CHARTER ON PERSONAL DATA PROTECTION AND PRIVACY - Rowa Group
Rowa Group undertakes, within the framework of its activities and in accordance with the legislation in force in United States on the protection of individuals with regard to the processing of personal data and on the free movement of such data (RGPD), to ensure the protection, confidentiality and security of the Personal Data of persons benefiting from the services and/or products of Rowa Group entities, as well as to respect their privacy.
By connecting to or consulting one of the websites published by Rowa Group, you acknowledge having read, understood and accepted, without limitation or reservation, the charter on the protection of personal data and privacy. This charter aims to inform you of the rights and freedoms that you may assert with regard to Rowa Group concerning the use of your personal data and describes the measures that Rowa Group implements in order to protect them.
- DEFINITIONS
Personal data Personal data is any information relating to an identified natural person or a person who can be identified, directly or indirectly, by reference to an identification number or to one or more elements that are specific to him.
Processing of Personal Data Processing of personal data: any operation or set of operations relating to such data, whatever the process used, and in particular the collection, recording, organisation, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, matching or interconnection, as well as blocking, erasure or destruction, constitutes Processing of personal data.
Cookie A cookie is a piece of information deposited on the hard disk of an Internet user by the server of the site he or she visits. It contains several pieces of data: the name of the server that placed it, an identifier in the form of a unique number, and possibly an expiry date. This information is sometimes stored on the computer in a simple text file which a server accesses to read and record information.
- COLLECTION OF PERSONAL DATA
Rowa Group shall not collect Personal Data without informing the persons concerned.
Rowa Group collects this Data to provide the services and/or products requested from the persons concerned, to meet their needs and to inform them of the use made of it.
Rowa Group ensures that the Personal Data collected is relevant to the persons concerned.
Rowa Group collects information submitted by data subjects automatically in connection with the use of the website itself. This information may include unique device identifiers, Internet Protocol (“IP”) addresses, browser characteristics, language preferences, operating system details and referring URLs, as well as the duration of visits to the website and the pages viewed. Rowa Group may use tools such as cookies (see §9), web beacons, embedded scripts, web server logs or other similar technologies to collect details about the services and devices used to access Rowa Group websites.
Rowa Group uses third-party web analytics services, such as Google Analytics, to help Rowa Group analyse how individuals use Rowa Group websites. To learn more about how Google may use information collected on Rowa Group websites, please visit the following link: https: //policies.google.com/privacy/partners. For more information on how to opt-out of the collection of Data by Google Analytics, please visit the following link: https: //tools.google.com/dlpage/gaoptout.
- USE OF THE PERSONAL DATA COLLECTED
Rowa Group ensures the confidentiality of the personal data entrusted to it and, from the design of services, sites and applications, respects the principles of data protection.
Rowa Group uses the Personal Data of the persons concerned in order to authenticate them, to provide them with the service and/or product subscribed to and to propose offers adapted to their needs.
Rowa Group only communicates Personal Data to its authorised service providers/subcontractors and ensures that they respect strict conditions of confidentiality, use and protection of this Data.
Rowa Group shall refrain from communicating Personal Data to third parties without having informed the persons concerned and without having offered them the possibility of exercising their right of opposition.
Rowa Group may use the irreversibly anonymised Data of the persons concerned for statistical studies.
- PURPOSES OF THE PROCESSING OPERATION(S)
When you visit one of the websites published by Rowa Group, you are likely to provide us with a certain amount of personal data in order to benefit from the services and/or products offered by Rowa Group. The Processing of Personal Data is necessary for the performance of services or for the legitimate interest of Rowa Group relating to certification activities (management systems, product certification, service certification, certification of persons, assessments – CSR, performance, suppliers – online tests for companies or persons, on-site assessment visits, regulatory attestations, labelling, private controls, inspections, qualifications) and training (recognition systems, training systems, in particular through professional social networks, e-learning, serious games, online trainee spaces, performance tests, e-books, association games, brain games and mimes, quiz boxes, mock tests).
