The restricted areas of the Your_Sodexo website are limited to authorised users. These parts of the website contain confidential and proprietary information and are to be accessed and used exclusively by Sodexo employees and its authorised agents and contractors. Unauthorised access is strictly prohibited and violators are subject to prosecution to the full extent of the law.
All users of the Your_Sodexo website must comply with Sodexo policies for such use. Sodexo reserves the right to monitor, access, retrieve, read, and disclose communications at any time, and to engage in automated monitoring, followed by supervisor investigation of irregularities. By continuing to use the Your_Sodexo website you indicate your awareness of and consent of this policy.
All content on and available from the Your_Sodexo website, including but not limited to text, graphics, logos, icons and downloads, is the property of Sodexo. Reproduction, adaptation, or translation is prohibited without express written permission. © Copyright 2010, Sodexo. All rights reserved.
2.0 Data Privacy
SODEXO builds strong, lasting relationships with its customers, partners, consumers and associates, based on mutual trust: making sure that their Personal Data is safe and remain confidential is an absolute priority for SODEXO.
SODEXO complies with all French and European regulatory and legal provisions on the protection of Personal Data.
IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
Sodexo Limited, registered in England at One Southampton Row, London WC1B 5HA. Registered No: 00842846
“Personal Data” means any information relating to an identified natural person or one that can be directly or indirectly identified by reference to an identification number or one or more factors specific to this person.
“us” or “our” Sodexo Limited (hereinafter “Sodexo”),
“you” any website user/visitor.
“Website” the website of Your_Sodexo available at the address https://www.your-sodexo.com/
* SODEXO has a dedicated Personal Data protection team comprising a Group Data Protection Officer registered with the CNIL (Commission Nationale de l’Informatique et des Libertés [French Data Protection Agency]) and a network of contact persons dedicated to Personal Data protection.
4.0 PURPOSE OF THIS POLICY
SODEXO takes the protection of your Personal Data very seriously.
We have developed this policy to inform you of the conditions under which we collect, process, use and protect your Personal Data. Please read it carefully to familiarise yourself with the categories of Personal Data that are subject to collection and processing, how we use these data and with whom we are likely to share it. This policy also describes your rights and how you can get in touch with us to exercise these rights or to ask us any questions you might have concerning the protection of your Personal Data.
This policy may be amended, supplemented or updated, in particular, to comply with any legal, regulatory, case law or technical developments that may arise. However, your Personal Data will always be processed per the policy in force at the time of the data collection, unless a compulsory legal prescription determines otherwise and must be enforced retroactively.
5.0 COLLECTION AND SOURCE OF PERSONAL DATA
We will most likely collect your Personal Data directly (in particular via the data collection forms on our website) or indirectly (in particular via our service providers and/or technologies on our website).
We undertake to obtain your consent and/or to allow you to refuse the use of your data for certain purposes whenever necessary.
6.0 TYPES OF PERSONAL DATA COLLECTED AND USED BY US
We may specifically collect and process the following types of Personal Data:
Personal Data identified by an asterisk in the data collection forms are compulsory as these are necessary to fulfil any orders placed. In the absence of this compulsory information, these transactions cannot be processed.
7.0 PERSONAL DATA THAT WE AUTOMATICALLY COLLECT
We collect some information automatically when you visit the website to personalise and enhance your experience. We collect this information using various methods such as:
A “cookie” is a small information file sent to your browser when you visit our website and stored on your computer. This file contains information such as the domain name, the internet access provider and the operating system as well as the date and time of access by the user. Cookies cannot damage your computer in any way.
Cookies are not used to determine the identity of an individual who visits our website. Cookies allow us to identify, in particular, your geographic location and the display language to improve your online browsing experience. They also enable us to process information about your visit to our websites, such as the pages viewed and the searches made, to improve our website content, to follow your areas of interest and offer you more suitable content.
If you do not want to receive cookies from our website, you can adjust your browser settings accordingly. To manage your choices, each browser has a different configuration. These configurations are described in your browser’s help menu, which will explain how to change the settings to your desired cookies configuration.
We recommend, however, that you do not deactivate our cookies. Keep in mind that if you block, turn off or reject our cookies, some of our webpages will not display correctly or you will no longer be able to use some of the services we offer. In this case, we cannot be held liable for any consequences related to the reduced functionality of our services arising from our inability to store or consult the cookies required for its functioning and which you have declined or deactivated.
