Syskern Privacy and Data Protection Policy
This Personal Data Protection Policy aims to define Syskern’s commitments regarding the collection, processing, and protection of personal data. This policy applies to two main areas: firstly, the management of employees’ personal data within the recruitment and human resources management processes, and secondly, the collection and processing of personal data from users of Syskern group websites.
1. GDPR Policy for Personal Data Collection during Recruitment
A. Types of Data Collected
In the recruitment process, Syskern collects the following personal data:
- Identification data: This includes the candidate’s name, first name, postal address, phone number, and email address.
- Professional data: This includes information found in resumes, cover letters, diplomas, professional references, and employment history.
- Sensitive data: This may include medical information necessary for the job (e.g., for workplace adaptation) and, if applicable, trade union membership, subject to explicit consent.
- Administrative data: This includes social security numbers, bank details for salary payments, and any other administrative data required for the employment contract.
B. Purpose of Processing
The personal data collected is processed for the following purposes:
- Recruitment: The data is used to evaluate candidates, proceed with candidate selection, and make hiring decisions.
- Administrative management: The data is used to establish employment contracts, manage payroll, and track absences and leaves.
- Legal compliance: Syskern also uses this data to comply with legal obligations, such as reporting to social security organizations and adhering to labor laws.
C. Legal Basis for Processing
The processing of personal data is based on the following legal grounds:
- Contractual necessity: The data is required to prepare and execute the employment contract.
- Legal obligations: The processing is necessary to comply with legal obligations to which the employer is subject.
- Consent: Certain specific data, such as medical information or trade union membership, is only processed with the explicit consent of the candidate or employee.
D. Rights of Candidates and Employees
In accordance with the GDPR, Syskern candidates and employees have the following rights:
- Right of access: They can request access to their personal data held by Syskern.
- Right to rectification: They can request the correction of inaccurate or incomplete data.
- Right to erasure: Data can be deleted when no longer necessary or if consent is withdrawn.
- Right to restrict processing: They can request the suspension of data processing in certain circumstances.
- Right to data portability: They have the right to obtain their data in a structured, commonly used format to transfer it to another controller.
- Right to object: They can object to the processing of their data in certain situations, particularly for legitimate reasons.
E. Data Retention
Personal data is retained by Syskern for as long as necessary for the purposes for which it was collected. For example, employee data is kept for five years after the end of their employment contract, in accordance with legal requirements.
F. Security Measures
Syskern implements technical and organizational measures to protect personal data from unauthorized access, loss, or destruction. These measures include data encryption, restricted access to authorized personnel, and regular data backups.
2. GDPR Policy for Personal Data Collection on the Website
A. Types of Data Collected
When using Syskern group websites, the following types of personal data may be collected:
- Browsing data: This includes IP addresses, location data, browser types, pages visited, as well as cookies and other tracking technologies.
- Data provided through forms: This includes the name, email address, phone number, and information provided when registering for a newsletter, user account, or any other interaction via the site’s forms.
- E-commerce data: If the website offers e-commerce services, the data collected includes transaction details, delivery addresses, and payment information.
B. Purpose of Processing
Personal data collected on Syskern’s website is processed for the following purposes:
- Improvement of user experience: Browsing data is used to customize site content, enhance user experience, and analyze visits to optimize site performance.
- Direct marketing: With the user’s consent, data collected through forms may be used to send newsletters, promotional offers, and other marketing communications.
Order management: In the context of e-commerce activities, data is processed to manage online orders, track deliveries, and process payments.
C. Legal Basis for Processing
The processing of personal data on Syskern’s website is based on the following legal grounds:
- Consent: User consent is required for the use of non-essential cookies and for sending marketing communications.
- Contractual necessity: Data processing is necessary to provide the services requested by the user, such as processing online orders.
- Legitimate interest: Syskern processes certain data to ensure website security, prevent fraud, and ensure the proper functioning of services.
D. User Rights
Users of Syskern’s website have the following rights, in compliance with the GDPR:
- Right of access: Users can request access to their personal data collected by the website.
- Right to rectification: They can request the correction of inaccurate or incomplete data.
- Right to erasure: Users can request the deletion of their personal data when it is no longer needed for the purposes for which it was collected.
- Right to restrict processing: Users can request the suspension of data processing in certain circumstances.
- Right to data portability: Users can obtain their data in a structured format to transfer it to another data controller.
- Right to object: Users can object to the processing of their data, particularly for legitimate reasons.
- Cookie Management: A GDPR-compliant cookie banner is in place, allowing users to set their cookie preferences and consent or refuse the use of non-essential cookies.
E. Data Retention
Personal data collected on Syskern’s website is retained only for the duration necessary for the purposes for which it was collected:
- Browsing data: Retained for a limited time based on the purpose (e.g., cookies for a maximum of 13 months).
- User account data: Retained as long as the account is active or according to legal obligations.
- Transaction data: Retained for accounting and tax purposes, in accordance with applicable legal deadlines.
F. Data Transfers
Syskern may transfer personal data to subcontractors, such as hosting providers or cloud services, which may be located in countries offering an adequate level of data protection. When data is transferred outside the European Union, Syskern ensures that appropriate safeguards, such as standard contractual clauses, are in place.
G. Security Measures
Syskern implements robust security measures to protect the personal data collected on its website. This includes the use of SSL/TLS protocols for data encryption during transmission, a strong password policy for users, and regular security audits to identify and fix vulnerabilities.
Conclusion
Syskern is firmly committed to protecting the personal data of its employees, users, and clients in accordance with applicable regulations, including the GDPR. This Personal Data Protection Policy reflects our commitment to ensuring the confidentiality, security, and integrity of the information we process.
We encourage all concerned individuals to carefully read this policy and contact us with any questions or concerns regarding the collection, processing, or protection of their personal data. Syskern remains at your disposal to ensure a transparent and secure management of your information.
For any additional information or to exercise your rights regarding personal data, you can contact our Data Protection Officer (DPO) at the following address: contact@syskern.com
The Management.
English 
French 
Contact us 
