Our solutions
Our sectors/businesses
About us
waiting for content
Docaposte's data protection Charter Docaposte's GDPR policy - Professional clients Prospective client terms Terms and conditions regarding data processing on this site Cookies Vidéoprotection
Under the framework of our internal and external activities, Docaposte is subject to regulations when applicable on the processing of personal data, in particular:
Docaposte places the protection of your personal data at the core of (all of) its activities and services. Docaposte endeavours to guarantee the confidentiality of its employees, clients, suppliers, prospects as well as third party beneficiaries' personal data - hereafter referred to as relevant parties.This Charter on personal data and privacy protection (hereafter referred to as "The Charter") sets forth our principles and guidelines regarding the protection of personal data of relevant parties and aims to inform them about:
This charter applies to all entities of Docaposte and is an annex to the company rules and regulations.
Docaposte is committed to protecting the personal data and privacy of the relevant parties from the design stage of new products or services which require processing of personal data.Measures have been put in place for security and to ensure the proper exercise of the rights of relevant parties regarding their personal data.
Docaposte undertakes to collect only information which is strictly relevant to its own data processing or that carried out on behalf of its clients.In the event of non-compulsory personal data being requested :
Personal data is collected directly or indirectly from relative parties according to planned processing operations and is used only for purposes which they have been made aware of or for processing purposes entrusted to us by our clients.
Some of our data processing involves underaged persons / minors. In this case, consent is required from parents or legal guardians.
Your personal data may be transferred / transmitted to:
Your data at Docaposte is liable to data processing inside the European Union (EU) and territories outside of the EU.When the Docaposte Group acts as Data controller, it will inform relevant parties of the location of the processing of their personal data.When the Docaposte group acts as a subcontracter it is the responsibility of the client having entrusted Docaposte with the processing to inform relevant parties of the location of said personal data processing.
For certain specific services, Docaposte may use external subcontracters outside of the EU. Personal data used here is communicated strictly for use within the scope of the project. In this instance, and in compliance with current regulations, Docaposte demands that its subcontractors provide the necessary guarantees for the secure transfer and storage of personal data, for example by including standard contractual clauses to this effect.
The length of time Docaposte stores your personal data is dependant on the level of data processing required. Docaposte is committed to storing personal data for the minimum duration necessary for processing, underpinned by laws and regulations imposed and applicable for the duration of data storage for processing.
Docaposte is committed to taking all required measures to ensure the security and confidentiality of your personal data and to prevent them from being damaged, deleted or accessed by non-authorised third parties.In compliance with its contractual obligations, data processing carried out by Docaposte is subject to auditing.In instances of personal data security incidents (destruction, loss, modification or disclosures), the Docaposte Group undertakes to report any such Violations of Personal Data:
All relevant parties, including employees, clients, suppliers or prospective clients of the Docaposte group may, at any moment, exercise their rights as provided for in the applicable regulations concerning personal data processing and handling, subject to the following conditions:
You can exercise your rights by writing to the following email: mesdroits.rgpd@docaposte.fr. All demands must be accompanied by a personal identification document. Docaposte is committed to respond to all wanting to exercise their rights at the earliest convenience and in respecting legal deadlines.
Any relevant party whose personal data is processed by a client of the Docaposte Group which is the data controller may exercise their rights directly with the data controller of said client as provided for in the applicable regulations concerning personal data processing.The Docaposte Group when acting as a subcontractor, will work with its client data controller:
When Docaposte receives a request from a relevant party for whom it is acting as a subcontractor, Docaposte will immediately transfer said request to the data processor and act according to the instructions of the data controller, in accordance with the conditions of the contract between the Docaposte Group and the data controller.
Docaposte is an integral part of La Poste Group. The appointment of a Data Protection Officer reflects La Poste Group's commitment to protecting the security and confidentiality of personal data of individuals affected by its processing activities.
Both Docaposte Group and La Poste Group have agreed to designate a Data Protection Officer Delegate (DPO) within Docaposte Group, considering the nature of their processing activities. The Docaposte DPO has been granted delegated authority by the President of Docaposte Group. The Docaposte DPO works in close collaboration with the Data Protection Officer of La Poste Group.
Contact information for Docaposte's Data Protection Officer:
Email : privacy@docaposte.fr
Postal Address:DPO Délégué Groupe DOCAPOSTE Pôle Privacy-RGPD - ACI 6A1-602 45/47 boulevard Paul Vaillant Couturier 94766 Ivry-sur-Seine Cedex
Each term beginning with a capital letter has the meaning which is given thereafter.
