Bannière d'en-têteBannière d'en-tête

Data Privacy Policy

DEVPACK has been committed since the appointment, on a voluntary basis, on October 29, 2009, of a data-processing correspondent and freedoms in a continuous step of protection of the personal data of its users, agents and elected officials in conformity with the Data-processing Law and Freedoms n° 78-17 of January 6, 1978 modified by the law n° 2018-493 of June 20, 2018 and in conformity with the General Regulation on the protection of the data (RGPD) of April 27, 2016, entered into force on May 25, 2018.

DEVPACK has an internal commission dedicated to the protection of the personal data associating in a transverse way the various trades concerned. 
This policy is also part of DEVPACK's desire to develop digital exchanges and promote new digitalized tools in a fair and transparent framework, at the service of elected officials, agents and users.

DEVPACK implements the means necessary to the physical and data-processing protection of the systems of treatment of the personal data to avoid any malicious intrusion and to prevent any loss, alteration or disclosure of data to not authorized persons.

DEVPACK trains its services on the principles applicable to the management of personal data and promotes good practices.

The following principles constitute DEVPACK's personal data management policy. These principles apply to both computerized and non-computerized processing.

1. Responsibility

DEVPACK is responsible for the treatments of personal data that it implements directly or indirectly in France and abroad. Also it must conform strictly to the law on the protection of the personal data, but also to the RGPD. 

In accordance with the legal requirements, DEVPACK must accomplish all the formalities necessary to the implementation of the treatments of data in personal matter, that these data concern its elected officials, its users or its agents

2. Determining the purposes of the collection of personal data

DEVPACK determines the purposes for which it collects personal data. The data is collected for specific, explicit and legitimate purposes and may not be further processed in a way that is incompatible with these purposes.

Further processing for archival purposes in the public interest, for scientific or historical research purposes or for statistical purposes is not considered, in accordance with Article 89 of the GDPR, paragraph 1, to be incompatible with the original purposes.

3. Methods of collecting personal data

The data collected must be accurate and, if necessary, DEVPACK will implement all necessary and reasonable measures to update it.
DEVPACK does not collect personal data without the knowledge of the data subjects. The data is collected lawfully in accordance with Article 6 of the GDPR. DEVPACK does not collect personal data where data subjects have a legitimate objection.

DEVPACK provides the data subjects from whom it collects their personal data with information on the purpose of the processing, the identity of the controller, the legal basis for the processing, the retention period and the scope of their rights in accordance with Articles 13 and 14 of the GDPR.

The data are adequate, relevant and limited to what is necessary for the purposes for which they are processed. The durations of conservation must not exceed those necessary to the achievement of the aimed purposes.

DEVPACK requires of its subcontractors and its partners that they present sufficient guarantees to ensure the safety and the confidentiality of the personal data.

4. Recipients of personal data

The recipients are, within the limit of their respective attributions and according to the purposes: the personnel of DEVPACK. Only the recipients duly authorized can reach the information necessary to their activity. The personal data of the people are not transmitted to commercial or advertising actors.

Within the framework of requests of DEVPACK of services of accompaniment by external partners of people in difficulty entrusted to the community, DEVPACKcan exchange with the social workers of these organizations, subjected to the professional secret. The beneficiary of these services is then personally informed of the process.  

With the consent of the beneficiary, the detail of the benefits is transmitted to the correspondent of the adherent employer structure, the beneficiary being able at any time to revise his position concerning this consent by sending an e-mail via the address contact@devpack.fr or if it exists from his personal space (link accessible after connection to the space Beneficiary according to the treatment).

The strictly necessary data transmitted to the partners of offers of indirect services are intended to check the eligibility of the beneficiaries to the offers requested by DEVPACK. This framework of exchange is applied only on the initiative of the beneficiaries for a request for service, at an identified partner.

5. People's rights

DEVPACK implements the means necessary to inform any person who makes the request of it of the existence of data in personal matter which concern it and of the use which is made of it. Each treatment is the object of a complete information of the user, the elected official or the agent. DEVPACK takes any measure to rectify or remove the erroneous information. DEVPACK implements the necessary means to guarantee to the concerned persons the access to the personal data which concern them when they make the request.

In accordance with the European regulation in force, the people have the following rights: right of access, of correction, right of erasure, right to the limitation of the treatment, right of opposition to the treatment, right to the portability of the data.

DEVPACK has appointed a Data Protection Officer (DPO) who ensures compliance with the rules on the collection and processing of personal data set out in this Regulation.

If the beneficiary wishes to contact DEVPACK for questions or complaints concerning the protection of the personal data or to assert his rights relating to his personal data, he can do it by writing to the following address Devpack - 30-32 rue du Capitaine Georges Madon - 51100 Reims.

Since the entry into force of the RGPD, any user has the right to oppose to profiling, to ask for the limitation of the treatment and to introduce a complaint to the authority of control, represented in France by the CNIL. They can contact the latter at the following address CNIL, 3 Place Fontenoy, TSA 80715, 75334 PARIS Cedex 07

6. Violation of personal data

In the event of a personal data breach, DEVPACK shall notify the supervisory authority as soon as possible, unless the breach in question is not likely to result in a risk to the rights and freedoms of natural persons. DEVPACK shall document all matters relating to the breach.
Where a personal data breach is likely to result in a high risk to the rights and freedoms of a natural person, the controller shall communicate the information to the data subject as soon as possible. (Article 33 of the GDPR: notification to the supervisory authority of a personal data breach and Article 34 of the GDPR: communication to the data subject of a personal data breach).

7. Sustainability of the personal data management policy

DEVPACK regularly ensures the adequacy of its principles to the evolutions of the technologies, the law and the needs of the users and the thirds.

Efficiency starts with effective packaging. Transform yours with our expertise.

Schedule a personalized consultation with our experts to discuss your needs, tailored solutions, and give your products the packaging they deserve.

Quick access

  • 30-32 Rue Capitaine Georges Madon

    51100 Reims

  • +33 3 26 89 98 32

    Mon-Fri 9:00-12:00, 14:00-17:00

    Learn more
  • Contact-us

    By email

    Learn more
  • Join us

    Job offers