Policy on confidentiality and cookies - Hifi Filter S.A.
Table of contents
Statement of information for clients
Policy on confidentiality and cookies
- Introduction: Before starting...
- Who are we?
- What constitutes personal data?
- What is the basis for the processing of your personal data?
- The collection of your personal data.
- Why do we use your personal data?
- With whom do we share your data?
- What is the legal basis for the processing of your personal data?
- For how long is your personal data stored?
- What are your rights in terms of the protection of personal data?
- Amendments to the Policy on Confidentiality and Cookies
- Information on cookies
- Essential cookies
- Functionality cookies
- Analyses and performance cookies
- We use Google Analytics for this purpose.
- Google Recaptcha
- Targeted and advertising cookies
- Disabling cookies
- Transfers to third countries
In this Policy on Confidentiality and Cookies, you will find all the relevant information applied to the ways in which we use the personal data of our clients and users, irrespective of the HIFI FILTER S.A. channel or resource (online or face-to-face) that you use in order to interact with us.
We are transparent in how we use your data, so that you can understand the implications of the types of processing used and the rights that you have regarding your data.
Accordingly, all the requisite information is made available to you, on an ongoing basis, in this Policy on Confidentiality and Cookies, which you can consult at your leisure.
Moreover, information on each type of processing your personal data undergoes will be provided to you as and when we interact.
We are committed to providing you with assurance that the persons who handle your data will be authorised to process it and have undertaken to ensure that it remains confidential, in accordance with a statutory confidentiality obligation.
What is more, we are committed to taking all requisite steps to ensure the confidentiality of your data by implementing technical and organisational measures.
Before going any further, we should clarify certain points so that our policy can be understood by everyone. Thus, the term “platform” means all the channels, as well as the physical and digital resources that you use and that we use in order to interact. In practice this includes our Website, our mobile application, our client portal, our telephone platform and our e-mail address, as well as our store.
This policy on personal data and cookies therefore describes how our company collects, uses and shares personal data when one of our websites is used.
Please read the following information attentively so that you can understand our approach and our practices concerning your personal data and how we will process it.
For all intents and purposes of applying data protection legislation, your personal data controller is HIFI FILTER S.A., Rue Comble Emine, 2053 Cernier - SUISSE.
We collect information that concerns you in various formats, including personal data within the meaning of Regulation (EU) 2016/679 of 27 April 2016 (GDPR, Article 4.1).
The personal data that we hold regarding you identifies you as an individual.
We are authorised to process your data for various reasons. The most important reason is that your data is necessary in order to perform the contract you entered into with us at the time of your registration and by making a purchase or benefiting from one of our functionalities or one of our services, even though there are other reasons that authorise us to do so, such as the fact that we have an interest in answering your questions.
We collect information on you in different ways:
Information that you provide to us:
The personal data that you provide to us, such as your surname and first name and, as applicable, your e-mail address and/or your telephone number (identification data);
The personal data that you provide to us when you send us a claim linked to the service, the product use1 and/or quality or when you contact our client support service;
The personal data that you disclose to us when you purchase a product (financial and payment data);
The personal data that you provide to us when you correspond with our company via telephone, e-mail or otherwise.
Information from other sources: we can also obtain information concerning you from other sources, such as the Open Data that is made accessible by administrations.
Information that is collected automatically: we automatically record information on you, your computer and your mobile device when you access our Website: the public IP address, the version of the operating system on your hardware, the type of browser, the browser language, the pages of our Website that you consulted, the time that you spent on each page on our Website, the access time and information concerning your use and your actions on our Website (login and browsing data). We collect this information about you using cookies (cf. infra).
When we ask you to enter your personal data so that you can access the client portal or one of the Platform’s services, please bear in mind that some of the information to be provided is regarded as mandatory, since it is data that we need in order to operate the service concerned or so that you can access the functionality concerned. Therefore, if you decide not to provide this data, it is possible that your registration as a user cannot be completed successfully or that you will not be able to benefit from these services or functionalities.
