GOFAR – INTERNATIONAL FORUM OF AGRICULTURAL ROBOTICS (FIRA)
This Policy complies with the provisions of EU Regulation 2016/679 of April 27th, 2016 (“General Data Protection Regulation” or “GDPR”) and Law No. 78-17 of January 6th, 1978, as amended, relating to data processing, files and freedoms.
This policy may be modified or supplemented at any time, particularly to comply with any legislative, regulatory, legal or technological developments.
- ESSENTIAL DEFINITIONS
- “Personal Data” refers to any information that relates to an individual who is identified (name, first name, image, video, etc.) or identifiable (telephone number, bank account number, fingerprint, etc.). The following are excluded from the notion of Personal Data: anonymized data, data concerning legal entities and data regarding machines.
- “Sensitive Personal Data” refers to personal data that reveals the racial or ethnic origin, political opinion, religious or philosophical belief, trade union membership, genetic data, biometric data, health-related data or the sexual orientation of a Data Subject.
- “Data Subject” refers to an individual person who can be identified and whose Personal Data is processed in particular in connection to his/her use of the website https://www.fira-usa.com/ or his/her registration and participation in FIRA.
- “Data controller” is the person/entity who/which determines, individually or jointly with others, the purpose and means of Personal Data processing. In this case, the Data Controller is:
GLOBAL ORGANIZATION FOR AGRICULTURAL ROBOTICS, Association under the French Law of 1901 and domiciled at 235 rue de la Montagne Noire, 31750 Escalquens (France), represented by its President, Mr. Gaetan SEVERAC.
- “Processor” indicates a natural or legal person who processes Personal Data on behalf of the Data controller, in accordance with specific written instructions from the latter.
- “Processing” means any operation or set of operations performed upon Personal Data or sets of Personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
- PERSONAL DATA AND DATA SUBJECTS
GOFAR is required to collect and process the following Personal Data relating to the Data Subjects:
- Identity of the Data Subject: Title, surname, first name, date of birth, photo or avatar;
- Information relating to his/her professional activity: professional activity/position within the company he/she represents, name of the company he/she represents;
- Professional contact details: telephone, e-mail address, professional postal address;
- Information relating to his/her professional networks: Website URL, LinkedIn account, Twitter account;
- IP address.
The Data Controller does not collect or access any Sensitive Personal Data relating to the Data Subjects.
- METHODS OF COLLECTING PERSONAL DATA
The Personal Data processed by GOFAR is collected through interactive forms on the FIRA USA website, namely:
- Website contact form
- Subscription to FIRA newsletter
- FIRA USA registration form
The Personal Data whose communication is mandatory is identified by an asterisk. Failure to communicate the data will result in the request not being processed or its processing being delayed.
Personal Data is not subject to automated individual decisions.
- PURPOSES AND LEGAL BASES OF PERSONAL DATA PROCESSING
The Personal Data of Data Subjects is processed only for the following purposes:
- Processing that is necessary for the performance of a contract to which the Data Subject is party, namely:
– Administrative and legal management as well as follow-up of FIRA USA registration;
– Administrative and legal management as well as follow-up of the partnership with any exhibitor or speaker at FIRA;
– Communication of information necessary for access to and participation in FIRA USA;
– Communication of information relating to FIRA USA and to GOFAR’s activities: mailing of newsletters (information campaigns, invitation to assess satisfaction, any news about FIRA)
- Processing on the basis of the Data Subject’s consent, which may be withdrawn at any time, namely:
– Transmission of the Personal Data of the Data Subjects to the FIRA USA partners, exhibitors or speakers, met during the FIRA tour in order to allow the continuation of the exchanges engaged with this partner, including if this partner is located outside the European Union;
– Receive commercial information from GOFAR on future editions of FIRA USA and any operation promoting agricultural robotics in which GOFAR participates.
– Receive commercial information from GOFAR’s partners represented at FIRA USA.
- RECIPIENT OF PERSONAL DATA
The recipient of personal data is GOFAR.
Personal Data may be transmitted to GOFAR’s subcontractors as part of the management of the registration and participation of the Data Subject in FIRA USA.
Under no circumstances shall GOFAR proceed to the marketing of Personal Data.
- PERSONAL DATA RETENTION PERIOD
Personal Data collected and processed by GOFAR is kept only for the duration necessary to achieve the purposes for which it was collected and during the duration for which the law requires retention (common-law limitation period, legal obligation to retain invoices, annual accounts, etc.) and in particular:
- Three (3) years after registration for the data collected in the context of FIRA USA registration;
- One (1) year for the data collected through contact forms.
