Personal Data Policy
1 Preface
For companies requiring it on an interim basis, PIXID provide internet-based management services for the entire temporary work process in a way that is totally paperless (managing temps, electronic signatures for service contracts, receiving order confirmations, managing job applications and interview circuits, activity reports, pre-invoicing, invoicing, tax digitisation for invoices and reports).
As a European leader for the internet-based management of flexible employment and temporary work, PIXID aim to deliver the highest possible levels of service. We also attach great importance to building trust-based relationships with our clients.
Conscious of our obligations with regards to personal data, since the company was founded in 2004, PIXID have implemented a range of measures in relation to the processing of personal data in accordance with the applicable laws and regulations. PIXID are following a strategy for complying with the General Regulations for Data Protection (GRDP or RGPD) and ISO 27001 certification with regards to their Information Security Management System (ISMS).
In the interests of transparency, the purpose of this personal data policy is to outline the way in which we at PIXID collect and process this data.
2 Where is the personal data protection policy applicable?
This personal data protection policy applies to personal data gathered across all websites and applications belonging to the PIXID group.
The personal data gathered relates to those using our services and/or to the HR files for temporary workers or providers of services we manage.
3 What personal data do we manage?
PIXID manages two types of personal data:
– Data collected directly by PIXID from persons accessing the PIXID service and for whom PIXID acts as data controller.
– The data of PIXID’s customers, which they manage from temporary workers and which PIXID manage as a subcontractor.
3.1 What data is collected directly by PIXID?
The personal data that PIXID collects from users of the service in order to manage access (login, passwords, accreditations) are as follows:
- Civility
- Name
- First name
- Professional e-mail
- Business phone number
- Professional mobile phone
3.2 What data is collected by our customers and transmitted to PIXID?
Our customers collect personal data and then transmit it to PIXID. We manage them under the instructions and responsibility of our customers.
It is the responsibility of our customers to ensure that the conditions required for the collection and processing of such personal data are met.
The personal data collected by our clients from applicants and temporary workers and which is entrusted to PIXID is as follows:
- Surname
- Maiden name
- First name
- Date of Birth
- Place of Birth
- Nationality
- Gender
- Home address
- Home postcode
- Home town
- Work phone number
- Work email address
- Personal phone number
- Personal email address
* information only requested from temporary workers who wish to connect to PIXID.
4 Do we collect your IP address and your cookies?
We are likely to collect your IP address and information on the browser used in order to improve our services and/or compile statistics.
We are also likely to use cookies (small files downloaded onto your computer, tablet or mobile phone and which may contain personal data) when you access our websites or applications. We use cookies for the purposes of managing your user session and to collect statistics regarding the use of our platform.
The default settings of internet browsers are normally set to accept cookies, but this can easily be changed by modifying the settings on your browser. However, please note that, if you choose to deactivate cookies, it is possible that our websites or applications will no longer be accessible.
5 How do we use your personal data?
We use the personal data that we gather or which clients supply us with exclusively for managing flexible employment, intellectual services and work contracts.
We may also use the personal data that we gather in order to provide you with information regarding PIXID activity, including newsletters and satisfaction surveys.
Lastly, some of the information we gather allows us to compile statistics regarding how our platform is used, which are required in order to improve the quality of our service, access time and user experience.
It should be noted that we attach the same importance to protecting the personal data that we collect directly from our users as we do to data supplied to us by our clients and for which PIXID operate as a subcontractor.
6 How long do we keep personal data for?
We retain the personal data for a user of PIXID services for as long as they have access to our platform. Login information (personal password and username) will be deleted once the user no longer has access to PIXID services.
However, we may be required to retain information relating to the use of our platform in our log files. This information will be used to improve the quality of PIXID services.
We will retain personal data for temporary workers for as long as we are legally allowed to retain the documents for which we are responsible. With regards to job applications, the length of time for which this data may be retained is 2 years. For an order or a contract of assignment, this period is extended to 10 years. Lastly, with regards to placement contracts, fixed-term contracts or payslips, these documents will be retained for 50 years.
7 Will your personal data be stored safely?
At PIXID, we always aim to store your data as safely as possible. With this in mind, we take all the necessary physical, technical and organisational measures in order to prevent your personal data from being modified or lost and to prevent any unauthorised access to your personal data.
More specifically, the use or management of databases containing your personal data will be the responsibility of an internal team, made up exclusively of PIXID employees. Each employee that has access to the data will have signed a personal commitment to respect the confidentiality of this data. All access is subject to strict controls and full traceability.
A full list of these methods is described in the General Policy for Information System Security (GPISS or PGSI). In addition, PIXID is certified ISO 27001 on the management of its information system (ISMS).
8 How can you access your personal data?
You can contact us by sending an email to the following address [email protected], in order to view any personal data relating to you and which we currently have in our possession.
Should you become aware of any errors within this data, you may request that we correct it. You may also request that we delete any data relating to you.
However, please note that the legal restrictions regarding the lengths of time for which we are legally allowed to retain documents (contracts, payslips) require us to retain some personal data.
9 Do we share your personal data?
The PIXID group will not share your personal data with other companies for any purpose other than the management of flexible employment.
However, we may be required to share data with partner companies or service providers as part of their activities, while respecting the initial purpose. Specifically, when distributing our newsletter, data (an email address, for example) may be shared with service providers. Should this happen, we will demand that they only use your personal data to manage the services that we have asked them to provide. We will also request that these service providers always act in a way that complies with the applicable laws regarding the protection of personal data and that particular attention be paid to the confidentiality of this data.
10 Where do we store your personal data?
Your personal data will be stored in databases managed exclusively by PIXID employees.
The hosting of PIXID servers (used, for example, for main storage, backup, DRP and archiving) is managed by recognised service providers whose storage sites are located within the European Economic Area.
11 Will we transfer your personal data outside of the European Economic Area?
Given the international dimension of the PIXID group, data may be exchanged with PIXID sites located in countries outside of the European Economic Area.
The cross-border nature of the General Regulations for Data Protection makes it possible to ensure the same level of protection is applied to personal data for countries within the European Economic Area as for countries outside of it.
PIXID request that the same level of demands with regards to physical, organisational and technical measures, as well as those relating to people, is applied during this type of data exchange as it would be for operations within France.
12 Appendix A: CNIL Authorisation
Computer processing of personal data for which there are particular risks with regards to rights and freedoms will, in advance, be subject to CNIL authorisation:
PIXID declared their activity with the CNIL on 2nd May 2005 – number 1091735.
Nomination in early 2012 for a CIL with the CNIL. A person appointed by PIXID is now designated as the correspondent for protecting data of a personal nature.