We only collect and/or process your personal data in accordance with the applicable laws on data protection and privacy.
We use your personal data to:
Manage your registration as a client;
Provide you with content and services on the Websites;
Assess your registration as a client or your request for our products and our services;
Provide the services requested, manage your account and communicate with you concerning your account;
Respond to your comments and questions, and provide client service;
Send information, update alerts, assistance and administration messages;
Send marketing e-mails on forthcoming promotions, newsletters, new products and/or services, including information on our company’s products and services;
Our Marketing e-mails will tell you how to unsubscribe. Please note that if you deactivate the sending of Marketing e-mails, we can still send you non-marketing e-mails. These include, in particular, e-mails concerning your account, your registration and our commercial relations with you.
In order to manage the payment of the products that you purchase, irrespective of the means of payment used.
Manage any post-purchase returns and manage requests for information on the availability of items and product reservations;
For the purpose of invoicing and in order to provide you with the receipts and invoices for purchases made.
We sometimes take quality initiatives or perform quality surveys in order to know the extent of the satisfaction of our clients and users, and in order to identify areas in which we could improve our competencies.
We share your data with service providers that assist us or that provide necessary support, whether companies in our group or outside associates with whom we have signed an agreement, irrespective of whether or not they are located in the European Union. These third parties are only authorised to use your personal data to the extent that is necessary in order for them to provide us with their services. They are required to follow our explicit instructions and to comply with the appropriate security measures in order to protect your personal data.
Your personal data is also shared with our relevant internal departments, so that they can perform the processing mentioned above.
We may also have to share your personal data in order to comply with the applicable laws and in order to respond to legal requests and cooperate with judicial procedures, in particular requests made by the public and governmental authorities in order to meet the requirements of national security or the application of the law.
For third parties outside the EU, which do not offer the same degree of data protection as your country of residence, we will ensure that we obtain your explicit, unequivocal consent to share your personal data with said third parties or to sign data transfer agreements, which, as a minimum, comply with the standard contractual clauses adopted by the European Commission or ensure that the third parties located in the USA are companies that are members of the EU-US Privacy Shield.
The legal basis that authorises and enables us to process your data depends on the purpose for which said data is processed.
In order to manage your registration as a user and client of the Platform, the processing of your data appears to be necessary in order to fulfil the conditions that govern the use of the Platform. Processing will thus be necessary for your registration as a user or client.
For the implementation of the purchasing contract or service agreement, the processing of your personal data is necessary for the performance of the purchasing contract or service agreement by which we are bound. Moreover, we consider that we have a legitimate interest in making the checks that are necessary in order to detect and prevent potential fraud when you make a purchase. In our opinion, the processing of this data is in the interest of all the parties concerned at the time of the payment of a purchase and, more particularly, in your interest, due to the fact that we can take preventive steps to protect you against attempted fraud by third parties.
For client service, our position is that we have a legitimate interest in responding to the requests and demands that you make via the various means of contact that exist. In our opinion, the processing of this data is also in your interest, inasmuch as it enables us to manage your data efficiently and to answer the questions that are asked.
When you contact us, in particular for the management of incidents concerning your order or the product/service purchased on the Platform, the processing is necessary in order to fulfil the purchase contract.
When your request or question concerns the exercise of your rights or claims concerning our products or services, the processing of your data is based on compliance with the legal obligations we are under.
For Marketing, the legal basis for processing your personal data for marketing purposes is the consent you have given us, for example by agreeing to receive personalised information or for your photos to be published on the platform or on our social media channels.
In order to be able to show you personalised information, in our opinion we have a legitimate interest in performing profiling using the information we have on you (the record of your purchases) and the personal data that you provided to us, such as the language, since in our opinion processing this data is also in your interest, as it makes it possible to improve your user experience and to have access to information that corresponds to your preferences.
