By continuing to browse this site, you accept the use of cookies that allow us to collect browsing information.

English

Legal Notice

The website http://www.dekra-automotivesolutions.com is published by DEKRA Automotive Solutions SAS registered at the RCS of Bordeaux n° 411 551 633, with share capital of 2 852 900,00 Euros and headquartered at:

210 Rue du jardin Public
33 000 Bordeaux
SIREN B 398988972

Publication Manager: Frédéric Schmitt
Editor: Didier Payen

Service provider: This website is published and hosted by DEKRA Automotive Solutions For all information (texts, visuals, graphics, illustrations) displayed on this site: All copyrights are reserved.
Without prior formal authorisation, the reproduction and use of information is prohibited, other than for individual and private consultation.
All requests for authorisation for any other usage should be sent to the editorial staff:
- by email to: %77%65%62%6d%61%73%74%65%72%64%61%73%40%64%65%6b%72%61%2e%63%6f%6d
- or by postal mail to: DEKRA Automotive Solutions – 210 rue du Jardin Public - 33300 Bordeaux – France=

General personal data protection policy of DEKRA Automotive Solutions
DEKRA Automotive Solutions is firmly committed to a privacy policy aimed at protecting personal data processed within the framework of its professions and activities. With a view to sharing this policy with the different stakeholders, DEKRA Automotive Solutions has defined this general data protection policy, so that any natural person -regardless of whether he/she is an employee, regardless of whether he/she has called on DEKRA Automotive Solutions’ expertise for the provision of services- may at any time, familiarise himself/herself with the commitments and practices applied by DEKRA Automotive Solutions in relation to personal data they entrust to it.

1. Preliminary general and policy commitment:
DEKRA Automotive Solutions undertakes to process data collected in accordance with the texts applicable to data protection (Act No. 78-17 of 6 January 1978 amended and the General European Regulation 2016/679 of 27 April 2016 on data protection, these two texts being referred to hereinafter as the “Regulations”).

2. To facilitate the understanding of the provisions of this general policy, DEKRA Automotive Solutions wishes to clarify the following definitions:
- Processing of personal data means any operation or organised set of operations which is performed on personal data (collection, structuring, storage, alteration, disclosure, etc.).
- Personal data means information which makes it possible to identify a human being (natural person), directly (for example, by making reference to the person’s first name/last name), or indirectly (for example, by making reference to the person’s phone number, contract number, or user name).
- Data subject means the natural person who can be identified by the data used within the framework of the processing of personal data.
- Controller means the entity that determines the purposes and means of the processing of personal data, in particular by determining what the data will be used for and which tools will be used to process them.
- Processor means the entity that processes personal data on behalf of the controller, it signs a contract with the controller which entrusts it with certain tasks and which ensures that it has the technical and organisational safeguards to allow it to process the personal data entrusted to it in accordance with the regulations.
- Recipient means the entity which receives authorised disclosure of personal data

