DPD France places the protection of personal data at the heart of its missions and the services offered to its clients.
This Policy sets out the principles and guidelines for the protection of Personal Data entrusted to it by its customers under the contract of carriage and is intended to inform its customers about:
The Personal Data that DPD France collects and the reasons for this collection,
The way in which this Personal Data is used,
The rights of its customers on the Personal Data concerning them.
This Policy applies to all DPD France services.
How does DPD France take into account the protection of Personal Data?
DPD France undertakes to take into account the protection of Personal Data and the privacy of its customers from the design of new products or services offered to them. To this end, measures to ensure the protection of Personal Data entrusted to DPD France are implemented, in particular to ensure its security and guarantee the respect and proper exercise of its clients' rights.
What personal data is used by DPD France?
In the event that it is entrusted with optional data, DPD France will clearly inform its clients of the Personal Data necessary for the provision of the service subscribed to and those that are voluntarily provided to it.
Personal Data is entrusted to DPD France by its clients and is only used for the purposes for which it was brought to their attention.
Personal Data may be used to offer other services to DPD France customers, only if the latter have agreed to receive commercial communications.
How is the collection of Personal Data from minors?
Some services may be used by minors. In this case, minors must obtain the consent of their parents or legal representatives.
To which services or companies are the Personal Data entrusted to DPD France by its clients communicated?
The Personal Data entrusted to DPD France by its clients may be transmitted:
To DPD France's internal departments: the departments in charge of the execution of the services subscribed to, in particular Customer Service, Sales Force, etc.
To service providers external to DPD France: technical service providers, including subcontractors.
Can Personal Data entrusted to DPD France be transferred outside the European Union?
DPD France carries out all processing of Personal Data on the territory of the European Union (EU).
However, for certain specific services, DPD France may use subcontractors established outside the EU. Certain Personal Data may then be communicated to them for the strict needs of their missions. In this case, in accordance with the regulations in force, DPD France requires its subcontractors to provide the guarantees necessary to supervise and secure these transfers, in particular by signing standard contractual clauses from the European Commission.
How long does DPD France keep the Personal Data entrusted to it?
The length of time Personal Data is retained depends on the service subscribed to.
DPD France undertakes not to retain the Personal Data entrusted to it beyond the time required to provide the service, plus the retention period imposed by the applicable legal prescription rules.
Are the Personal Data entrusted to DPD France protected?
DPD France undertakes to take all measures to ensure the security and confidentiality of the Personal Data entrusted to it and in particular to prevent it from being damaged, deleted or accessed by unauthorised third parties.
Furthermore, in the event of a security incident affecting its clients' Personal Data (destruction, loss, alteration or disclosure), DPD France undertakes to comply with the obligation to notify Personal Data violations, in particular to the CNIL.
What are the rights of DD France's customers regarding their Personal Data?
Customers of DPD France may at any time exercise the rights provided for in the current regulations applicable to personal data, provided they meet the conditions:
What are the rights of DPD France's clients over their Personal Data?
Customers of DPD France may at any time exercise the rights provided for by the regulations in force applicable to personal data with DPD France, subject to fulfilling the conditions thereof:
When a transport contract is signed or when Personal Data is collected, the customer is given the address (postal and/or electronic) to which to send his request to exercise his rights.
All applications must be accompanied by proof of identity. DPD France undertakes to respond to requests to exercise the rights of its customers as soon as possible and in any event within the legal time limits.
Has DPD France appointed a Data Protection Officer?
The appointment of a Data Protection Officer demonstrates DPD France's commitment to the protection, security and confidentiality of its clients' Personal Data.
The Data Protection Officer can be contacted at the following address:
Madame la Déléguée à la Protection des Données du groupe La Poste, CP C703, 9 rue du Colonel Pierre Avia 75015 Paris, France.
To exercise their rights, the customer can also contact DPD France :
By sending a registered letter with acknowledgement of receipt addressed to the Service Juridique de DPD France SAS, 11-13 rue René Jacques, Immeuble Vivaldi, 92130 ISSY-LES-MOULINEAUX, or
By email at the following address: [email protected]
By specifying their surname, first name, postal address and attaching a copy of both sides of their identity document.
In the event of any difficulty in connection with the management of your personal data, the customer has the right to file a complaint with the CNIL or with any competent supervisory authority.
Each term beginning with a capital letter has the meaning given below.
"Privacy and Personal Data Protection Policy" and "Policy": means this Policy describing the measures taken for the processing, use and management of Personal Data entrusted to DPD France and the rights of the persons concerned by the processing.
"Personal Data": Refers to any information relating to the customer of DPD France and enabling them to be identified directly or indirectly.
“Processing”: Refers to any operation or set of operations applied to the Personal Data of DPD France's clients.
"Data controller": Refers to the DPD France entity that carries out the processing of Personal Data.
"Violation of personal data": Refers to a breach of security leading, accidentally or unlawfully, to the destruction, loss, alteration, unauthorised disclosure of or access to Personal Data entrusted to DPD France by its clients.
"Consignees." Refers to the department or company that receives communication and can access the Personal Data.