Carrefour wegen Barrierefreiheitsmängeln verurteilt: Was sich für den deutschen E-Commerce ändert

Introduction

This Privacy Notice aims to clearly and transparently explain which personal data we collect when you visit our website, why we collect it, how we use it, and what Your rights are.

We process your personal data in accordance with Regulation (EU) 2016/679 (GDPR) and applicable national data protection laws. We are committed to ensuring that all processing activities are carried out in accordance with the principles of lawfulness, fairness, transparency, data minimization, integrity, and confidentiality.

Specifically, in this notice you will find information about:
 

• which data we collect about you and for what purposes;

• the legal bases on which we process such data;

• who we may share your data with;

• how long we retain your data;

• your rights and how to exercise them.
   

While we sometimes need Your data for example, to respond to your requests or improve our website), we do so with respect, care and only when truly necessary.

Our Privacy Promises
 

• We deeply value your privacy, and for this reason, we guarantee that:

• We treat your data as if it were our own.

• We use your data only for the purposes outlined in this notice.

• We retain your data only for as long as strictly necessary.

• We do not share your data with third parties without a valid legal basis or your explicit consent.
   

1. Who Processes Your Personal Data

The Data Controller — that is, the entity that determines the purposes and means of the processing of Your personal data — is AccessiWay S.a.S., with registered office at 7 Rue du Général Henrion Bertier, 92200 Neuilly-sur-Sein registered with the Nanterre Trade and Companies Register under number 914 022 595.

AccessiWay is part of the team.blue group and, in certain cases, acts as joint controller together with team.blue NV, with registered office at Skaldenstraat 121, 9042 Ghent, Belgium. In this context, Your personal data may be shared within the group for statistical, administrative, operational, and service improvement purposes.

AccessiWay and team.blue have defined their respective roles and responsibilities under a joint controllership agreement pursuant to Article 26 of the GDPR, ensuring full compliance with data protection regulations.

For more information regarding joint controllership or to exercise Your rights, you may contact AccessiWay via email at the following email addresses:

📧 legal.fr@accessiway.com or info@accessiway.com.

2. Who This Privacy Notice Applies To

This notice applies to:
 

• users who browse the website www.accessiway.com,

• individuals who contact us through the form available on the website or via email;

• users who interact with tools we have implemented (e.g. widgets, cookies);

• individuals who, through the website or other channels, access external platforms or third-party entities through which they may submit a job application (e.g. recruiting portals or employment agencies).

• In such cases, the privacy notices of the third parties involved — independent from AccessiWay — also apply.
   

3. What Data We Process

To manage your interaction with our website, we may process the following categories of personal data:
 

• Identification and contact details such as name, surname, company, job title, email address, and phone number.

• These data may be partially processed through our customer relationship management (CRM) system.

• Data relating to your interaction with our services such as information collected via the website or through Hubspot, such as communication history, preferences, requests, and commercial or technical notes.

• Technical data such as IP address, device type, operating system, browser, access times, and other data automatically recorded by our systems or servers.

• Browsing data and preferences such as collected via cookies or similar technologies, in accordance with the choices expressed through the cookie consent banner.

• Application data such as personal information included in your CV or other documents submitted through third-party platforms (e.g. professional experience, education, contact details).

• These data are processed by AccessiWay only after being transmitted by the third party, which remains autonomous in the initial processing.
   

4. Purposes and Legal Basis of Processing

We process Your personal data in compliance with Regulation (EU) 2016/679 (GDPR) and applicable national data protection laws. Your data may be processed for the following purposes:
 

• Technical operation of the website
   

We process technical data, using technical cookies and similar tools, to allow You to access the site, view it correctly, and ensure it functions properly (e.g. browsing, content loading, storing preferences).

📌Legal basis: this processing is necessary to provide a service requested by the user, pursuant to Article 6(1)(b) of the GDPR. Your consent is not required for these cookies.
 

• Handling contact or support requests
   

When you send us a request — via the contact form or by email — we process your data to respond and provide the information requested.

📌 Legal basis: this processing is necessary to take steps at your request prior to entering into a contract, pursuant to Article 6(1)(b) of the GDPR.
 

