Privacy Policy

As part of its business operations, Onet, in its capacity as a data controller, collects and uses personal data relating to prospects, customers, and visitors to its websites.

Committed to building a lasting relationship of trust with you that respects your rights and freedoms, Onet is dedicated to protecting your personal data.

What is the GDPR?

In France, the law governing the protection of personal data is the "Data Protection Act" of January 6, 1978.

At the European level, the General Data Protection Regulation (better known by the acronym GDPR) took effect on May 25, 2018, in all member states of the European Union.

One of the main objectives of the GDPR is to harmonize all European legislation on the protection of personal data.

What is this page for ?

The main purpose of this page is to provide you with information—in a concise, transparent, understandable, and easily accessible format—regarding how Onet’s websites use your data.

This information will help you understand how your data is used, learn about your rights, and find out how to exercise them through our services.

Who is the Data Controller?

Onet and its subsidiaries are the data controllers for the processing activities carried out on the websites.

Onet Foundation
36 Boulevard de l’Océan
13009 Marseille
France

How can I contact the Data Protection Officer (DPO)?

The Onet Foundation has appointed a Data Protection Officer, whom you can contact at this address: dpo@Onet.fr.

The Data Protection Officer provides advice, guidance, and oversight to ensure compliance with regulations governing personal data.

Why do we use your personal data on the Websites?

Websites allow you to:

  • Receive and respond to requests from our partners via a contact form.
  • Send emails to our partners who have not objected to receiving them:
    • On products similar to the ones they ordered.
  • Manage the do-not-call list.
  • Manage your consent settings for cookies and other tracking technologies.
  • Exercise your data protection rights (GDPR).

What is the legal basis for the processing?

  • Contact request (via form or chatbot): The legal basis for processing is consent.
  • Marketing activities: The legal basis is the company’s legitimate interest in finding new partners.
  • Sending communications via email: The legal basis for this processing is the company’s legitimate interest in promoting our products to our customers.
  • Opt-out list: The legal basis is the data subject’s legitimate interest in ensuring that their choice is respected.
  • Management of consent regarding cookies and trackers: the legal basis is the consent of website users.
  • Exercise of individual rights: the legal basis is the law.

What data do we collect and use?

  • Contact request (via form or chatbot): Type of requester, last name, first name, job title, phone number, email address, company, purpose of your request, Message.
  • Marketing activities: last name, first name, email address, phone number, job title
  • Callback: phone number
  • Opt-out list for communications: email
  • Management of consent regarding cookies and trackers: 
  • Exercising your rights: last name, first name, request, proof of identity, and any other information related to your request.

Who will we share your data with?

We will share your personal data with the following recipients:

  • Authorized employees within the Onet Foundation, the Group, and its subsidiaries are the recipients of the data based on their roles.

How long will we keep your data?

  • Data required for marketing activities (customer retention and prospecting initiatives): for the duration of the business relationship and for three (3) years following the last contact.
  • Data regarding do-not-call lists:three (3) years.
  • Data required for cookie management: 6 months
  • Data required for the chatbot: 6 months
  • Data related to the exercise of rights: five (5) years from the end of the calendar year for all rights, with the exception of data related to the right to object, which will be retained for six (6) years. If you have provided us with proof of identity, it will be retained for one (1) year after receipt of the request if the proof is necessary. Otherwise, the proof will be deleted immediately.

What are your rights?

You have the right to access, correct, or delete your personal data. You also have the right to data portability and the right to restrict the processing of your data.

If you receive communications based on legitimate interest, you can opt out either when you sign up by checking the “I opt out” box or by clicking the link at the bottom of each newsletter.

Since your consent is required for the use of cookies and trackers, you can change your settings at any time by clicking this link:

How can I contact the DPO?

To exercise your rights or if you have any questions about how your data is processed in this system, please contact our Data Protection Officer (DPO).

  • Contact our DPO by email: dpo@onet.fr
  • Contact our DPO by mail:

 

Data Protection Officer
ONET Group
36, boulevard de l’Océan
13009 Marseille

France

How do I exercise my rights?

This page allows you to exercise your rights.

To exercise your rights, you must provide proof of your identity by any means.

If we have any doubts, we may ask you to provide additional information necessary to verify your identity.

If you wish to verify your identity by sending us a form of identification, please make sure to send us only the front side in black and white. Do not send us your health insurance card!

Exercising your rights is free of charge. However, if your requests are repetitive, excessive, or abusive, you may be charged a fee.

We will acknowledge receipt of your request to exercise your rights and will respond to your request as soon as possible, and no later than one (1) month from the date we receive it.

This period may be extended by two (2) months if the request is complex, for a total of three (3) months from the date we receive your request.

In that case, we will notify you of the extension and explain the reasons for it.

How do I contact the CNIL?

If, after contacting us, you believe that your data protection rights have not been respected, you may file a complaint with the French Data Protection Authority (CNIL – 3 place de Fontenoy, 75007 Paris): https://www.cnil.fr/

Request to Exercise Rights by Data Subjects