Menu
KORUS

Legal Notice

Website publisher :
KORUS
139 ZA du Vercors
38140 La Murette
Téléphone : +33 (0)4 76 05 70 03

SAS DASA, a French simplified joint-stock company with a capital of €1,053,600
SIRET 383 381 365 00048 – registered at the Grenoble registrar of companies (RCS)
EU VAT number :  FR72 383 381 365
French principal activity code (APE/NAF): 7112B

Email : communication@korus.fr

Website designer:
Agence Melbourne
24 avenue Joannes Masset
69009 Lyon
www.melbourne.fr

Web host :

Probesys

This website (www.korus.fr) has been declared to the CNIL (the French data protection agency)
in accordance with French law (declarations n° 1646234 and 1646227).

Photos credits :
Korus
Agence Zoom for Korus
Stéphane Chalaye
Emmanuel Delaloy
Boris-Yvan Dassié
Visitor confidentiality agreement / Personal information

 

What is GDPR ?

The General Data Protection Regulation (GDPR) is a European regulatory text that governs equitable data processing throughout the territory of the European Union. Its objective is to protect individuals with regard to personal data processing and the free flow of this data.

Privacy :

We respect the right to privacy of all visitors to this website. We do not collect any personal information from visitors without their consent. No scripts or stratagems are used to this effect. The personal information we request from our visitors is limited to contact details and email addresses, which are provided voluntarily. Under no circumstances will this information be given, exchanged or sold to third parties without the prior consent and knowledge of the individuals concerned.

Below, you will find our policy with regards to the handling of personal information. This text aims to inform you of how we use this information and tells you what steps to take should you wish to make changes to the information you provided.

The data processing register

In accordance with Article 30 of the GDPR, the KORUS Group has set up this register with the aim of identifying all files in order to obtain an overview of personal data processing in the company.
In order to obtain an exhaustive register, the manager responsible for this process has contacted all the people and company departments that may process personal data.

This manager then identified all of the main business activities that require data collection and processing.

Each activity identified has a file specifying:

  • The objective or purpose pursued
  • The categories of data used
  • Who has access to the data
  • The retention period for this data

For each activity file created, it has been verified that:

  • The data is necessary for the activity
  • The data is not sensitive; or if it is, that we have the right to process them
  • Only authorised persons have access to the data they need
  • The data is not retained beyond what is necessary

This register is updated as many times as necessary.

The protection of personal data is taken into account upon the design of a project and by default by each department concerned.

1- Nature of the personal information collected

The information we collect comes from two sources :

– A visitor voluntarily providing their email address in order to receive our newsletter,

– A visitor providing their contact details when filling out our contact form.

2- What do we do with this information?

The information you provide to us is never passed on to third parties. Below we outline the circumstances in which we might receive your information, and how it is used in each case:

– You subscribed to our newsletter: in this case, your email address is only added to our mailing list so that you can receive our newsletters and internal announcements. We never use your contact details to send you messages from our business partners unless we have obtained your express permission to do so. Please note that you may unsubscribe from our newsletter at any time by clicking on the Unsubscribe link at the bottom of each newsletter. Should you encounter issues with this, you may contact us directly and ask to be removed from our mailing list.

– You filled out our contact form to receive one of our professional publications. In this case, it is possible that at some point we will send you messages from other partners. However, your contact details will never be communicated externally: we send the information ourselves. You may object to your details being used to send you these types of messages, by ticking the relevant box on the page where we ask you to provide your contact details. If you did agree to receive messages from third parties, you may opt out at any time by contacting us.

– You sent us a job application. In this case, the documents and information you sent are forwarded to our recruitment department and will not under any circumstances be passed on to third parties. You may contact us at any time to request the deletion of these documents.

In accordance with the French Data Protection Act of 6 January 1978, you have the right to access, modify, rectify and delete any of your personal details. Simply contact us with your request.

Retention and use of personal data / Protection of property and persons

The policy of the KORUS Group requires that personal data be collected in a fair, legal and transparent manner, that it be used solely for legitimate purposes, that measures be implemented to protect its integrity, that it not be retained for longer than necessary, and that the people concerned receive all the support they need to exercise their rights.

All personal data collection tools used by the KORUS Group include the following information:

  • The purpose of collection
  • Authorisation to process the data
  • The people with access to the data
  • The retention period for the data
  • The terms under which the people concerned can exercise their rights.

The KORUS Group Misconduct Reporting System is also available to report non-compliance with KORUS’ data protection compliance program or to report a potential violation of this program to the authorities.

Finally, it is also possible to contact the data protection officer “DPO”: Valérie GRAMBIN- Legal Director of the KORUS group using the following email address: alert@korus.fr.

Data security

Due to the collection and processing of data,KORUS undertakes, within the framework of the legal and regulatory provisions which are binding on it and in compliance with the principle of proportionality decreed by the GDPR, to implement all the organisational and technical measures deemed useful in order to preserve the security, integrity and confidentiality of data, as well as the security of its information and communication system, on a technological and procedural level, in particular to prevent any modification, any transfer and any unauthorised deletion of data, and any unauthorised breach or damage to its information system.

  • The implementation of a triple backup system, which makes it possible to recover data in the event of an incident (data lost or attacked by a cryptovirus, etc.),
  • Antivirus and software updates,
  • Regular changing of passwords
  • Use of complex passwords
  • Separate profiles are created according to user needs to access data

However, the primary risk is the human risk associated with the processing and handling of Data by users, and their use of the information and communication system and related tools.

Consequently, the implementation of security tools does not exempt users from reporting any attempt at external breach, tampering or the presence of viruses to the person in charge of information systems.

All users are responsible, within their capacity, for contributing to the security of the systems made available to them and the network to which they have access, primarily by preventing the intrusion of viruses that could damage the KORUS Group’s information system.

For this, the user agrees to:

  • Not open external attachments received when the sender of the message is unknown
  • Destroy “chain email” type messages;
  • Not store and forward gadgets received or found on the internet;
  • Not forward warning messages about the arrival of a virus but rather notify the person in charge of information systems;
  • Not modify the configuration of his/her computer workstation set up by information systems management, whether by addition, deletion or modification, except on an exception basis following the express consent of the latter;
  • Not provide unauthorised users with access to systems or networks through the equipment he/she is using;
  • Not use or attempt to use accounts other than those assigned to him/her, or hide his/her identity;
  • Not download files, especially media, unrelated to work activity or posing a risk to the information system;

The user is required to immediately inform his/her superiors of any malfunction, alteration, loss, theft, destruction and other event that may affect computer and electronic communication systems.

Any installation or use of software not expressly authorised by the person in charge of information systems is prohibited.

As part of his/her business trips, regardless of their duration or frequency, the user must adopt an attitude of caution and reserve with regard to the information and information system resources that he/she may be required to access, handle or exchange.

In particular, the use of Wi-Fi connection systems in public places is not recommended.

Cookies

This site uses cookies, but may also use third-party technologies to improve certain services and the way the site is displayed. Cookies identify a computer, not a user. Most browsers are configured to accept cookies. You may change your browser’s configuration to disable cookies, however blocking cookies may prevent the sites you are visiting from displaying correctly and certain services may not be available to you.

External links

We are not responsible for the private practices of websites that link to our site. You should find out about these websites’ practices and their policy regarding confidentiality before sending them any personal information. For the latest information on confidentiality and email practices, please take a few minutes to visit the following website: Electronic Privacy Information Center (http://www.epic.org)