• Compliance with legal obligations
   

In certain cases, we may need to process your data to comply with legal obligations, such as tax, accounting, or IT security requirements.

📌 Legal basis: this processing is based on compliance with a legal obligation, pursuant to Article 6(1)(c) of the GDPR.

• Statistical analysis and website improvement
   

We use analytical tools (e.g. analytical cookies) to collect aggregated data in order to understand how the website is used and to improve its content and functionality.

📌 Legal basis: we process this data only with your freely given and specific consent, pursuant to Article 6(1)(a) of the GDPR.

• Marketing and Profiling
   

If you authorize us to do so, we may use your data to send you promotional communications or provide personalized content (e.g. through profiling cookies).

📌 Legal basis: this processing is carried out only with your explicit consent, pursuant to Article 6(1)(a) of the GDPR. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
 

• Management of job applications through third parties
   

We may receive job applications via third-party platforms (e.g. job portals) or through recruitment agencies. In such cases, we process the submitted data to assess your suitability for the proposed role.

📌 Legal basis: this processing is necessary to take steps at your request prior to entering into a contract, pursuant to Article 6(1)(b) of the GDPR.

Note: the privacy policies of the third-party platforms or agencies involved also apply, independently of AccessiWay.

5. Cookies and Tracking Tools

This website uses a cookie management system provided by iubenda, which allows you to:
 

• view a full and transparent list of the cookies in use;

• modify or withdraw your consent at any time;

• access the complete Cookie Policy, integrated in the cookie widget.
   

You can manage your preferences by clicking on the cookie widget icon located at the bottom left corner of every page on the site.

Technical cookies are necessary and therefore enabled by default. Other non-essential cookies (analytical, profiling) are only enabled with your consent.

For more information, please refer to the full Cookie Policy accessible from the cookie widget.

6. Use of accessWidget

This website integrates accessWidget, an automated accessibility tool developed by accessiBe Ltd. and distributed by AccessiWay. The widget allows users to personalize their browsing experience based on their needs.

When the user activates the widget, their IP address is technically transmitted, but:
 

• it is not stored, tracked, or associated with identifiable individuals;

• it is anonymized via a proxy located in the European Union;

• it is not used for profiling or marketing purposes.
   

📌 Legal basis: provision of a service requested by the user (Article 6(1)(b) of the GDPR).

7. Data Security

We adopt appropriate technical and organizational measures to ensure the security, integrity, and confidentiality of the personal data we process. These measures are designed to prevent unauthorized access, loss, disclosure, or alteration of your data. In particular, we implement:
 

• secure connections via HTTPS (SSL/TLS);

• authentication systems and access control;

• access limitation and internal access tracking mechanisms;

• regular audits and verification procedures;

• continuous updates to systems and security measures according to the level of risk.
   

8. Data Retention

Your personal data is stored only for the time strictly necessary to achieve the purposes for which it was collected. Specifically:
 

• Contact data: up to 10 years if relevant for contractual or legal purposes;

• Technical and browsing data: according to what is outlined in the Cookie Policy;

• Marketing data: until consent is withdrawn.
   

9. Your Rights (Data Subject Rights)

As a data subject, you may exercise the rights provided under Articles 15–22 of the GDPR at any time. In particular, you have the right to:
 

• Obtain confirmation as to whether or not your personal data is being processed and access such data (right of access);

• Request the rectification of inaccurate personal data or the completion of incomplete data (right to rectification);

• Request the erasure of your data, if the conditions set out in the GDPR are met (right to erasure);

• Obtain restriction of processing where applicable (right to restriction);

• Object to the processing of your data, in whole or in part, under certain circumstances (right to object);

• Receive your data in a structured, commonly used, and machine-readable format, and, where technically feasible, have it transmitted directly to another controller (right to data portability);

• Withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
   

📧 You can exercise Your rights at any time by contacting us at: legal.fr@accessiway.com.

🔗 If you are located in France and believe that the processing of your personal data violates applicable law, you have the right to lodge a complaint with the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés – CNIL) via the website: www.cnil.fr.

*If you have difficulty accessing our form, please feel free to contact us. Send an e-mail to info@accessiway.com