Preamble

SPHERE is the publisher of the sphere.eu service and will hereinafter be referred to as “SPHERE” for the purposes hereof.

SPHERE attaches great importance to the protection of your privacy and your Personal Data and has always undertaken to use the Personal Data of its customers and prospective customers only to the extent necessary for the proper functioning of the www.sphere.eu site (hereinafter the “Site”).

Personal data refers to information relating to natural persons who are identified or identifiable, directly or indirectly (hereinafter the “Personal Data”).

Processing of personal data means any operation on this type of data (collection, storage, transmission, deletion, consultation, modification, etc.), whether on paper or electronically. The data controller is the person who determines the purposes of each processing operation and the means of achieving those purposes.

The collection and processing that we carry out complies with the legal framework in force applicable to the protection of Personal Data and, in particular, European Regulation 2016/679 of 27 April 2016, and the French Data Protection Act of 1978 as amended (hereinafter the “Regulation”).

This privacy policy describes how our Website Sphere.eu collects and uses the information it collects, as well as how you can access and delete this information when necessary (hereinafter the “Policy”).

SPHERE reserves the right to modify its Policy at any time in order, in particular, to develop its services or to comply with any new applicable regulations. The applicable policy is the one in force on the date of connection to the Site.

Users are therefore advised to consult the Policy on the Site regularly to keep abreast of any new updates.

Links to third-party websites

Our site may contain links to websites, applications, products or services that are operated by third parties (Twitter, LinkedIn, YouTube).

Therefore, we hereby inform you that this document does not extend to these third parties over which we have no control and for which we cannot be held liable. We encourage you to read the privacy policies, procedures and practices of these third parties.

By using our sphere.eu site, you accept the terms and conditions of this policy. If you disagree with any of the terms of this policy, please do not use our data collection form to contact us.

1 – Why do we collect your personal data ?

SPHERE acts as data controller when you send us your personal data on the site via our “contact” form and while you are browsing.

The data we collect is necessary for the following purposes :

• To provide the services and information you have requested via the contact form,
• To reply to your questions and requests,
• To compile anonymous statistics,
• To ensure the operation and security of the site, and improve its operation

2 – What data do we collect ?

When you use our site, we collect and process the following personal data:

• Personal details and contact information: surname, first name, telephone numbers, postal address, email address.
• Tracking, site browsing and connection data: IP address, cookies, logs. To learn more about cookies and how to disable them, please see the Cookie Management Policy.

3 – What is the legal basis for processing your data ?

The legal basis for processing your data is based on legitimate interest as regards the processing of your personal data via our contact form and on consent as regards cookies. For information on how to object to cookies being stored on your device, their purpose and how long they are retained, please refer to our cookie management policy.

4 – Who do we send your data to ?

Personal Data collected by SPHERE is intended to be processed exclusively by SPHERE.

Personal Data collected in the contact forms, and cookies, is only intended for SPHERE administrators. We do not transfer Personal Data to countries that are not members of the European Union or the European Economic Area.

SPHERE may, however, communicate to third parties the Personal Data it processes when such communication is required by law, a regulatory provision or a judicial decision, or if such communication is necessary to protect and defend its rights.

5 – How long will your Personal Data be retained?

SPHERE shall retain your Personal Data only for as long as is necessary for the purposes for which it is to be used. SPHERE may, however, retain your Personal Data for a longer period in accordance with its legal and regulatory obligations.

We collect and use your personal data for the main purposes described in point 1 and below. We retain your personal data only for as long as is necessary to fulfil the various purposes, except where we are permitted or required by law to retain it for longer.

These maximum periods apply unless you request the deletion or cessation of use of your data before its expiry for a reason compatible with any legal obligation that may be imposed on SPHERE.

6 – What are your rights and how can you exercise them ?

6.1 – What are your rights?

Right to access your data

You may obtain confirmation as to whether or not your data is being processed and, where it is, access to all the data and information we hold about you.

Right to rectify your data

You may obtain as soon as possible the rectification of any data concerning you that is inaccurate or erroneous. You may also ask for your data to be completed, if necessary.

Right to deletion of your data

Barring legal exceptions, you may ask us to delete your data as soon as possible if, in particular, you feel that the processing we are carrying out on your data is no longer necessary for the purposes for which it was collected.

Right to portability of your data

You have the right to recover part of your data in an open, machine-readable format or to ask us to send it to another organisation. This right only applies to data that you have actively and knowingly provided to us (for example, data that you have entered in an online form) or data generated when using a service or device in the context of concluding or managing your contract, and which is processed automatically, on the basis of consent or the performance of a contract.

Right to object

You may object to your data being used by an organisation for a specific purpose. You must give reasons relating to your particular situation, except in the case of marketing, to which you may object without giving any reason. If your data is processed for marketing purposes, you may object at any time (see point 6.2 of this Policy), just as you may object to the storage of cookies at any time.

Right to restrict the processing of your data

You may ask us to retain your data without being able to use it, in one of the following cases:

• you dispute the accuracy of the data we are using,
• you object to your data being processed,
• in the event of unlawful use but you object to its deletion,
• you need it for the establishment, exercise or defence of legal claims.

Right to withdraw your consent to the processing of your data

Where the processing of your personal data is based on your consent (e.g. the sending of our electronic commercial offers), you may withdraw your consent at any time (see point 6.2 of this Policy).

Similarly, if you wish to withdraw your consent to cookies, you may do so in accordance with the procedures set out in our Cookies Policy.

Right to give post-mortem instructions

You may give instructions relating to the retention, deletion and communication of your data after your death. These instructions define how you want your rights to your data to be exercised after your death. You may send us these instructions by letter to our DPO (see Art. 6.2) with “Post-mortem instructions” in the subject line. You may amend or revoke your instructions at any time.

Right to lodge a complaint with the CNIL [French Data Protection Authority]

If you feel that your rights are not being respected or that your data is not being protected in accordance with the GDPR, you may, at any time, lodge a complaint with a competent supervisory authority (in France, the CNIL), directly on the CNIL Site or by post to: CNIL – 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.

6.2 – How can you exercise your rights ? 

To exercise any of your rights, send your request to dpo@sphere.eu or by post to the following postal address SPHERE – For the attention of the DPO – Service Client Conformité, 34-40 rue Henri Barbusse, 92230 Gennevilliers.

All requests must specify, in the subject line, the reason for the request (exercise of the right of access, objection, etc.) and the company concerned by the request. The request must also be accompanied by proof of identity (customer number, member number, copy of identity card or passport, etc.) and specify the email address to which the reply should be sent.

We will send you a reply within a maximum of one (1) month from the date of receipt of your request. However, this period may be extended by two (2) months due to the complexity and number of requests.

If, after contacting us, you feel that your Data Protection rights are not being respected, you may send a complaint to the CNIL.

This document was updated on 15/12/2023.