On this page you will find information about the processing of personal data by Leroy Merlin France in the context of the Designers of Tomorrow competition.
Where, when, how and why do we process your data and, also, what are your rights?
Who is the data controller?
The data controller is Leroy Merlin France.
To carry out this processing, Leroy Merlin uses technical service providers, who are subcontractors, to maintain and host the site.
Leroy Merlin remains responsible for the use of your data by its subcontractors who only act on its instructions.
Why do we collect your data?
Managing your participation in the competition |
---|
Sub-purpose Depending on the case, your data will be collected and processed for different purposes. These uses are called the purposes of processing. | - Receipt and analysis of entries
- Designation of the winner
|
The processing is justified by... This is known as the legal basis. | Your consent |
What categories of personal data are concerned? | - Identification data: surname, first name, telephone number, email address, etc.
- Data relating to your participation
|
Who is authorised to obtain access to the personal data collected during surveys? | Participants' data can only be accessed by authorised persons at Leroy Merlin and its subcontractors and technical service providers. |
How long do we keep your data?
The personal data collected is kept for a maximum of 1 year.
How is my data protected?
Leroy Merlin France takes all customary precautions to protect the security of Personal Data against any unauthorised loss, access, modification, intrusion, alteration, disclosure or destruction of the Personal Data it holds. Access to Personal Data is strictly controlled and reserved for employees who need access in order to process it.
Your rights
You have several rights. Some of these apply to all processing of data concerning you, while others depend on the type of processing carried out and, more specifically, on the legal basis on which the processing is based. Below is a brief description of these rights and how to exercise them.
- Right of access: This right allows you to ask us questions about the nature of the processing that concerns you (type of data, origin of collection, etc.). It also allows you to ask us for a copy of all the information concerning you. This right applies regardless of the legal basis for the processing of your data.
- Right of rectification: If you have made an error in data entry, or if you would like to add information, there are many situations in which you may need to update your data. This right applies regardless of the legal basis for the processing of your data.
- Right to withdraw your consent: if you have given your consent to the processing of your personal data, you have the right to withdraw your consent at any time.
- Right to limit processing: you may request that the processing of your personal data be limited.
- Right to portability: This right allows you to request that your personal data be made available to you if it is processed on the basis of your consent or a contractual relationship. What is the difference with the right of access? We are obliged to send you the data in a format that is technically usable by you.
- Right to object: This is the right to say "no", the right not to be included in a data processing operation or to no longer be included. This right applies when the processing is based on the "legitimate interest" of the data controller, provided that this interest is not "overriding".
- Right to erasure: Where your data is processed on the basis of your consent or the legitimate (non-compelling) interest of the data controller, you may obtain the early deletion of your data. How can this be done? All you have to do is express your wish to withdraw your consent or exercise your right to object to the processing.
- Right to end: You have the right to define directives relating to the conservation, erasure, or communication of your personal data, applicable after your death.
You may exercise the rights listed above by contacting the DPO at dpo@leroymerlin.fr
In accordance with the applicable regulations, you are entitled to lodge a complaint with the competent supervisory authority, such as the CNIL (Commission Nationale de l’Informatique et de Libertés) in France.
How can you contact us?
If you have any questions about the use of your personal data covered by this document, you can contact the Leroy Merlin France Data Protection Officer at dpo@leroymerlin.fr.