For analysis of ergonomics and quality, in our opinion we have a legitimate interest in analysing the ergonomics of the platform and the degree of user satisfaction, since, in our opinion, processing this data is also in your interest as the purpose thereof is to improve the user experience and to provide optimum quality service.
The length of time for which your data is stored depends on the purposes for which it is processed.
For the management of your registration as a user or client of the Platform, your data will be processed for as long as you continue to be a user or registered client (until such time as you decide to delete your account).
For the implementation of the purchasing contract or the service agreement, the processing of your personal data is necessary during the time that is needed to manage the purchase of the products or services that you have purchased, including any returns, complaints or claims associated with the purchase of the product or service.
In certain cases, we will only process the data until such time as the use thereof is no longer justified, for example in the case of card-based payment data (your bank details are not recorded), and you will have to enter this data each time that wish to purchase a product.
For client service, in our opinion we have an interest in retaining your data during the time needed to respond to your request or demand.
For Marketing, we will process your personal data until you unsubscribe from or cancel your subscription to the newsletter.
For the analysis of ergonomics and quality, we will process your data from time to time while performing an action or a quality survey involving your browsing data.
Independently of your personal data throughout the duration that is necessary for the corresponding purpose, we will then retain your data, which will be suitably backed up and protected with restricted access during the time for which liability can be triggered following the processing, pursuant to the regulations that are in force at each time2. Personal data will then be deleted once the potential actions for each case are time-barred and if data storage for archiving or statistical purposes is no longer warranted.
We undertake to respect the confidentiality of your personal data and to guarantee that you can exercise your rights.
You have a right to access the data we hold on you.
Moreover, we remind you that you have a right to the rectification of your data.
In providing us with your personal data actively and by any means, you are confirming that said data is true and accurate, and you undertake to inform us of any change thereto or modification thereof.
Therefore, any damage or loss caused to the platform or to the platform manager or to any other third party on the grounds of disclosure of incorrect, inaccurate or incomplete information at the time of registration, is the exclusive responsibility of the user.
In particular, you have a right to remove data (right of erasure) concerning your personal data, to the extent that said data is no longer necessary for the purpose for which we may have needed to process it or for which we no longer have the authorisation to do so.
The right to the restriction of processing or the right to object to the processing of your personal data means that, in certain cases, you can ask us to momentarily suspend the processing of your data or to retain said data for the time needed for your requirements.
We remind you that it is your responsibility to provide instructions concerning the storage, the erasure or the disclosure of your personal data after your death.
If the legal basis for the processing was your consent, you have the right to withdraw said consent at any time.
Moreover, when the processing of your data is based on your consent or the performance of the contract, you will also have the right to request the portability of your personal data. You will also have the right to receive your data that you provided to us in a structured, commonly used, machine-readable format, so that it can be transmitted directly to another entity, if this is technically possible.
If the processing is based on our legitimate interest, you will have the right to object to the processing of your data.
Moreover, you have the right to make a claim to the relevant data protection supervisory authority.
These rights can be exercised at no cost by sending us your request, stating your e-mail address, your surname and first name, and the subject of your request, as follows: “exercise of CNIL right”, to:
HIFI FILTER S.A., Rue Comble Emine, 2053 Cernier - SUISSE.
Or by e-mail to: email@example.com
If we feel it is necessary to be able to identify you, we may ask you to provide a copy of an identity document. Once we have received your request, we will send you a form to be filled out according to the right invoked, to ensure that your request is processed efficiently.
In view of the technical constraints, you acknowledge being informed that HIFI FILTER S.A. will process your request within a reasonable time-limit and within a maximum of 30 days as from receipt of your request.
The information contained in this Policy may be amended if we deem this to be useful. All amendments will be notified to you via several methods (banners, windows, notifications, e-mails, etc.), especially if the change in question is particularly important for your confidentiality, so that you can review the changes, assess them and, if necessary, oppose them or withdraw from a service or a functionality.
We therefore encourage you to review this Policy from time to time in order to consult any minor changes or improvements.