« Charter for the protection of personal data » and « Charter »: refer to the current Charter describing all the measures taken for the processing, operating and management of personal data and the rights of relevant parties concerned by said data processing.
« La Poste's Data Protection Officer (DPO) »: refers to the natural person, who according to GDPR article 37, has been designated by the La Poste Group to carry out the functions specified in GDPR article 38 and to undertake the tasks referred to in GDPR article 39 for all processing activity of the La Poste Group whether it is acting as data controller or subcontractor.
« Personal data »: all information relating to an identified or identifiable natural person. A "physically identifiably person" is a natural person who can be identified, directly or indirectly, by a username, such as a name or identity number, location data, online username, or to one or more specific elements of their physical, psychological, genetic, psychological, economic, cultural or social identity.
« Docaposte DPO » or « Docaposte Data Protection Officer »: refers to the individual who, in accordance with Article 37 of the GDPR, has been designated by the President of Groupe DOCAPOSTE and the Data Protection Officer of La Poste Group to assume the functions specified in Article 38 of the GDPR and to oversee the tasks outlined in Article 39 of the GDPR for all processing activities conducted by Groupe DOCAPOSTE, acting as both a Data Controller and a Data Processor.
« Docaposte Entity »: refers to a subsidary of the Docaposte Group.
« Docaposte Group »: refers to the subsidaries of Docaposte and Docaposte SAS.
« Relevant parties »: refers to any identified or identifiable person whose personal data is subject to data processing. For example, employees, clients, prospective clients, suppliers, service providers, third party beneficiaries etc…
« Data controller »: refers to the natural or legal person, the public authority, the department or other organisation who, alone or with others, determines the purposes and means of data processing.
« Subcontracter »: refers to the natural or legal person, the public authority, the department or other organisation who, alone or with others, determines the purposes and means of data processing on behalf of the data controller
« Third party beneficiary »: refers to a relevant party indirectly linked to Docaposte butwhose personal data is processed by Docaposte within the scope of its contractual data processing activities.
« Processing »: refers to the operation or series of operations, carried out or not with the aid of automated processes and applied to any form of personal data, such as the collection, saving, organising, structuring, conservation, adaptation or modification, extraction consultation, use, commucation and circulation or other forms of provision, reconciliation, interconnection, limiting, deleting or destruction.
« Personal data breach »: refers to a security breach of your personal data, accidental or illicit, leading to the destruction, loss, modification, disclosure or non-authorised access to the personal data of a relevant party.
In the scope of its implementation of the legal and regulatory provisions relating to regulation (UE) 2016/679 of the European Parliament and Council of the 27th April 2016 relating to the protection of natural persons with regard to the processing of personal data and on the free movement of such data, La Poste has appointed a Data Protection Officer (DPO) and each of its subsidaries, including Docaposte, has appointed its own DPO. Docaposte has also set up a GDPR-Privacy centre, under the responsibility of the Legal and Compliance division of the Docaposte Group.
Docaposte is committed to ensuring the protection, confidentiality and security of personal data which are entrusted to it.
Docaposte maintains a register of all types of processing activities carried out on behalf of the Client.Docaposte will provide the Client with any information necessary in order to provide evidence of the fulfillment of its obligations.
Upon completion of a service and in accordance with the terms of the contract, Docaposte will delete or return personal data it has processed to the Client, subject to ongoing claims and legal and regulatory obligations.
Docaposte is a simplified joint-stock company, with its headquarters located at: 45/47 boulevard Paul Vaillant Couturier, 94200 Ivry-sur-Seine, with the unique ID - no. 493 376 008 (Créteil company register). Docaposte is represented by its president Mr Olivier Vallet.Docaposte is committed to ensuring the protection, confidentiality and security of your personal information and to respecting your privacy.
In compliance with GDPR regulations, Docaposte has appointed a Data Protection Officer (DPO) who reports directly to the DPO of the La Poste Group. You may contact him at the following email address: mesdroits.rgpd@docaposte.fr.
Your personal data is collected directly from you or indirectly in the scope of events or exchanges of a professional nature.Your personal data is processed by Docaposte for marketing purposes:
The type of personal data processed by Docaposte are, where appropiate, your email address, your phone number, and where relevant, your first and last name.
The sole recipient of your personal data is Docaposte.
Docaposte guarantees that your personal data will not be subject to any transfers outside of the European Union.
