1.      WHAT YOU NEED TO KNOW

 

“Personal Data” means information by which a natural person can be directly (for example, by reference to a first or last name) or indirectly (for example, through a phone or ID number) identified.

Personal Data “Processing” means an operation or set of operations performed on Personal Data (such as collection, structuring, storage, alteration, disclosure).

 

The Purpose” of the Processing operation is the primary objective in using the Personal Data. The data are collected for a specified, legitimate objective and are not further processed in a manner that is incompatible with that initial objective.

 

The “Controller” is the natural or legal person who decides whether the Personal Data should be processed and how that Processing operation will be performed, in particular by determining what Purposes the data will serve and the tools that will be used for their Processing.

 

The “Recipient” is the natural or legal person to whom your Personal Data are disclosed.

 

 

2.        What categories of Personal Data are processed?

 

The Personal Data collected and processed may include:

§  your first and last names;

§  postal and email addresses;

§  phone number;

§  professional information such as CV, cover letters, diplomas, remuneration;

§  results of any tests performed as part of the recruitment process (if the recruiting entity implements such tests);

§  connection data (i.e., logs, username, encrypted password) and

§  other data that you may voluntarily communicate to us although not expressly required as part of our recruiting process.

 

These personal data may be collected directly or through our recruiting firms and/or external job boards services.

 

We will inform you, when collecting your personal data, whether some of these data are mandatory or optional.

 

3.        ON WHAT LEGAL BASIS, For what Purposes do we collect and process your Personal Data AND FOR HOW LONG are your Personal Data kept?

 

PURPOSES

LEGAL BASIS

DATA RETENTION PERIOD

To create your account so that you can apply for our job offers

Our legitimate interest in facilitating the recruitment process by providing a dedicated space

Personal data are kept for the duration of your account.

 

If your account is inactive for a period of 2 years, it will be deleted if you do not respond to our reactivation email.

 

For the US applicants, the personal data are retained in compliance with American data protection laws.

Constitute an applicant pool

Your consent either at your country level or worldwide

Personal data are kept for 2 years from the date of your consent.

 

For the US applicants, the personal data are retained in compliance with American data protection laws.

To evaluate your application for the vacant position

Our legitimate interest in recruiting new profiles

Personal data are kept for the duration of the recruiting process and for a maximum period of six (6) months following your last contact with Sonepar.

 

For the US applicants, the personal data are retained in compliance with American data protection laws.

To measure your professional skills

Our legitimate interest in finding an applicant matching the search criteria

Personal data are kept for the duration of the recruiting process and for a maximum period of six (6) months following your last contact with Sonepar.

 

For the US applicants, the personal data are retained in compliance with American data protection laws.

To finalize the recruitment process (i.e., collection of information necessary for the formalization of the employment contract)

Taking steps at your request prior to entering into a contract

Personal data are kept for the duration of the recruiting process and for a maximum period of six (6) months following your last contact with Sonepar.

 

For the US applicants, the personal data are retained in compliance with American data protection laws.

 

4.        Who processes your Personal Data?

 

The Personal Data Processing operations described in above point 3 “On what legal basis, for what purposes do we collect and process your personal data and for how long are your personal data kept? are performed under the responsibility of:

 

Sonepar SAS,

a société par actions simplifiée (French simplified joint stock company),

whose registered office is located at 25 rue d’Astorg, 75008 Paris, France and

which is registered with the Paris Trade and Companies Registry under number 585 580 202

 

and/or

Sonepar International SAS,

a société par actions simplifiée (French simplified joint stock company),

whose registered office is located at 25 rue d’Astorg, 75008 Paris, France and

which is registered with the Paris Trade and Companies Registry under number 433 890 845

 

and/or

 

the Sonepar Group entity that initiated and is conducting the recruitment process for which the candidate submitted its application

 

and/or

 

Sonepar Group entities that are looking for candidates and to which you chose to share your profile as part of our pool of candidates option.

 

Where the entities detailed above are not the Controllers, you will be notified of the identity of the Controller.

 

If you chose to participate to our pool of candidates and made your profile available to Sonepar Group entities, recruiters from these companies will be able to access your profile when searching for candidates whose profiles may fit certain vacant positions.

 

 

5.        WHO WILL REVIEW MY APPLICATION?

 

Although we use a common group-wide digital solution, your application will be reviewed by the Sonepar Group entity which posted the position you apply to. The recruitment process as such is made under the sole liability and responsibility of this entity.