The collection of Personal Data allows Rowa Group to provide the persons concerned with the best possible follow-up of the services/products delivered by Rowa Group, and to improve the functioning of the website or applications (if any) used; it also allows Rowa Group to carry out optional satisfaction surveys on its services/products with a view to improving them. The personal data collected may also be used to prevent and fight against computer fraud (spamming, hacking…), or to carry out optional satisfaction surveys on Rowa Group services/products.
Finally, where appropriate, if you have given your express consent, your personal data may be used to send you commercial information.
In online forms, mandatory fields are marked with an asterisk. If you do not answer the mandatory questions, Rowa Group will not be able to provide you with the service(s)/product(s) requested. The compulsory or optional nature of the Personal Data requested and the possible consequences of a failure to reply with regard to the persons concerned are specified at the time of their collection(s).
Your personal data is not further processed in a way that is incompatible with the purposes described above or under the collection forms. They are only kept for the time necessary to achieve these purposes.
Your personal data may be communicated to certain departments of the controller, as well as to certain partners or subcontractors for analysis and survey purposes.
- SECURITY OF PERSONAL DATA COLLECTED
Rowa Group implements security measures adapted to the degree of sensitivity of the Personal Data to protect them against any malicious intrusion, loss, alteration or disclosure to unauthorised third parties.
Rowa Group guarantees the security of the information exchanged during transactions or payment acts.
Rowa Group issues access authorisations to its information system only to those persons who need them to perform their duties.
Rowa Group makes its employees aware of the protection of personal data made available to them in the context of their duties and ensures that they respect the rules in force and the ethics of the Rowa Group.
Rowa Group carries out audits to verify the correct operational application of these rules.
Rowa Group requires its service providers and/or subcontractors to comply with its security principles.
- RETENTION PERIOD OF COLLECTED PERSONAL DATA
Rowa Group shall not retain Personal Data beyond the period necessary to achieve the purpose of the Processing, while respecting the applicable legal and regulatory limits or another period taking into account operational constraints such as efficient management of customer relations and responses to legal requests or requests from the supervisory authorities on which Rowa Group depends.
With regard to customers, most of the information is kept for the duration of the contractual relationship and for 10 years after the end of the contractual period. With regard to prospects, the information is kept for 3 years from the date of collection or the last contact with Rowa Group.
- INFORMATION AND EXERCISE OF RIGHTS
Data subjects whose Personal Data is collected shall have the right of access to their Personal Data, rectification or deletion of the same, limitation of Processing, portability of Data and the right to object to Processing.
The persons concerned are however informed that the personal Data collected are, where applicable, necessary for the execution of the service provided by Rowa Group, so that in the event of use of their right to erase the said Data, to object or to limit the Processing before the end of the contractual relationship, the service cannot be executed.
These rights may be exercised by sending an email to info@rowallc.com
Rowa Group shall respond to the person who has made use of one of the aforementioned rights within one (1) month of receipt of the request.
This period may nevertheless be extended by two (2) months, taking into account the complexity and number of requests. In this case, Rowa Group shall inform the person concerned of this extension within one (1) month of receiving the request.
Where the data subject makes his or her request in electronic form, the information shall be provided electronically where possible and unless the data subject requests otherwise.
If the controller refuses to comply with the data subject’s request for information, the controller shall state the reasons for the refusal.
7.1. RIGHT OF ACCESS
Any person may ask the controller whether Personal Data concerning him or her are being Processed. If so, the data subject may obtain a copy of the Personal Data being Processed and the following information:
– purposes of the Processing ;
– categories of Personal Data concerned ;
– recipients or categories of recipients of the Data ;
– where possible, the intended period of retention of the Data or, where this is not possible, the criteria used to determine this period;
– where personal data are not collected from the data subject, any available information as to their source;
– where applicable, the existence of automated decision-making, including profiling, and relevant information about the underlying logic, as well as the significance and intended consequences of such Processing for the data subject.
