ONEDIRECT PRIVACY POLICY

 

ONEDIRECT RESPECTS YOUR CONFIDENTIALITY

 
ONEDIRECT is attentive to the protection and respect of your privacy, whether you are a customer or user of our services and sites.

This privacy policy is intended to present to you the categories of personal data that we collect, the way in which we use them as well as the rights available to you, in accordance with the regulations in force in the United Kingdom and Europe.

1. DEFINITIONS

“Personal data” or “Data” means any information relating to a visitor to the Onedirect site or to a buyer. This generally concerns your first and last names, delivery addresses, payment details, email and journey on the site. Onedirect does not collect or process any sensitive data.

“Data Controller” means Onedirect, the company which collects Personal Data and determines the purposes and means of processing within the meaning of Article 24 of the GDPR.

“Regulation” means Regulation No. 2016/679 of the European Parliament and of the Council of April 27, 2016 relating to the protection of individuals with regard to the processing of Personal Data and the free movement of Data (GDPR) and the Data Protection and Freedom Act No. 78-17 of January 6, 1978 as amended.

“Site” : désigne le site internet www.onedirect.co.uk

2. WHAT DATA DO WE COLLECT?

The different categories of Data collected are as follows:

A. Data collected when creating your personal account

You have the option of creating a personal account on our Site when you place an order online and possibly subscribing to the Onedirect Newsletter.

On this occasion, we collect the following identification and contact data:

  • Name;
  • First name;
  • Civility;
  • Address;
  • E-mail address;
  • Password;
  • Phone number.


This data allows us to create your personal space and manage your access to this space, to subscribe to the Onedirect mailing list as part of commercial operations.

 

B. Data collected during your online orders on our Site

Your name, first name and postal addresses allow us to deliver packages; Your telephone number allows us to inform you of any difficulty or delay in delivery; Your email address is necessary for us to send you confirmation of your order, your invoice as well as, where applicable, to send you our newsletter and our offers.

When you order, we also collect the Data:

  • Relating to the processing of your order: invoices, order number, products ordered;
  • Related to payment: means of payment, credit card number, payment history, expiration date.


Onedirect does not store any bank card numbers. All transactions are secured by SSL technology (data encryption). When you enter your card number, this data is instantly encrypted in your own PC before being sent.

 

C.The Data we collect via cookies and other trackers

A cookie is a small file that records information relating to your browsing on our Site.

Our Site uses cookies installed on your computer during your navigation. In this way, we collect the following connection and browsing data:

  • Computer IP address;
  • Access provider;
  • Search engine;
  • Connection and usage logs;
  • Navigation tracking including pages viewed;
  • Consultation time on the site;
  • List of products and services viewed/chosen.


The data thus obtained during your visit to the Site aims to improve and personalize the functionalities of the Site, facilitate subsequent navigation on the Site, improve the ergonomics of the Site, enable various traffic measurements and offer you advertising. targeted.

To find out more about how we manage cookies and how to object, please consult our cookies policy: https://www.onedirect.co.uk/privacy-policy-cookie-restriction-mode

You can, if you wish, prevent this collection by deactivating your cookies in your browser software. Even when this function is disabled, you can access the Site normally.

 

3. FOR WHAT PURPOSE?

Each processing of Personal Data that we collect has a specific purpose and has a legal basis.

PURPOSE LEGAL BASIS
The purposes of the processing referred to in A are:
  • Creating your personal space
  • Identification and authentication of the client or user
  • Sending the newsletter
  • Management of commercial operations
The legal basis for this processing is the legitimate interest of Onedirect.
The purposes of the processing referred to in B are:
  • The management, preparation and delivery of your order.
  • After-sales service and customer follow-up.
  • Tracking and managing your orders and complaints
  • Communication between customers and our services for any technical and commercial assistance
  • Management of disputes, pre-litigation or unpaid debts.
This processing has the legal basis of the execution of the sales contract.
The purposes of the processing referred to in C are:
  • To allow access to the Site and facilitate navigation
  • To produce site traffic statistics
  • Analyze the customer journey
  • To improve the ergonomics of the Site
  • To target our communications
The legal basis for this processing is the legitimate interest of Onedirect.