3. What are DEKRA Automotive Solutions’ commitments in its capacity as controller?
DEKRA Automotive Solutions is responsible for the processing operations carried out within the framework of its professions and in that capacity, undertakes the following commitments:
- Personal data shall only be used for explicit, legitimate and determined purposes (objectives) in connection with its different professions, as they are given each time the said data is collected, in accordance with Article 29 of the European Regulation.
- In accordance with the principle of data minimisation, only those personal data which are strictly useful shall be collected and processed: DEKRA Automotive Solutions thus applies the concept of privacy by default which protects data subjects against the excessive collection of data.
- The data shall not be stored beyond the time period necessary for the operations for which they were collected, taking into account the nature of the operations and the requirements of the law, i.e. the legal time-limits.
- We do not disclose, nor transfer personal data to third parties, only to authorised recipients within the strict framework of the purposes defined in advance and as they were given at the time the data were collected.
- We entrust the personal data to subcontracting service providers selected on the basis of appropriate technical and organizational safeguards to ensure the protection of the data that are entrusted to them under the instructions of DEKRA Automotive Solutions.
- Data subjects shall be informed regularly and in advance, in a clear and transparent manner, in particular of the purpose for which their data will be used, of the optional or mandatory nature of their responses in forms, of their rights with regard to data protection including the terms and conditions for effectively exercising these rights, and of the recipients.
- Each time that the Regulations require it, the explicit, informed, active and unambiguous consent of the data subject shall be obtained for the processing of their personal data.
- Appropriate security measures, at the logical, technical, organizational and legal levels, have been defined based on a risk analysis of the different families of processing operations carried out on the personal data concerned, and are implemented by DEKRA Automotive Solutions, its support services and its contractually bound subcontractors, to ensure the protection of personal data.
- Each time that the risks presented in relation to processing make it necessary, DEKRA Automotive Solutions shall implement an assessment of the impacts on the data subject’s privacy and the protection of their personal data, in order to adopt measures that are suited to these risks.
- DEKRA Automotive Solutions and its subcontractors are committed to developing tools and systems which comply with the Regulations to the fullest extent possible and which protect the privacy of data subjects, by incorporating the adherence to these rules starting from the design and development phase
- DEKRA Automotive Solutions and its subcontractors are committed to guarding against any possible and exceptional data breach and to taking all protective and corrective measures following a breach by informing the supervisory authority and, where appropriate, the data subjects, within the prescribed time limits.
At DEKRA Automotive Solutions, all employees and stakeholders have been or are currently being made aware of the principles of data protection as stipulated by the Regulations, through regularly programmed training sessions adapted to their activity and their responsibilities. The employees only have access to the information needed for their activity. Sensitive data are the subject of specific security clearances and checks.

4. Is there a Data Protection Officer (DPO)? What are his/her duties and contact particulars?
DEKRA Automotive Solutions has appointed a data protection officer in order to ensure compliance with the Regulations and the rules described in this general data protection policy. In principle, Data Protection Correspondents are appointed at subsidiaries. DPOs may also be appointed at any given subsidiary in accordance with the risk analysis that may have been carried out.
The Data Protection Officer, when one is appointed, is responsible, in particular, for:
- Preparing and keeping up to date a record of the processing activities on personal data carried out at the company and within each of the legal entities comprising the group in France,
- Ensuring that the practices are compliant with the regulations and their evolutions,
- Raising the awareness of all of DEKRA Automotive Solutions’ teams concerning the requirements and best practices in the area of personal data protection,
- Ensuring that data subjects can effectively exercise their rights.

The data protection officer may be reached using the following contact particulars:
- By email: gdpr.southwesteurope@dekra.com
- By post:
Délégué à la Protection des Données SWE
DEKRA France
34-36 Rue Alphonse PLUCHET
CS 60002 – 1er étage
92227 BAGNEUX Cedex

5. For what purposes are the data you entrust to us used?
DEKRA Automotive Solutions uses personal data for the following main objectives:
- Human resources management and recruitment,
- Statistical analysis of its activities,

6. Who are the recipients of the data that you entrust to us?
On a case by case basis of the processing operations described in the “data use” article above, DEKRA Automotive Solutions determines the recipients of the data, depending on their missions and security clearances, to receive the data in accordance with the determined purposes. By applying the data minimisation principle, and to the extent possible, only those people determined as having a “need to know”, shall have access to the data.

7. How long will we store the data you entrust to us?
DEKRA Automotive Solutions has determined specific rules concerning the storage period of data subjects’ personal data, in order to limit the storage period to that which is strictly necessary. At the end of the period determined in this manner, and depending on the case, personal data shall be the subject, in accordance with the applicable Regulations, of one of the following measures:
- Erasure,
- Irreversible anonymisation,
- Archiving.

8. What are the Security measures that we implement to protect the data you entrust to us?
Data security focuses on the measures taken to protect the data in case of the following events:
- The accidental or illicit destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed.

In order to ensure the security of personal data, DEKRA Automotive Solutions and its subcontractors shall implement the appropriate technical and organisational measures, taking into account the state of the art, costs, nature, scope, the context and purposes of processing in order to ensure a level of security that is suited to the risks.