7.2. RIGHT OF RECTIFICATION
Any person whose Personal Data is processed has the right to obtain the rectification of Personal Data concerning him or her that is inaccurate and that such Data is completed if the purpose of the Processing so requires.
7.3. RIGHT TO ERASURE
Any person whose Personal Data is processed has the right to obtain from the controller the erasure of such Data in the following cases:
– When Personal Data are no longer necessary for the purposes for which they were collected or otherwise processed;
– Where the data subject has withdrawn the consent on which the Processing was based and there is no other legal basis for the Processing;
– In the event that the Processing is based on the legitimate interest of the controller, where the data subject has objected to the Processing there is no compelling legitimate reason for the Processing,
– In the event that the purpose of the Processing is canvassing or profiling in connection with such canvassing, where the data subject has objected to the Processing ;
– Where Personal Data have been Unlawfully Processed ;
– Where Personal Data must be erased in order to comply with a legal obligation under USA law or the law of the Member State to which the controller is subject;
However, the data controller may refuse to erase the Data in the following cases:
– to comply with a legal obligation that requires the Processing under USA;
– where the sole purpose of the Processing is statistical ;
– when the Processing is necessary for the establishment, exercise or defence of legal claims.
7.4. RIGHT TO LIMITATION
Any person whose Personal Data is processed may request the controller to restrict the Processing in the following cases:
– Where he/she disputes the accuracy of his/her Personal Data, for a period of time allowing the controller to verify the accuracy of the said Data;
– Where the Processing does not comply with the Regulation but the Data Controller does not wish to delete the Data;
– When the controller no longer needs the Personal Data for the purposes of the Processing but it is still necessary for the data subject to establish, exercise or defend legal claims;
– Where the data subject has objected to the Processing, during the verification as to whether the legitimate grounds pursued by the controller prevail over those of the data subject.
– Where Processing has been restricted, with the exception of retention, Data may only be processed in the following cases:
with the consent of the person concerned,
for the establishment, exercise or defence of legal claims,
for the protection of the rights of another natural or legal person, or for important reasons of public interest of the Union or of a Member State.
If the restriction is subsequently lifted, the controller will inform the data subject in advance.
7.5. RIGHT TO PORTABILITY
Any person whose Personal Data is being Processed may request the Controller to disclose the Data to him or her or to another Controller in the following cases:
where the Processing has been carried out with the consent of the data subject
where the Processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the request of the data subject
where the Processing is carried out by means of automated processes
7.6. RIGHT OF OBJECTION
Any person whose Personal Data is processed has the right to object to the Processing under the following conditions:
where the processing is based on the satisfaction of legitimate interests pursued by the controller or by a third party, on grounds relating to his or her particular situation and if the controller does not demonstrate compelling legitimate grounds for the processing which override the interests and rights and freedoms of the data subject, or for the establishment, exercise or defence of legal claims
where the Processing is carried out for the purpose of canvassing or profiling in connection with such canvassing, may object to such Processing, without condition
where the Processing is carried out for statistical purposes, for reasons relating to his or her particular situation
- PROTECTION OF PRIVACY
Rowa Group has appropriate physical, electronic and administrative security measures designed to protect the personal information obtained from data subjects, customers and prospects in accordance with this Privacy Policy. Despite reasonable efforts to protect such information, no transmission over the Internet is completely secure and Rowa Group cannot guarantee the confidentiality of Data transmitted to it over the Internet.
Rowa Group takes measures to limit the intrusive actions of third parties (spam…) and informs about electronic attacks (phishing, viruses, information theft…)
Rowa Group various websites may contain hyperlinks to other third party websites or online spaces for the convenience and information of those concerned. These linked third party websites may be operated by non-affiliated entities and may have their own privacy policies or notices. Therefore, Rowa Group advises individuals to consult the privacy policies on these third party websites to understand how they may collect and use Personal Data. Rowa Group is not responsible for the content or the privacy practices of third party websites that Rowa Group does not control.