Your personal data is stored for a maximum duration of 3 years from the last interaction you had with Docaposte.
In compliance with applicable laws and regulations governing the protection of your personal data, you have the right to access, rectify, delete, and port your data, as well as the right to restrict or object to data processing. To exercise these rights, please contact our Marketing Department at the following address: mesdroits.rgpd@docaposte.fr. You may also unsubscribe from our emails by clicking the 'unsubscribe' link provided at the bottom of all our emails, or by visiting doca.info/Docaposte_Pref.
You have the right to lodge a complaint with the French data protection authority (CNIL) via their website: www.cnil.fr
For purposes of data processing, Docaposte hires subcontracters. These subcontractors work with us and conform to General Data Protection Regulation (GDPR).The database development for Customer Relationship Management (CRM) of our clients and prospective clients are based in Ireland at SALESFORCE, conforming to GDPR laws and subject to Binding Corporate Rules (BCR).The sending of emails and data involved with email addresses, is handled by Oracle, who are based in Amsterdam. Oracle is subject to corporate rules.
Docaposte ensures you that your data is not subject to automated decisions nor profiling.
In accordance with the General Data Protection Regulation (GDPR), Docaposte takes personal data protection very seriously and places it at the heart of its business activities.
This policy lays out the principles and guidelines of personal data protection for users of the docaposte.com website.
Your data is processed by Docaposte, a simplified joint-stock company capitalized at 102,000 Euros, with its head office at 45/47 boulevard Paul Vaillant Couturier, 94200 Ivry-sur-Seine, headed by Mr Olivier Vallet and with the unique identification number 441 022 878 (RCS / companies registry of Créteil).
Personal data processing carried out via the website, relates to the use of contact forms made available to you. There are several types of form:
The website also directs the user to partner sites in order to promote Docaposte's different brands and offers, for commercial prospection and to process applications for published job vacancies. The data processing conditions are specified on each of our partner sites.
Our legitimate interest is the legal basis to process your data as described.
Regarding the different purposes mentioned above, data collected through forms is intended solely for the use of employees of Docaposte who use support applications for processing. Docaposte, as data controller for data processed on its website, is not considered as a recipient of generated data when forms are completed by users of its website. The recipients of your data are:
Docaposte does not store any personal data on its website docaposte.comYour conservation period of your personal data on processing support applications is defined hereafter:
Docaposte processes your data on the legal basis of legitimate interest without infringing on the invidual rights and liberties of relevant parties. Regarding the legal basis for data processing, we remind you that you can exercise the following rights under the European laws on data protection:
The right to data portability does not apply to processing via the website. For any inquiries regarding the exercise of your rights, please contact Docaposte at the following address: mesdroits.rgpd@docaposte.fr
Docaposte would like to remind you that you have the right to lodge a complaint with the competent supervisory authority, the French Data Protection Authority (CNIL).
The appointment of a Data Protection Officer underscores the importance that Docaposte - La Poste Group places on safeguarding the security and confidentiality of its clients' personal data. If you have any questions regarding this privacy policy and our data processing activities, or if you wish to exercise your rights under the GDPR, please contact us:
By Mail: DOCAPOSTE Privacy-RGPD Department 45/47 boulevard Paul Vaillant Couturier 94200 Ivry-sur-Seine
By Email : mesdroits.rgpd@docaposte.fr
Please consult our general policy, which lays out the way in which we process the personal data we collect and that you provide to us: Docaposte’s data protection Charter
Please read this policy carefully, as well as the information thereafter, to understand our practices relating to the processing of your personal data.
Docaposte proposes a wide range of B to B products and services, both customized and off-the-shelf, to companies and public authorities. We place great importance on the privacy of visitors to our institutional website and to all natural persons who use its services. (hereafter referred to as 'relevant persons') With this privacy statement, Docaposte seeks to explain to you how it manages any of your personal data which may be collected on our site.
It contains important information about how Docaposte may use your personal data.
a. What is personal data?
Personal Data is any information that can be used to identify (directly or indirectly) a natural person, such as their name, phone number, date of birth or IP address.
b. What personal data is collected by Docaposte?
The Personal Data collected will vary depending on the context of the Individuals interacting with DOCAPOSTE, the choices you make on our site. The data we collect may include the following:
Identification data: first and last name, e-mail address, postal address, phone number, company name, function, sector of activity, company size; Connection data: IP address, location, browsing history;Device data: type of device used (computer, mobile, tablet).
c. If collected, for what purposes is your personal data used and how long is it retained?