Your consent may be required for some cookies.

4. TO WHOM?

Your Data is processed by Onedirect and may be transmitted:

  • To employees of ONEDIRECT if their mission requires it,
  • Access provider ;
  • To Onedirect's external service providers (in charge of web forms, collection of email addresses, emailing, payments and push notifications),
  • To possible subcontractors,
  • Navigation tracking including pages viewed;
  • To our IT service providers,
  • To our Data Protection Officer (DPO) in the event of a request from you related to the GDPR.


In the event of a reorganization or restructuring project, certain auditors, advisors, buyers could also have access to your Data.

Only people strictly authorized by Onedirect will have access to your Data. No unauthorized third party may have access to it, outside of the legal or unionist obligation incumbent on the Data Controller. Respect for the security and protection of your data is mandatory for all of our employees as well as our service providers.

Your data remains in the European Economic Area.

If your data could be hosted, transferred or stored in a country outside the European Union due to the internal organization of the company, Onedirect puts in place appropriate guarantees for the protection of your data in accordance with the GDPR (clauses standard contractual agreements and additional protection measures). You can request a copy by writing to the email address below (point 7).

 

5. HOW LONG IS THE DATA KEPT?

Customer data is kept for a period of 5 years following the end of the commercial relationship. Data relating to a non-customer prospect is kept for a period of 3 years from their collection or the last contact from the prospect.

6. HOW SECURE IS YOUR DATA?

Onedirect ensures the processing of your Data in complete confidentiality and security by putting in place the technical and organizational measures necessary to preserve their security, confidentiality and integrity in optimal conditions. We nevertheless advise you to equip your computer with software tools ensuring the protection of the transmission/reception of your network data, both input and output, (such as for example an up-to-date antivirus system) and to ensure that your Internet service provider has taken the necessary measures to ensure the security of network data transmission (such as, for example, by means of firewalls and spam filters).

7. ABOUT YOUR RIGHTS

In application of the Data Protection Act and the GDPR, you have the following rights:

  • Right of access to personal data held by Onedirect
  • Right to rectification of your personal data
  • Right to no longer receive marketing communications
  • Right to limitation or opposition to the processing of personal data, or to their erasure under certain conditions
  • Right to receive a copy of the personal data you have provided to Libération in a structured, commonly used and machine-readable format (right to portability)
  • Right to change or withdraw your consent at any time, if you have voluntarily provided personal data or consented to its use

You acknowledge, however, that processing carried out before the revocation of your consent remains perfectly valid.

However, in accordance with article 12.6 of the GDPR, for the exercise of these rights, ONEDIRECT, as responsible for this processing, reserves the right to ask you to prove your identity. We inform you that the data used to prove your identity will be deleted once we have responded to your request. You can exercise these rights by sending an email to dpo@incept-group.com

We have one month to respond to any request relating to the exercise of your rights. This deadline may be extended by two months, due to complexity or too many requests.

 
If you wish to exercise your rights, simply send us your request by mail to the address: Onedirect UK, Wilberforce House, Station Road - London NW4 4QE or by email to dpo@incept-group.com

If you are not satisfied with our discussions regarding the processing of your Data or the exercise of your rights, you have the option of contacting the data protection authority, the Information Commissioner's Office (ICO). The ICO's contact details can be found on their website at https://ico.org.uk/.

 

8. UPDATE

This policy may possibly be subject to updating by Onedirect, in the event of new processing, and in particular on the basis of:

  • Significant changes in legislation and/or case law as well as technical standards applicable to the Information System
  • Risk assessment;
  • Readjustments suggested by the implementation of internal information management procedures.


This privacy policy is regularly updated as to how we collect and process your personal data. In such a case, we modify the last update date on this page. We invite you to regularly consult our Confidentiality Policy in order to consult any possible changes that may have been made.

 



Last updated on 05/27/2024