Rowa Group various websites may also include features designed to allow data subjects to initiate interactions with third party websites or third party services, including third party social networks. When using third party websites, third party services or third party social networks, Rowa Group invites data subjects to consult their privacy and Personal Data protection policies.
- COOKIES
The Rowa Group websites use cookies to facilitate navigation on the said websites, to measure the site’s audience or to enable the sharing of website pages. Cookies are deposited on the terminal of the persons concerned for a maximum period of 13 months from the date of consent of the person concerned. After this period, consent will be sought again.
9.1. TYPES OF COOKIES USED
The cookies necessary for navigation on Rowa Group websites. These cookies are strictly necessary for the operation of Rowa Group websites. Their deletion may lead to navigation difficulties.
Four types of Cookies, meeting the purposes described below, may be recorded in the terminal of persons when they visit one of the Rowa Group websites.
Technical cookies are necessary for browsing our websites and for accessing the various products and services. In particular, technical cookies enable the presentation of websites to be adapted to the display preferences of the person’s terminal (language used, display resolution), to memorise passwords and other information relating to a form filled in on the websites (registration or access to the members’ area) and to implement security measures. These cookies cannot be deactivated or set, otherwise you will no longer be able to access the website and/or the services of the websites.
Audience measurement cookies are issued by Rowa Group or by its technical service providers for the purpose of measuring the audience for the various contents and sections of the websites, in order to evaluate and better organise them. These Cookies also make it possible, if necessary, to detect navigation problems and consequently to improve the ergonomics of Rowa Group services. These Cookies only produce anonymous statistics and traffic volumes, to the exclusion of any individual information.
Advertising Cookies are issued by our advertising partners, in the advertising spaces of our websites, the exploitation of these spaces contributing to the financing of the contents and services that Rowa Group makes available to people free of charge. These Cookies are deposited by our partners within the framework of advertising partnerships under the terms of which the advertising companies may be required to collect data concerning the content consulted on our site.
The “Social Network” cookies make it possible to share the content of the Rowa Group websites with other people or to inform these other people of the consultation or opinion of the person concerning the content of the Rowa Group website(s). This is, in particular, the case of the “share” buttons from the social networks “twitter”. The social network providing such an application button is likely to identify the person thanks to this button, even if the person has not used this button when consulting one or more Rowa Group websites. Rowa Group invites you to consult the privacy protection policies of these social networks in order to learn about the purposes of use, particularly advertising, of the browsing information that they may collect thanks to these application buttons.
9.2. COOKIE MANAGEMENT
Individuals have the option of accepting or refusing cookies on a case-by-case basis or refusing them once and for all by configuring their browser. If the person chooses to refuse all cookies, navigation to certain pages of the various Rowa Group websites will be reduced.
Depending on the browser used by individuals, the ways of deleting cookies are as follows:
On Internet Explorer: Click on the Tools button, then on Internet Options
On the General tab, under Browsing History, click on Settings
Click on the View Files button
Select the cookies to be refused and click on delete
On Firefox: Click on the browser’s Tools icon, select the Options menu
In the window that appears, choose “Privacy” and click on “Show cookies”.
Select the cookies to be refused and click on delete
On Safari: Click on the Edit icon, select the Preferences menu
Click on Security and then on Show Cookies
Select the cookies to be refused and click on delete
On Google Chrome: Click on the Tools icon, select the Options menu, then click the Advanced Options tab and access the Privacy section
Click on the “Show Cookies” button
Select the cookies to be refused and click on delete
For any support concerning the different browsers, Rowa Group recommends to refer to the official documentation.
- UPDATE OF THE CHARTER
Rowa Group may have to modify this charter at any time, in particular because of :
– the introduction of new services or technologies
– changes in the legislative and regulatory framework
In the interests of transparency, Rowa Group invites the persons concerned to consult this page as often as they wish to take note of any changes.
Page updated on 15 November 2023.