CONFIDENTIALITY AND PERSONAL DATA PROTECTION CHARTER
Artprice.com and its subsidiaries (the “Company”) take the management and protection of your personal data very seriously and take all necessary measures to ensure your personal data is handled and processed in a secure and responsible way.
This Charter presents the means used and the measures taken to collect, process and protect your personal data in accordance with the French law and European regulation on data security.
Definition and nature of “personal data”
The term “personal data” (also referred to hereinafter as “data”) means information that identifies an individual directly or indirectly such as (but not limited to) your first name(s), surname(s), telephone number(s), email address(es), username.
When you register and/or use the Company’s websites, we may ask you to submit personal data.
The Artprice databases list information and data, including personal data, collected from the Art Market.
How do we handle your personal data and to what end?
In general, the Company undertakes to make every effort to ensure your personal data:
The reasons we collect your personal data are described and defined at the time of collection of the aforementioned data and/or in this Charter. This applies notably to the details you submit when your register on our site or when you decide, for example, to subscribe to our newsletters or ask to receive our promotional offers. A description of the data processing objectives implemented is provided when you submit personal data so you may clearly understand how we use it.
Depending on the consent level and/or the nature of the data provided, the reasons your personal data are collected by Artprice may be:
– to provide a tailored response to your needs and requirements,
– to manage your access to certain services available on our site,
– to process yours orders and/or subscriptions,
– to keep you informed about our products, services and special offers,
– to send you our newsletter,
– to keep you informed about significant changes in the way our website functions or the way your account is managed,
– to calculate our website audience statistics in order to improve the site and offer an optimal browsing experience,
– to provide our users with quality products and services, and global art market information that is truthful, precise and as comprehensive as possible,
– to prevent fraud or illegal and unethical practices,
– to respect our legitimate commercial, contractual, legal and regulatory obligations.
The personal data the Company needs the users to provide in order to fulfill the purposes described above are indicated by asterisks or other distinctive visual signs (e.g. gray highlights, bold text, etc.) in the different forms, messages and pages of our websites. If you leave these mandatory fields empty, the Company may not be able to meet your requirements and/or provide the requested services. The other information is optional and allows us to know you better and to improve our communications and services to you.
The personal data listed in our art market databases are collected and processed to meet the Company’s legitimate interests (for statistical analyses, to update the website and applications, to prevent fraud and other illegal actions, to conform with legal, accounting, commercial and contractual obligations…).
The personal data controller
The personal data controller for all personal data collected on the Company’s websites is Artprice.com, itself headquartered at Domaine de la Source, 69270 Saint Romain au Mont d’Or, France, and registered with the Lyon Companies Register under number 411 309 198.
To exercise your individual rights to access, rectify, delete or restrict the use of your data, you can modify your customer profile under “My Account” or contact the personal data controller by email at firstname.lastname@example.org or by mail at the above-mentioned address.
The personal data communicated to you under your personal data access rights will be communicated to you personally and confidentially. Therefore, please make sure to include documents that will allow us to formally identify you in any request to exercise your personal data access rights.
Who gets to handle the collected data?
The persons with access to your personal data (within the limits of their respective mandates and for the purposes previously indicated to you) are the Company’s (or any other entity that might result from any future corporate action involving the Company) sales and marketing team, its IT department, its administrative services, its editorial services and its auditing and compliance services (auditors, internal compliance officers, etc.).
Certain elements of your personal data may be disclosed to judicial and administrative authorities upon request. They may also be handled by technical service providers or services (transporters and delivery services, payment platforms, trusted third party, etc.). Any such third parties contracted by the Company are formally prohibited from using the data we collect for purposes other than for the performance of the service(s) contracted by the Company and/or for the sole purpose of performing the service.
In the case where your data is communicated to a service provider located outside the European Union (transporters and delivery services, payment platform, trusted third party, etc.), for the purpose of carrying our our services, the transfer will only be made after appropriate contractual guarantees regarding data security have been signed in accordance with existing regulations.
Personal data retention periods
The personal data provided by our users will be kept for the period required to manage our business relationship with you or, in the case of marketing operations, for the period that your data is necessary for the completion of these operations.
We also keep your personal data for the period provided for by law, notably civil and commercial law, and/or until the end of a final court decision in the case of litigation.
At the end of these periods, the Company may contact you to ascertain whether or not you wish to continue receiving communications on offers, news and events concerning the Company.
Beyond this period, the data may be kept for purely historic, scientific or statistical purposes and will not be used for any other purpose of any kind whatsoever.
Your personal data will also be destroyed within a maximum period of 30 days from your request to unsubscribe.
The personal data collected and processed to be listed in our databases, will be kept for for the period required to execute our legitimate commercial interests.
Security of your data
The Company protects your personal information by implementing security measures to protect your personal data from unauthorized access, misuse, disclosure, loss or destruction.
However, it is your responsibility to make sure the computer you are using is secure and adequately protected against malware such as Trojans and viruses. You are informed that without adequate security measures (e.g. secure configuration of your web browser, updated anti-virus programs, firewall software) or by downloading a software from dubious sources, you expose yourself to the risk that the data and passwords you use to protect your data may be disclosed to unauthorized third parties.
However, if you configure your browser to refuse all cookies (including essential cookies for user functions), it is possible that certain essential functions and / or part of our website will become inaccessible.
When you choose to disclose your personal data to the Company, you expressly give your consent to the collection and use of your personal data in accordance with this Charter and existing legislation.
We reserve the right, at our sole discretion, to modify this Charter at any time in part or in whole. Any modifications will be effective as of the publication of the new Charter on the Site. We invite you to check this page regularly to ensure you agree with any changes. We may also inform you of changes to this Charter by email.
Updated on 3 December 2018