Table of Contents

  1. Purpose and Scope of the Policy
  2. Data Controller
  3. Which Personal Data Do We Collect and How?
  4. Why Do We Collect Your Personal Data and How?
  5. Do We Share Your Personal Data?
  6. Is Your Personal Data Transferred to Third Countries?
  7. How Long Do We Keep Your Personal Data?
  8. How Do We Ensure the Security of Your Personal Data?
  9. What Are Your Rights?
  10. How to Contact Us?
  11. Update of This Policy

1. Purpose and Scope of the Policy

SAS VAEARA’I places the highest importance and care on the protection of privacy and Personal Data, as well as compliance with applicable legislation. Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”) states that Personal Data must be processed lawfully, fairly, and transparently. Accordingly, this privacy policy (hereinafter the “Policy”) aims to provide you with clear and simple information about the processing of Personal Data concerning you, in the context of your browsing and the operations carried out on our website.

2. Data Controller

In the context of your activity on the site https://www.vaearai.com/, we collect and use Personal Data related to you, natural persons (hereinafter “Data Subject”).

For all processing activities, SAS VAEARA’I determines the means and purposes of the processing. Thus, we act as the Data Controller, within the meaning of the regulations on Personal Data, in particular Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

3. Which Personal Data Do We Collect and How?

By using our website, you provide us with a certain amount of information about yourself, some of which can identify you (“Personal Data”). This occurs when you browse our site (see Cookie Policies) and when you fill out online contact forms. The nature and type of Personal Data collected about you vary depending on the relationship you have with SAS VAEARA’I, the main ones being:

  • Identification Data: this includes all information that would allow us to identify you, such as your first and last name, phone number, and email address when using the contact form.
  • Connection Data: We also collect your IP address for maintenance and statistical purposes.
  • Information Related to Your Browsing: by navigating our website, you interact with it. Consequently, some information about your browsing activity is collected.
  • Data Collected from Third Parties: Personal Data that you have agreed to share with us or on publicly accessible social networks and/or that we may collect from other publicly available data sources.

4. Why Do We Collect Your Personal Data and How?

We collect your Personal Data for specific purposes and based on different legal grounds.

Based on your consent, your Data is processed for the following purposes:

  • Managing contact requests via the contact form;
  • Responding to contact requests;
  • Managing cookies that require your consent.

Within the framework of SAS VAEARA’I’s legitimate interest, your Data is processed for the following purposes:

  • Generating statistics to improve the website.

In accordance with the legal and regulatory obligations to which SAS VAEARA’I is subject, your Data is processed for the following purposes:

  • Fraud prevention;
  • Prevention of money laundering and financing of terrorism;

Maintaining general and subsidiary accounting;

5. Do We Share Your Personal Data?

Your Data is intended for authorized agents of SAS VAEARA’I in charge of managing the website according to the purposes of collection and within the limits of their respective responsibilities. They may be shared for certain tasks related to these purposes, and within the scope of their missions and authorizations, with the following recipients:

  • Subcontractors we engage to carry out various operations and tasks on our behalf, including:
    • Website development and maintenance.

When your Data is shared with our service providers and subcontractors, they are also required not to use the Data for purposes other than those originally intended. We take all necessary measures to ensure that these third parties maintain the confidentiality and security of your Data.

In all cases, only the necessary Data is provided. We take all measures to ensure secure communication or transfer of your Data.

We do not sell your Data.

6. Vos Données à caractère personnel sont-elles transférées vers des pays Tiers ?

SAS VAEARA’I strives to store Personal Data in France, or at least within the European Economic Area (EEA).

However, it is possible that the Data we collect when you use our platform or within the scope of our services may be transferred to other countries. This may occur, for example, if some of our service providers are located outside the European Economic Area.

In the event of such a transfer, we ensure that it is carried out:

  • To a country providing an adequate level of protection, i.e., a level of protection equivalent to what European Regulations require;
  • Under standard contractual clauses;
  • Under internal corporate rules.

7. How Long Do We Keep Your Personal Data?

  1. We retain your Personal Data only for as long as necessary to achieve the purpose for which we hold this Data, in order to meet your needs or to fulfill our legal obligations.

    The retention periods vary depending on several factors, such as:

    • The needs of SAS VAEARA’I’s activities;
    • Contractual requirements;
    • Legal obligations;
    • Recommendations from supervisory authorities.
    The retention periods for your Data are as follows:
Purpose
Retention Periods
Handling Contact Requests
Only for the time necessary to respond to the request
Managing Cookies Requiring Your Consent
According to the maximum retention period allowed for each cookie
Generating Website Improvement Statistics
1 year.
Handling Pre-litigation and Litigation
According to the maximum legally permitted duration
Fraud Prevention
According to the maximum legally permitted duration
Prevention of Money Laundering and Terrorism Financing
According to the maximum legally permitted duration
Maintaining General and Subsidiary Accounting
According to the maximum legally permitted duration

8. How Do We Ensure the Security of Your Personal Data?

SAS VAEARA’I is committed to protecting the Personal Data we collect or process against loss, destruction, alteration, unauthorized access, or disclosure.

Accordingly, we implement all appropriate technical and organizational measures, depending on the nature of the Data and the risks associated with its processing. These measures aim to preserve the security and confidentiality of your Personal Data. They may include practices such as limiting access to Personal Data to authorized personnel based on their roles, pseudonymization, or encryption.

Additionally, our practices, policies, and/or physical and/or logical security measures (secure access, authentication procedures, backups, software, etc.) are regularly reviewed and updated as necessary.

9. What Are Your Rights?

The GDPR provides Data Subjects with rights that they can exercise. The following rights are included:

  1. Right to Information: the right to receive clear, precise, and complete information about the use of Personal Data by SAS VAEARA’I.
  2. Right of Access: the right to obtain a copy of the Personal Data that the Data Controller holds about the requester.
  3. Right to Rectification: the right to have Personal Data corrected if it is inaccurate or outdated and/or to have it completed if it is incomplete.
  4. Right to Erasure / Right to Be Forgotten: the right, under certain conditions, to have Data erased or deleted, unless SAS VAEARA’I has a legitimate interest in retaining it.
  5. Right to Object: the right to object to the processing of Personal Data by SAS VAEARA’I for reasons relating to the requester’s particular situation (subject to conditions).
  6. Right to Withdraw Consent: the right to withdraw Consent at any time when processing is based on Consent.
  7. Right to Restriction of Processing: the right, under certain conditions, to request that the processing of Personal Data be temporarily suspended.
  8. Right to Data Portability: the right to request that Personal Data be transmitted in a reusable format allowing it to be used in another database.
  9. Right Not to Be Subject to Automated Decisions: the right for the requester to refuse fully automated decision-making and/or to exercise the additional safeguards provided in this context.
  10. Right to Define Post-Mortem Directives: the right for the requester to define directives regarding the fate of Personal Data after their death.

Additional rights may be granted to Data Subjects by local regulations.

To this end, SAS VAEARA’I has implemented a procedure to manage Data Subject rights in compliance with applicable legislation. To exercise your rights, you may contact: [email protected] As part of this procedure, if there is reasonable doubt, you may be asked to provide proof of your identity.

You also have the right to contact the French Data Protection Authority (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, regarding any complaint related to how SAS VAEARA’I collects and processes your data.

10. Update of This Policy

This Policy may be updated regularly to reflect changes in the regulations regarding Personal Data.

11. Update of This Policy

Last Update Date: 04/19/2024