The purpose of the processing
Docaposte uses the Personal data collected on its site, where applicable, for statistical purposes to improve its services, to communicate with you in a personalised manner through promotional and/or informational emails, invitations to events, surveys, campaigns on social networks and to offer you thematic content.
Retention period
The Personal Data of customers used for commercial prospecting purposes may be kept by DOCAPOSTE for a period of three years starting from the end of the commercial relationship.The Personal data of prospective customers may be kept for a period of three years from the date of collection by DOCAPOSTE or from the last contact with the prospective customer. At the end of this three-year period, DOCAPOSTE commits to contacting the person in question again to find out whether he or she wishes to continue receiving commercial solicitations. The absence of a positive and explicit response from the person in question, DOCAPOSTE agrees to delete or archive the said personal data in accordance with the provisions in force.
Tarteaucitron
Saving user's consent choices (CMP)
12 months (cookies not subject to consent)
Piwik
Used to analyse and improve the service.
Privacy on this site: We collect and process your data on this site to better understand how it is used. You can opt in or out at any time:
13 months (cookies not subject to consent)
Youtube
Integration of youtube videos in the content of the pages
6 months with the use of www.youtube-nocookie.com
Clarity
Used to analyse and improve the service
12 months
Google Ads
Used to analyze marketing campaigns
13 months
Google Tag Manager
Used to put tags linked to marketing
Does not deposit cookies directly
Bing Ads
Linkedin Insight
Optimisation of marketing campaigns: personalised tracking of the site's audience
Facebook Pixel
Optimisation of marketing campaigns
Hubspot
User tracking on the website and form hosting
Matomo Analytics
ZBO
Used to track marketing campaigns
Weborama
10 months
Criteo
Hcaptcha
Used to stop boots in forms
Session (cookie deposited in case of click to fill out a form)
SalesForce chat
Online chat
Session (cookie deposited in case of click for use)
d. Right of access, opposition, limitation, rectification, deletion, not to be subjected to an automated decision
You have the right to access your Personal Data, to object to its processing or to limit its processing, to request its deletion or rectification, particularly in the event of any errors.You can exercise your rights by e-mail, with a copy of any identity document: mesdroits.rgpd@docapost.fr.
e. Where is your data stored?
Your data is stored in accordance with French and European legislation.
The site is hosted by Docaposte: 45/47 boulevard Paul Vaillant Couturier 94200 Ivry-sur-Seine Phone : 01 56 29 70 01
The data of our provider Salesforce is stored in Germany and in France. (Germany (SFDC Germany Data Center GmbH) / France (SFDC France Data Centre Sarl)
a. What is a cookie?
A cookie is a text file stored on your equipment (computer, smartphone, tablet) when you visit a website. It allows its transmitter to identify your equipment in a unique way, during its period of validity and to keep in memory certain information relating to your visit, in particular, in order to simplify your navigation on our websites or to offer you content adapted to your interests.
b. What does DOCAPOSTE use cookies for?
Storing information you provide to a website: when you provide information on DOCAPOSTE websites, we store the personal data in a cookie to remember the information you have added. DOCAPOSTE saves you having to re-enter the same information each time you visit our websites. Optimisation: cookies are also used to optimise the performance of our websites and mobile sites. For example, they facilitate your navigation and help you find specific content more quickly.Areas of interest: DOCAPOSTE uses cookies to collect data about your online activity and to identify your areas of interest, so that we can provide you with content and/or advertisements suited to your preferences.Analysis: DOCAPOSTE uses cookies, for example, to count the number of unique visitors on a page or web service and to develop other statistics on the functioning of its services via third-party analyses.
c. What types of cookies are used on our sites?
Technical and navigation cookies
These cookies are used on all our websites, mobile sites and mobile applications. They help you navigate between pages on our sites and applications and expire automatically when you close your browser. You can choose to disable these cookies via your web browser, without affecting access to our services.
Audience measurement and navigation tracking cookies
This cookie is used on all of our websites and mobile sites. It is used to collect anonymous statistical data on the number of visitors to our websites and applications in order to improve their ergonomics and the user experience.
Social network share cookies
Some of our websites include social media cookies that allow content to be shared.We cannot control these cookies and the data collected by social media. For more information about these cookies, please see the privacy policies of each of these social media sites. The data collected by means of these cookies is used by DOCAPOSTE in accordance with their purpose.
