PRISM attaches importance to the protection of the privacy of those who provide us with personal data.

Our privacy policy describes how and why we process your personal data and provides you with information about your rights.

Who is the controller of your personal data?

The Data Controller is PRISM, a simplified joint-stock company with a share capital of 200,000 euros, having its registered office at 51 rue des Paluds - 34110 FRONTIGNAN, France and registered with the Montpellier Trade and Companies Register under number 88805953200026.

E-mail address: contact@prism-medical-protect.com

What personal data do we process from you?

The personal data collected may include:

  • Name and surname
  • Function
  • Mailing address
  • Email address
  • Telephone number(s)
  • Company Name

The personal data that is collected by PRISM and in particular if you are:

  • PRISM customer
  • partner or business correspondent
  • candidate for a recruitment or internship
  • visitor to the prism-medical-protect.fr website

are processed for the following purposes:

  • the day-to-day management of your files
  • the management of your requests for information, quotes, appointments, etc ...
  • the management of your applications
  • the management of your subscriptions to our newsletter, workshops or organized trainings

On what legal basis do we process your personal data?

PRISM ensures that its processing of personal data is lawful and justified by a valid legal basis, such as the consent of the data subject, the necessity related to the performance of a contract to which the data subject is a party, or the legitimate interests of PRISM.

How long do we keep your personal data?

PRISM keeps your personal data only for the time necessary for the operations for which they were collected, in compliance with the legislation in force and taking into account the limitation periods.

Do we carry out profiling with your personal data?

PRISM does not make automated decisions, including profiling, based on your personal data.

What are your rights and how can you exercise them?

As long as the processing is based on your consent, you can withdraw it at any time, without this affecting the lawfulness of the processing carried out before this withdrawal.

In accordance with the General Data Protection Regulation No. 2016/679 of 27 April 2016, you have the following rights:

  • Right of access: the right to be informed and to request access to the personal data we process;
  • Right to rectification: the right to ask us to amend or update your personal data when it is inaccurate or incomplete;
  • Right to erasure: the right to ask us to permanently delete your personal data;
  • Right of limitation: the right to ask us to temporarily or permanently stop the processing of all or part of your personal data;
  • Right to object:
    • the right to object at any time to the processing of your personal data for personal reasons;
    • the right to object to the processing of your personal data for direct marketing purposes;
  • Right to data portability: the right to request a copy of your personal data in electronic format and the right to transmit such personal data for use by a third-party service;
  • Right not to be subject to automated decision-making: the right not to be subject to a decision based solely on automated decision-making, including profiling, in the event that the decision would have a legal effect on you or produce a similar significant effect.

You also have the right to lodge a complaint with the CNIL https://www.cnil.fr/.

In order to exercise your rights with PRISM, you can send a letter to PRISM, 51 rue des Paluds - 34110 FRONTIGNAN or an e-mail to contact@prism-medical-protect.com.

What security measures do we have in place to protect your personal data?

We have put in place appropriate technical and organisational security measures to protect your personal data against unauthorized use, loss or accidental partial or total destruction.

Confidentiality of data:

Ethics is inherent in our profession and among the main principles, confidentiality: we are committed to preserving this principle of ethics, the foundation of our profession and our working method.

As a result,

  • we systematically sign confidentiality agreements with our subcontractors, PRISM partners;
  • we have incorporated the appropriate confidentiality clauses into the employment contracts of our employees.

Data security:

PRISM's standards are strict and guarantee the best security of the data we process:

  • Ultra-secure connection to Extranet and Internet tools (prism-medical-protect.fr site);
  • Extranet: by username and confidential password: the data that passes through the site prism-medical-protect.fr are encrypted before being sent on the Internet;
  • Ultra-secure hosting: a secure Data Center + a server hosted in a monitored premises with protected access in France;
  • Data backup: Automatic on a separate server also located in France - Implementation of a Disaster Recovery Plan.

Anti-intrusion security:

  • Additions of security levels on routers - Procedure for blocking the service when intrusion is suspected.

Who else can access your personal data?

We transmit personal information to our affiliates and other trusted companies or persons who process it on our behalf, according to our instructions, in accordance with this Privacy Policy and in compliance with any other appropriate security and confidentiality measures.

Is your personal data transferred outside the European Union?

Your personal data processed by or on behalf of PRISM may be transferred and processed by third parties located outside the European Union. In this case, PRISM ensures that the transfer of your personal data is carried out in accordance with applicable law and in particular that the destination territory has been the subject of an adequacy decision by the Commission of the European Union.

Updating this privacy policy

Updated: 2021-04-01

Cookies

A cookie is a small text file placed on your computer, mobile phone, or other device when you visit a website. The cookie will help website providers recognize your device the next time you visit their website. There are other similar technologies such as pixel tags (transparent graphic images placed on a web page or in an email, which indicate that a page or email has been displayed), web bugs (similar to pixel tags), and web storage, which are used in desktop software or mobile devices. There are also technologies such as mobile device identifiers and SDK integrations to help companies recognize your device when you return to an app or otherwise use a service.