Cookies are small files that a website places on an individual's hard drive for data tracking purposes. Cookies make it possible for a website to remember important information, thereby facilitating your use of the website.
Our website uses the following types of cookies for the purposes described below:
These cookies are essential for providing you with the services that are available on our Websites and to enable you to use some of their functionalities. For example, they make it possible for you to log in to the secured areas of our websites and help the content of the pages you request to load more quickly. Without these cookies, the services that you have requested cannot be provided, and we only use these cookies to provide you with these services.
These cookies make it possible for our Websites to memorise the choices you make when you use them, such as your login information, and for you to remember the changes that you make to other sections of our Websites that you can personalise. The aim of these cookies is to give you a more personal experience and to avoid you having to re-enter your preferences each time that you browse one of our Websites.
These cookies are used to collect information on traffic to our Websites and how internet users browse them. The information collected does not identify any user individually. The information is aggregated anonymously. It includes the number of visitors, the referrer websites, the pages browsed, the time of browsing and other similar information. We use this information to operate our Websites more efficiently, to collect general demographic information and to monitor the level of activity on said Websites.
Google Analytics uses its own cookies. It is only used to improve the functioning of our Websites.
To protect we against the excessive use of our Web forms and the spam, we use the Google service reCAPTCHA within the framework of certain forms of this web site. By verifying a manual data entry, this service prevents the software automated (called robots) to make excessive activities on the web site. This is in compliance with art. 6, by. 1, al. 1 of the European Regulation on the data protection 2016/679 to protect our justifiable interests in the protection of our web site against the abuses as well as in the presentation with no problem at all from our site.
Google reCAPTCHA is an offer of Google LLC (www.google.com). The head office of Google LLC is in the United States. A decision on its appropriateness was taken by the European Commission for that country. This goes back to the EU US Privacy Shield, under which Google LLC is certified.
These cookies monitor your browsing habits so that we can display advertisements that may be of interest to you. These cookies use information on your browsing history to categorise you with other users who have similar interests. On the basis of this information, and with our authorisation, third-party advertisers may place cookies so that they can display advertisements that we believe are aligned with your interests when you browse third-party websites.
In general, you can delete or disable cookies using your browser’s preferences. In order to do so, follow the instructions for your browser (generally located in the “preferences”, “help”, “tools” or “change” installation). Many browsers are configured to accept cookies, until you change your preferences.
The HIFI GROUP and its entities are part of a European Group of companies (the HIFI GROUP), which has clients throughout the world. According to the legislation in force, the information you provide or that is collected via use of this Website and the Group’s Services may be transferred outside of your country to representatives that are located in a country other than that where said information was entered. Said information may be used and processed outside the country in which it was entered, within the framework of the contractual relationship.
This may include transfers to other European companies of the Group, agents, distributors and other members of its/their logistics chain, as well as the service providers or sub-contractors that are selected to perform services on its/their behalf. Said third parties are required to process the information in accordance with the regulations and with the contractual provisions that bind us to them. They are not authorised to sell or disclose said information to other Third Parties. The HIFI Group only uses service providers that offer security and confidentiality guarantees for data processing.
More specifically, users based in the European Union should note that their personal information will be transferred to countries or territories that are located outside the European Economic Area. The Group and its entities seek to guarantee that the protection applied to your personal information that is processed in other countries or territories complies with the legislation in force.
We apply best practices to organisational, technical and administrative matters in order to protect your personal data within our company. Unfortunately, no transmission or storage system is completely secure and the transfer of information via the internet is not totally secure. If you have reasons to believe that your interaction with us is no longer secure (for example, if you believe that the security of any account you have with us has been compromised), please inform us immediately at the following address: firstname.lastname@example.org
We undertake to resolve all claims concerning our collection or the use of your personal data. If you wish to make a claim concerning our Policy or our practices in connection with your personal data, please contact email@example.com
We will respond to your claim as soon as possible and, in all cases, within a time-limit of 30 days.