Lastly, by clicking on the dedicated icons of social networks such as Twitter, Facebook, Linkedin, etc., if these are displayed on our website, and if you have agreed that cookies may be downloaded while you are browsing our website, the social networks in question may also download cookies to your devices (computer, tablet or mobile phone). These types of cookies are downloaded to your device only on the condition that you have given your consent by continuing to browse our website. You can, however, at any time revoke your consent to these social networks downloading these types of cookies.
8.0 IP addresses
An IP address is a unique identifier used by some electronic devices to identify and communicate with each other on the internet. When you consult our website, we can use the IP address of the device used by you to connect you to the website. We use this information to determine the general physical location of the device and to know in which geographical areas visitors are located.
The website uses Google Analytics to generate statistical reports. These reports tell us, for example, how many users consulted the website, which pages were visited and in which geographical areas Website users are located. The information gathered via the statistics may include, for example, your IP address, the website from which you arrived at our site and the type of device that you used. Your IP address is hidden on our systems and will only be used if necessary, to resolve a technical problem, for website administration and to gain insight into our users’ preferences. Website traffic information is only accessible to authorized staff. We do not use any of this information to identify visitors and we do not share this information with third parties.
9.0 SOCIAL NETWORKS
You have the option to click on the dedicated icons of social networks such as Twitter, Facebook, Linkedin, etc. that appear on our website.
Social networks create a friendlier atmosphere on the website and assist in promoting the website via sharing. Video sharing services enrich the video content of our website and increase its visibility.
When you click on these buttons, we may have access to the personal information that you have made public and accessible via your profiles on the social networks in question. We neither create nor use any separate databases from these social networks based on the personal information that you have published there and we do not process any data relating to your private life through these means.
If you do not want us to have access to your personal information published in the public spaces of your profile or your social accounts, then you should use the procedures provided by the social networks in question to limit access to this information.
10.0 PURPOSES FOR WHICH WE USE PERSONAL DATA
We use your Personal Data specifically for the following purposes:
11.0 LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA
We process your Personal Data as part of the performance and management of our contractual relationship with you, in our legitimate interest to improve the quality and operational excellence of the services we offer to you or in compliance with certain regulatory obligations.
Your Personal Data may also be processed based on your prior consent if under certain circumstances, your consent would be requested.
12.0 DISCLOSURE OF PERSONAL DATA
The security and confidentiality of your Personal Data are of great importance to us. Therefore, we restrict access to your Personal Data only to members of our staff who need to have this information to process your orders or to provide the requested service.
We will not disclose your Personal Data to any unauthorized third parties. We may, however, share your Personal Data with entities within the Sodexo group and with authorized service providers (for example technical service providers [hosting, maintenance], consultants, etc.) whom we may call upon to provide our services. We do not authorize our service providers to use or disclose your data, except to the extent necessary to deliver the services on our behalf or to comply with legal obligations. Furthermore, we may share Personal Data concerning you (i) if the law or a legal procedure requires us to do so, (ii) in response to a request by public authorities or other officials or (iii) if we are of the opinion that transferring these data is necessary or appropriate to prevent any physical harm or financial loss or in respect of an investigation concerning a suspected or proven unlawful activity.
13.0 STORAGE PERIOD OF YOUR PERSONAL DATA
We will store your data only for as long as necessary to fulfil the purposes for which it was collected and processed. This period may be extended, if applicable, for any amount of time prescribed by any legal or regulatory provisions that may apply.
14.0 SENSITIVE PERSONAL DATA
As a general rule, we do not collect sensitive Personal Data via our website. "Sensitive Personal Data" refers to any information concerning a person's racial or ethnic origins, political opinions, religious or philosophical beliefs, union membership, health data or data relating to the sexual life or the sexual orientation of a natural person. This definition also includes Personal Data relating to criminal convictions and offences.
In the event that it would be strictly necessary to collect such data to achieve the purpose for which the processing is performed, we will do so in accordance with local legal requirements for the protection of Personal Data and, in particular, with your explicit prior consent if appropriate, and under the conditions described in this policy.
15.0 PERSONAL INFORMATION AND CHILDREN
The website is for use by adult persons who have the capacity to conclude a contract under the legislation of the country in which they are located.
Children users under the age of 13 years or without legal capacity must obtain consent from their legal guardians before submitting their data to the website.
16.0 TRANSFER OF PERSONAL DATA
As Sodexo is an international group, your Personal Data may be transmitted to internal or external recipients that are authorized to perform services on our behalf and that are located in countries outside the European Union or the European Economic Area which do not offer an adequate level of Personal Data protection.
To guarantee the security and confidentiality of Personal Data thus transmitted, we will take all necessary measures to ensure that these data receive adequate protection, such as signing standard European Commission contractual clauses or other equivalent measures.