In particular, and whenever necessary, the following measures have been taken:
- The pseudonymisation and encryption of personal data;
- The deployment of resources to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems;
- The deployment of resources to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident;
- The implementation of a process for regularly testing, assessing and evaluating the effectiveness of the technical and organisational measures for ensuring the security of the processing operations.

In this way, DEKRA Automotive Solutions and its subcontractors have developed adapted mechanisms that comply with best industry practices and the imposed standards, to ensure the protection of your personal data.
The websites and all mobile applications proposed by DEKRA Automotive Solutions are secure, in particular for the websites reached by a “Hypertext Transfer Protocol Secure” each time that this is necessary. The pages where your personal data are collected are the subject of an additional enhanced-security mechanism.

9. Your rights over the data you provide us.
Each data subject shall have the following rights:
- To access their data (right of access): The data subject may ask DEKRA Automotive Solutions directly if it is in possession of information concerning him/her, and request a list of the data,
- To request their rectification (right to rectification): The data subject may request the rectification of inaccurate information concerning him/her. The right to rectification supplements the right of access,
- To request the erasure of his/her data (right to be forgotten): The data subject may request the erasure of information concerning him/her, on the grounds provided for by the Regulations,
- To request the restriction of the processing of his/her data (right to restriction of processing): The data subject may obtain the restriction of the processing of his/her data, on the grounds provided for by the Regulations,
- To receive or transfer the personal data concerning him/her (right to data portability): The data subject may ask to receive the data that he/she has provided to DEKRA Automotive Solutions, or ask DEKRA Automotive Solutions to transfer them to another controller on the grounds provided for by the Regulations,
- To define advance guidelines relating to the fate of his/her data post-mortem.
The data subject may also object, for legitimate reasons, to the processing, dissemination, transmission, storage or hosting of data relating to him/her.
For more information on the meaning of these rights; please refer to the website of the competent supervisory authority.

To exercise these rights, the data subject may contact the data protection officer of DEKRA France:
- By email: gdpr.southwesteurope@dekra.com
- By post:
Délégué à la Protection des Données SWE
DEKRA France
34-36 Rue Alphonse PLUCHET
CS 60002 – 1er étage
92227 BAGNEUX Cedex

To facilitate these steps and in particular to reduce their processing time, DEKRA Automotive Solutions invites each data subject, when sending a request for the exercise of his/her rights, to:
- Indicate which right(s) he/she wishes to exercise,
- Clearly indicate his/her last name / first names / contact particulars to be used to receive replies,
- Attach a copy of an ID.

10. We operate strictly within the limits of the consent that you give us.
All personal data processing is carried out by DEKRA Automotive Solutions in accordance with the consent given by the data subjects, and in a few cases provided for by the Regulations, the explicit consent, otherwise referred to as the express consent of the person is required. Each time that the explicit consent of the person is required by the Regulations, it shall be obtained in advance by DEKRA Automotive Solutions and the data subject may withdraw his/her consent at any time by contacting the DEKRA Automotive Solutions controller or its DPO.

11. Are your data transferred outside of the European Union?
In principle, DEKRA Automotive Solutions does not transfer personal data outside of the European Union.
When such data transfers outside of the EU are essential to the quality of the services proposed by DEKRA Automotive Solutions, these shall be specified in our General Terms and Conditions of Sale, along with the partners to whom these data are transferred and the country in which they are located. In such cases, DEKRA Automotive Solutions undertakes to have the said partner sign an agreement for transfer outside of the EU beforehand, in compliance with the requirements of the Regulations.

12. What is our Cookies policy?
Cookies are pieces of data stored on the terminal equipment of an internet user which allow a website to send information to the user’s browser, and in turn allow this browser to send information back to the original website (for example a session ID, a language choice or a date). Please be informed that, during your visits to our websites, cookies may be installed on your navigation software.

13. Changes to our personal data protection policy
The data protection policy may be subject to changes. In case of changes to the elements included in this policy, DEKRA Automotive Solutions undertakes to update the policy and to inform the data subjects, prior to the implementation of changes that could impact personal data