Accueil > Data Protection Policy

Data Protection
Policy

Chronopost is committed to personal data protection both during our business operations and as part of the services offers. 


Data Protection Policy

Chronopost is committed to personal data protection both during our business operations and as part of the services offers.
This Policy sets out the principles and guidelines we apply to protect your Personal Data and is designed to explain:

• The Personal Data Chronopost collects and the reasons for collecting it,
• How we use your Personal Data,
• Your rights as the data subject.

This Policy applies to all of Chronopost's services but does not apply to any partner websites. For the purposes of this document, the term "Data" corresponds to your Personal Data as per the definition provided in the glossary in the footnotes.

 

How does Chronopost consider the projection of your Data?

Chronopost considers the protection of your Data and privacy when designing new products, services and offers. To ensure the security of your Personal Data and safeguard the proper exercise of your rights, we implement measures designed to protect your Data.

Chronopost is committed to the following essential principles:

- Legitimacy and relevance to only collect and process the Data needed for the stated purposes;

- Confidentiality: to implement the technical and organisational measures necessary to protect your Data;

- Transparency: to provide you with useful information regarding the recipients of your Data;

- Retention: to only keep your Data for the time necessary for the stated purposes; Right of access and deletion: to give you the possibility of accessing, modifying and deleting your Data.

Right of access and deletion: to give you the possibility of accessing, modifying and deleting your Data.

 

What Data is used by Chronopost?

Chronopost undertakes to only collect the data that is strictly necessary for the provision of the requested services.

We use your Data in accordance with this Policy, the general terms and conditions of sale or use of our products and services and particularly:
- when you have been given clear, apparent and precise information regarding the processing in place and agreed, for one or more specific purposes either by way of a written declaration, including by electronic means, or by the absence of opposition or written declaration;
- when it is needed for the performance of contract, the general terms and conditions of sale or use or the performance of pre-contractual measures;
- for the compliance of legal or regulatory obligations and the legitimate interests of Chronopost.

If optional data is requested, Chronopost will be given a clear explanation of the Data we need to provide the requested service and the data you may decide to provide voluntarily.

Data is collected either directly from you or from the sender of your parcel, if you are the addressee.

Data is only used for the purposes made clear to you or the sender of your parcel.

Data is only used for the purposes of commercial marketing if you have agreed to receive marketing communications.

The French Data Protection Authority (CNIL) does however authorise us to e-mail you communications about offers regarding similar products and services to those you have already used from the company (www.cnil.fr/fr/la-prospection-commerciale-par-courrier-electronique). You are, of course, free to oppose this commercial marketing.

 

How is Data collected from children?

Some of our services may be used by children. They must obtain the consent of their parents or legal representatives.

 

To which services or companies is your Data transferred?

Your data may be transferred to:

- Departments within Chronopost: departments in charge of performing subscribed services.

- Service providers outside Chronopost with whom we always sign a contract ensuring the respect of your Data and particularly transport sub-contractors that may be entrusted with carrying out your delivery.

- Within Le Groupe La Poste.

 

Where is your Data stored and can it be transferred to non-EU countries?

Chronopost carries out all Data processing activities within the European Union (EU).

However, for some specific services and particularly for the services provided by customer services, Chronopost may need to call on the services of sub-contractors located outside the EU. Some of your Data may therefore be transferred to them for the strict purposes of their services. In such cases and in accordance with the regulations in force, Chronopost requires its data processors to provide the necessary safeguards to ensure regulated, secure transfers, mainly by requiring them to sign the European Commission’s standard contractual clauses.

 

For how long does Chronopost retain your Data?

Different retention periods apply for the various services we provide. Chronopost undertakes not to retain your Data any longer than is necessary for the provision of the service or for compliance with the retention periods arising from the applicable limitation periods.

Below, you will find the main instances when your Data is retained:

 

 
  Subject Purpose Duration  Type of Data
Processing No°1 Management of parcel delivery Delivery of parcels to home addresses, pickup points and lockers    Duration of transportation services plus 6 months on the active database

Name and Surname

Postal address and E-mail

Telephone number

Door code if applicable

Processing No°2 Management of delivery preferences (Predict) Delivery instructions given by recipients Up to 1 year and 6 months from the date of the instruction

Name and Surname

Postal address and E-mail

Telephone number

Processing No°3 Customer Service t  Manage complaints from Co-Contractor’s customers 2 years from the end of processing the complaint

Name and Surname

Postal address and E-mail

Telephone number

Processing No°4 Retention of Personal Data Management of complaints and disputes Archived for 3 years Intermediary (see CNIL's definition)

Name and Surname

Postal address and E-mail

Telephone number

Processing No°5 Customs formalities Delivery of parcels to French Overseas Departments and Regions (DROM) and internationally Up to 10 years

Name and Surname

Postal address and E-mail

Telephone number

Processing No°6 Setting up of accounts on chronopost.fr Ordering transport services Up to 3 years after the last operation

Name and Surname

Postal address and E-mail

Telephone number

Processing No°7 Commercial marketing Sending of tailored business offers Up to 3 years after the termination of the business relationship unless consent is retracted

Name and Surname

E-mail

Processing No°8 Competitions Taking part in competitions Duration of the competition and 3 months, unless consent to receive commercial marketing

Name and Surname

E-mail

Postal address where applicable

 

Is your Data protected?

Chronopost undertakes to adopt all necessary measures in order to protect the security and confidentiality of your Data and, in particular, to prevent any damage, erasure or unauthorised access by a third party.

If your Data is affected by a security breach (destruction, loss, alteration or disclosure), Chronopost undertakes to fulfil our obligation to notify Data Breaches, in particular to the French Data Protection Authority (CNIL).

 

What are your rights concerning your Data?

You may contact Chronopost to exercise your rights held under the personal data regulations in force at any time, provided that you satisfy the relevant conditions and particularly:

     - Right of access: you may be sent your Data that is processed by Chronopost;
    - Right to rectification: you may update your Data or have your Data rectified by Chronopost;
     - Right to object, in particular to prevent direct marketing: you may wish to no longer receive marketing communications from Chronopost;
    - Right to erasure: you may ask us to delete your Data;

All requests must be submitted with proof of your identity.

In order to improve the processing of your requests, Chronopost has provided the following form:

Chronopost undertakes to respond to your data subject requests without undue delay and in any event, within the times imposed by law.

 

Has Chronopost appointed a Data Protection Officer?

The appointment of a Data Protection Officer reflects Chronopost's commitment to ensuring the protection, security and confidentiality of Data.

Our Data Protection Officer may be contacted at the following address :

Data Protection Officer
CP C703
9 Rue du Colonel Pierre Avia
75015 Paris

 

GLOSSARY

All capitalised terms are defined as follows:

«  "Privacy Policy" and "Policy":  » et « Politique » Means this Policy describing the measures adopted for the processing, exploitation and management of your Personal Data and your data subject rights.

« "Personal Data":   » Means any information relating to you that can be used to identify you, directly or indirectly.

« "Processing":  » Means any operation or any set of operations performed on your Personal Data.

« "Data Controller":  » Means Le Groupe La Poste's entity processing your Personal Data.

« "Personal Data Breach":  »Means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, your Personal Data.

« "Recipient":  »Means the department or company to which your Personal Data is disclosed, having access to that data.