At the end of the retention period, the retained Personal Data will be destroyed without a copy being stored.
- SECURITY OF PERSONAL DATA
GOFAR is committed to taking all reasonable precautions to protect the Personal Data it processes from accidental or unlawful destruction, loss, alteration, disclosure or unauthorized access. These precautions include technical, physical and organizational security measures, such as measures to prevent unauthorized access, depending on the sensitivity of the information and the level of risk associated with the processing of Personal Data.
The Personal data collected are stored in a secure environment. Subcontractors working for GOFAR are required to respect the confidentiality of Personal Data. The measures to ensure the security of Personal Data include:
- SSL (Secure Sockets Layer) Protocol
GOFAR is committed to maintaining a high degree of confidentiality by incorporating the latest technological innovations to ensure the confidentiality of Personal Data. However, since no device can offer maximum security, there is always a risk when using the Internet to transmit personal information.
- RIGHTS OF DATA SUBJECTS
Any person whose Personal Data is processed by GOFAR has the following rights in accordance with the applicable regulations:
- Right to access: i.e. the right to obtain confirmation from GOFAR that Personal Data relating to the person is or is not being processed and, when it is, access to such data as well as to information relating to the processing carried out;
- Right to rectify inaccurate or incomplete data;
- Right to erase data (right to oblivion) if Personal Data is no longer necessary to achieve any of the purposes provided for, if the Data Subject withdraws his/her consent when the latter was necessary to authorize the processing, when the legitimate interests of the processing are not compelling or when the processing carried out is unlawful;
- Right to limit the processing of Personal Data concerning him/her;
- Right to the portability of his/her Personal Data in a format that is structured, commonly used and readable by a machine;
- Right to object to the reuse of his/her contact information for solicitation purposes, particularly commercial.
Any Data Subject may, by proving his/her identity, exercise his/her rights at any time with the Association GOFAR, by e-mail to email@example.com or by postal mail to: Association GOFAR : 235 rue de la montagne noire – 31720 Escalquens – France.
The Data Subject may file a complaint with the “Commission Informatique et Libertés” (CNIL- The French data protection agency) on its website www.cnil.fr or by postal mail to: 3 place de Fontenoy, 75334 Paris Cedex 07.
- PROVISIONS FOR GROUP REGISTRATION
Any person arranging registration on behalf of a third party, and in particular in the context of group registration (hereafter referred to as “Group Manager”), agrees and warrants that:
- The Personal Data has been collected, processed and transferred and will continue to be collected, processed and transferred in accordance with the legal and regulatory provisions applicable to him/her regarding the protection of Personal data (and, where applicable, have been notified to the relevant authorities);
- The transfer to GOFAR for participation in FIRA USA and the processing by GOFAR under this Policy are not prohibited by any legal or contractual obligation of confidentiality;
- Prior to any transfer of Personal Data, he/she has informed the Data Subjects and complied with any notification and/or registration required by applicable law regarding the protection of Personal Data; in particular, the intended purposes of the collection, processing and transfer of Personal Data have been communicated to the Data Subjects;
- The Data Subjects have the right to access, rectify, limit the processing, erase or delete their Personal Data, in accordance with the applicable law on the protection of Personal Data;
- He/She has taken and will take all reasonable measures to verify the accuracy of the Personal Data and ensure that inaccurate or incomplete Personal Data will be rectified, completed or destroyed before any transfer of such data to GOFAR;
- He/she will inform GOFAR of any specific requirement from any Data Subject or competent authority as to how the Personal Data should be processed;
- He/she will inform GOFAR without delay of any request from any Data Subject or competent authority to rectify, update or delete Personal Data, after assessing the requirements of the applicable law for the protection of Personal Data;
- He/she will ensure that security measures are appropriate to protect the Personal Data against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access, in particular where the processing or transfer involves the transmission of data via a network, and against any other form of unlawful processing, and that these measures guarantee a level of security appropriate to the risks presented by the processing and to the nature of the data to be protected, taking into account the latest techniques and the cost involved in their implementation;
- He/she will provide GOFAR, upon request, with copies, or references to the relevant laws on the protection of Personal Data of the country in which the Group Manager is established;
- He/she will respond to requests from Data Subjects and authorities regarding GOFAR’s processing of Personal Data;
- He/she shall notify GOFAR within seventy-two (72) hours of any actual, potential or suspected breach of the provision of this clause.
The Group Manager hereby undertakes to respect the Personal Data Protection and Confidentiality Policy and the privacy of the Data Subjects.