthorized access to this data, whether by accidental or illicit means.
Cookies
Please refer to our Cookie Policy
Policy updates
GMED reserves the right to modify or supplement to this privacy policy, at any time and without prior notice, particularly for the purposes of complying with any legislative, regulatory, legal, or technological developments. Changes take effect as soon as they are posted on the GMED website (https://lne-gmed.com) and you are legally bound by them.
By using our website, you fully and completely accept any revisions or changes to our rules governing the protection of your personal data.
March 2021