Web tags and analysis services
DOCAPOSTE's web pages may contain electronic links and/or images known as web beacons, that we use to place cookies on our websites, to count users who visit these websites and provide quality services. In addition to placing web beacons on our own websites, we sometimes work with other companies to place our web beacons on their websites or in their advertisements. This helps us to compile statistics on how often a click on an advertisement on a DOCAPOSTE website results in an action on the advertiser's website.Finally, DOCAPOSTE's services may contain web beacons or similar technologies from third-party analytics providers, which help us to compile global statistics on the effectiveness of promotional campaigns or other operations. These technologies allow analytics providers to place and read their own cookies or other tags on your device, through which they can collect information about your online activities in applications, websites or other services. However, we prohibit these analytics providers from using web beacons on our sites to collect or access information that directly identifies you (such as your name or email address).
More informations about cookies used on the www.docaposte.com site:
TarteAuCitron Piwik Youtube Clarity Google Ads Bing Ads LinkedIn Facebook Hubspot Matomo ZBO Weborama Criteo hCaptcha SalesForce chat
TarteAuCitron :
We use the TarteAuCitron tag manager in order to better manage the consent of our users and all the cookies associated with the DOCAPOSTE website, in accordance with the recommendations of the GDPR.
Expiration of the cookie : 12 months
Piwik :
We use Piwik for anonymous visit statistics (cookies not subject to consent).
Youtube :
We use Youtube to display and play videos hosted on their site.
Clarity :
We use Clarity to analyze user behavior and improve the service.
Google Ads :
We use Google Ads for marketing campaigns.
Bing Ads :
We use Bing Ads for marketing campaigns (enabled via Google Tag Manager consent).
LinkedIn Insight Tag :
We use LinkedIn Insight Tag for marketing campaigns (enabled via Google Tag Manager consent).
Facebook :
We use the Facebook pixel for marketing campaigns (activated via Google Tag Manager consent).
Hubspot :
We use Hubspot as a marketing automation tool.
Matomo Analytics :
We use Matomo Analytics as a website statistical analysis tool.
ZBO :
We use ZBO for marketing campaigns (enabled via Google Tag Manager consent).
Weborama :
We use Weborama for marketing campaigns (enabled via Google Tag Manager consent).
Criteo :
We use Criteo for marketing campaigns (enabled via Google Tag Manager consent).
hCaptcha :
NWe use hCaptcha to eliminate bots in forms (activated upon user request to fill out a form).
SalesForce chat :
We use Chat SalesForce for chat contact with Docaposte teams (activated at the user's request to start a Chat with Docaposte).
d. How long are cookies kept?
The data collected by the audience measurement cookies deposited directly or indirectly by DOCAPOSTE is kept for 13 months (excluding Google). Consent and refusals given for the activation of cookies will be kept for a period of 12 months.
e. How to manage the use of cookies from your browser?
The configuration of each browser is different. It is usually explained in the help menu of the software. You can also find out how to change your cookie preferences by consulting the online help:
The images captured by the video surveillance and video protection cameras installed in Docaposte's establishments are subject to processing under data protection regulations, with the data controller being DOCAPOSTE SAS, whose registered office is located at 45/47 boulevard Paul Vaillant Couturier, 94200 Ivry-sur-Seine.
These cameras enable Docaposte and its entities to ensure the safety and security of people and property in its legitimate interest and, for video protection cameras, in accordance with the French Internal Security Code (art. L.251-2).
Images are retained for a maximum of thirty (30) days. They may be viewed by Docaposte personnel responsible for safety and security as well as by external service providers engaged for the same purpose.
In the event of an incident related to the safety of people and property, images may be extracted. They are then stored on another medium for the duration of the procedures related to the incident and are accessible only to authorized personnel in this context. They may also be viewed by public authorities entitled to do so upon judicial request.
You have the right to access images concerning you, which you can exercise through the following means:
Contact details of the Lead DPO within the DOCAPOSTE Group:
Email : mesdroits.rgpd@docaposte.frPostal address: Lead DPO, DOCAPOSTE GroupPrivacy-RGPD Unit - ACI 6A1-602 45/47 boulevard Paul Vaillant Couturier94766 Ivry-sur-Seine Cedex
If you encounter any issues related to the management of your personal data, you have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL).
As part of its personal data protection policy, Docaposte has appointed a shared Data Protection Officer:
Data Protection Officer for the La Poste GroupCP C703 – 9 rue du Colonel Pierre Avia75015 PARIS
This document is subject to modification.
Last updated 2024/12/03