17.0 YOUR RIGHTS
Sodexo is committed to ensuring the protection of your rights under applicable laws. You will find below a table summarizing your different rights:
Right to Access and Rectification.
You can request access to your personal data. You may also request rectification of inaccurate personal data, or to have incomplete personal data completed.
You can request any available information as to the source of the personal data and you may also request a copy of your personal data being processed by Sodexo.
Right to be forgotten
Your right to be forgotten entitles you to request the erasure of your personal data in cases where:
Right to restriction of processing
You may request that processing of your personal data be restricted in the cases where:
Right to data portability
You can request, where applicable, the portability of your personal data that you have provided to Sodexo, in a structured, commonly used, and machine-readable format and you have the right to transmit this data to another controller without hindrance from Sodexo where:
(a) the processing of your personal data is based on consent or on a contract; and
(b) the processing is carried out by automated means.
You can also request that your personal data be transmitted to a third party of your choice (where technically feasible).
Right to object to processing including direct marketing
You can object to us using your Personal Data for direct marketing. You can also contact us to object to how we are using your Personal Data for any other reason, but we may not have to stop using it for this purpose.
Right to withdraw consent
If we process your personal data based on your consent, you can withdraw your consent at any time.
Right not to be subject to automated decisions
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect upon you or significantly affects you. You have the right to object to processing including direct marketing.
Right to lodge a complaint
You can choose to lodge a complaint with the Data Protection Supervisory Authority in the country of your habitual residence, place of work or place of the alleged infringement, regardless of whether you have suffered damages.
You have also the right to lodge your Complaint before the courts where the Sodexo entity has an establishment or where you have your habitual residence. The supervisory authority for ROI is the Data Protection Commission (DPC), 21 Fitzwilliam Square South, Dublin 2, D02 RD28 www.dataprotection.ie
and for the UK is the Information Commissioner (ICO) Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF www.ico.org.uk
This electronic system allows you to log in and see the progress of your request, see and send messages and review your documents securely. This system is called One Trust and after making the request you will be sent details about how to log on.
Alternatively, you can also send your request by email to DSAR.UKandIE@sodexo.com, in writing to 310 Broadway, Salford, M50 2UE or by calling Sodexo PeopleCentre on 0845 603 3644 and asking for DSAR team. The team will liaise with you about how you to contact you about your request and receive information. Please note that it is usually necessary to arrange a telephone appointment to discuss your request once it has been made.
If you wish to unsubscribe to marketing emails communications, you can also do so by using the unsubscribe function on the email.
You can also raise queries or complaints to the UK and Ireland Data Protection Special Point of Contact, by email to DataProtection.UKandIE@Sodexo.com or by post to 310 Broadway, Salford, M50 2UE
Queries and complaints can be escalated to the Group Data Protection Officer, by email to DPO.Group@Sodexo.com.
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
We implement all possible technical and organizational security measures to ensure security and confidentiality in processing your Personal Data.
To this end, we take all necessary precautions given the nature of the Personal Data and the risks related to its processing, to maintain data security and in particular to prevent distortion, damage or unauthorized third-party access (physical protection of the premises, authentication procedures with personal, secured access via identifiers and confidential passwords, a connection log, encryption of certain data, etc.).
19.0 CUSTOMER RELATIONSHIP MANAGEMENT DATABASE (“CRM DATABASE”)
We use a database to manage and monitor our relationships with existing and potential customers. This database includes the Personal Data of associates of our customers or other partners with whom we have a business relationship or with whom we want to establish such a relationship. These data, used only for this purpose, notably include contact details (surname, first name, telephone number, email address, etc.), publicly accessible information, the responses to targeted emails and other information collected and recorded by our associates as part of their interactions with our customers and partners. If you want to be removed from our CRM database, please write to Sodexo Limited, One Southampton Row, London WC1B 5HA
20.0. LINKS TO OTHER SITES
21.0 UPDATES OF THIS POLICY
We may update or amend this policy as and when needed. Please consult this page from time to time if you want to be informed of any possible changes.
If you have subscribed to certain services via our website and you no longer want to receive emails, please consult the "unsubscribe" page or link corresponding to the service you are subscribed to. Users are hereby informed of their right to subscribe, free of charge, to the national "do not call" registry to opt-out of telephone canvassing at www.tpsonline.org.uk.
23.0 HOW TO CONTACT US
If you have any questions or comments with regard to this policy, please do not hesitate to contact us at the following address: DataProtection.UKandIE@sodexo.com or contact our Group Data Protection Officer at the following address: firstname.lastname@example.org.
Last updated: 24/04/2020