 

 

6.        How does Sonepar ensure the security of your Personal Data?

 

In accordance with the applicable laws and regulations, Sonepar has implemented reasonable technical (for example, firewalls) and organizational (for example, username/password system, physical protection solutions, etc.) measures to protect your Personal Data from destruction, loss, alteration, disclosure or unauthorized access by a third party.

 

We require all service providers that potentially process your Personal Data on our behalf to make contractual commitments to a similar or superior standard.

 

 

7.        To whom might Sonepar disclose your Personal Data?

 

Your Personal Data will only be used by and disclosed to persons who need to access such data for the Purposes described in this Policy or in order to perform their duties, in all cases in accordance with the applicable laws and regulations.

 

Sonepar may disclose some of your Personal Data to the following categories of Recipients:

§  Processors or service providers acting on its behalf and in accordance with its instructions: hosting service providers, job boards, recruitment offices, IT integrators, skills assessment tools, SEO for jobs offers;

§  other Sonepar Group companies, which are generally subject to identical or equivalent data protection rules.

 

We ensure that your Personal Data are only disclosed to third parties within an adequate contractual framework that guarantees the security and confidentiality of your data and compliance with the Purpose of the Processing operation. 

 

 

8.        Where might your Personal Data be transferred?

 

As a result of the Sonepar Group’s international footprint, some of the Recipients who may have access to your Personal Data (such as entities that belong to the Sonepar Group and/or their business partners), may be based outside the European Union.

 

In this case, we ensure before the transfer that the Recipient offers an adequate level of data protection (for example, based on an adequacy decision validated by the European Commission or on standard contractual clauses). You may obtain a copy of the appropriate safeguards put in place by sending a request to the contact indicated in point 9 below “What are your rights?”.

 

By clicking on the following link, you can find a list of the entities that belong to the Sonepar Group and the countries in which they operate: Presence | Sonepar

 

In some specific cases, we obtain your consent before the transfer.

 

Additional information on the terms and conditions of data transfers may be obtained by sending a request to the contact indicated in point 9 below “What are your rights?”.

 

9.        What are your rights?

 

You are entitled to access and modify your Personal Data collected by Sonepar, subject to the applicable legal provisions.

 

Your rights include:

 

§  Right of access: you may obtain a copy of the Personal Data processed by Sonepar.

 

§  Right to rectification: if you believe that your Personal Data are incorrect or incomplete, you may request a rectification.

 

§  Right to erasure: in certain cases provided for by law, you may request that your Personal Data be erased, in particular where the Processing operation is exceptionally based on your consent and you wish to withdraw that consent or where it appears that your Personal Data are no longer necessary in relation to the Purposes for which they were collected or processed. However, this right is not unconditional and Sonepar may have a legal basis or legitimate reason to keep your Personal Data.

 

§  Right to object: in certain cases, you may object to the Processing of your Personal Data on grounds relating to your personal situation. However, this right is not unconditional and Sonepar may reject your request for compelling legitimate reasons.

 

§  Right to restrict Processing: you may also request that the Processing of your Personal Data be restricted (for example, suspended) if (i) your Personal Data are incorrect, (ii) you have exercised your right to object or (iii) the data are no longer needed for the processing operation but are still required to establish, exercise or defend your legal rights.

 

§  Right to data portability: when this right applies, you have the right to receive the Personal Data that you have provided or, where technically feasible, to transmit those data to a third party.

 

§  Right to give instructions regarding the use of your Personal Data after your death: you have the right to give Sonepar instructions regarding the use of your Personal Data after your death.

 

§  Right to withdraw your consent: if your consent is obtained prior to the collection of your Personal Data, you have the right to withdraw that consent.

 

To exercise your rights, please write to the following address: groupcompliance@sonepar.com

 

You may file a complaint with the competent supervisory authority.

The French supervisory authority is:

 

Commission nationale de l’informatique et des libertés – CNIL
(French data protection authority)

3 Place de Fontenoy – TSA 80715 – 75334 Paris CEDEX 07 – France

Telephone: +33 (0)1 53 73 22 22

 

For information about the various supervisory authorities of the member States of the European Union please visit this webpage: https://edpb.europa.eu/about-edpb/board/members_en

 

 

10.    VERSION

 

This Policy may be updated or modified from time to time.

We therefore recommend that you regularly consult this Policy, as published on our Corporate Website: www.sonepar.com. In any case, we will keep you informed of any significant changes to this Privacy policy.

Translations of this document may be subject to interpretation. Only the English version is authoritative.

SONEPAR SAS

25, rue d’Astorg 75008 Paris − France

Tel.: +33 (0)1 58 44 13 13

www.sonepar.com

All Rights Reserved – July 2022