Privacy policy

For your convenience, Sercel's privacy & protection of personal data is divided into two parts: an Employee Privacy Policy and a Third-Party Privacy Policy.

Aller sur la version française

privacy policy


GROUP EMPLOYEE PRIVACY POLICY
1. Summary
2. Definitions
3. Personal Data Collected
4. Use of Personal Data
5. Changes to this Group Employee Privacy General Instruction

 THIRD PARTY PRIVACY POLICY
1. Summary
2. Definitions
3. Personal Data Collected
4. Use of Personal Data
5. Changes to this Third Party Privacy General Instruction



GROUP EMPLOYEE DATA PRIVACY POLICY

1.    Summary
 Sercel S.A.S, with registered office at 16, rue de Bel Air – 44470 Carquefou, and all Sercel Group entities (“Sercel”) are committed to maintaining the principles of integrity and trust with respect to the privacy of Personal Data of their Employees and to comply with all related applicable laws and regulations in particular but not limited to: the European Regulation (EU) 2016/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing the EU Data Protection Directive” (the “GDPR”) and any implementing legislation enacted by the member states of the European Union (“European Laws”).
As a main principle, employees of Sercel employed by a Sercel entity in the European Economic Area (“EEA”) are subject to the GDPR and to local data protection laws. Employees who are employed by a Sercel entity outside the EEA are subject to the data protection laws of the relevant country where they are employed.

Sercel complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States. Sercel has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. 
As part of this commitment, Sercel shall protect the privacy of Personal Data disclosed to its Employees (whether about themselves or their household), as well as Personal Data received by Sercel from other sources, at all times before, during and after employment.

Subject to all applicable laws and regulations, this Employee Data Privacy General Instruction describes:

  • The nature of Personal Data that Employees generally disclose to Sercel or that Sercel may receive from other sources before, during or after employment;
  • How Sercel collects and uses the Personal Data received;
  • The rights of Employees regarding their Personal Data.


2.    Definitions
 "Personal Data" and "Personal Information" are used interchangeably herein and refer to any information that can be used to identify an  individual, either on its own or I combination with other readily available data (e.g., the individual’s name, title, work, location, home, address, date of birth, compensation, benefits, or family members.
"Sensitive Data" means Personal Data which reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data or data which concern health, sex life or sexual orientation.
Please note that Personal Data and Sensitive Data may have different definitions depending on your country.

3.    Personal Data Collected
Sercel does not collect, use, or disclose Personal Data without the knowledge of the individual from whom the information is collected unless a lawful basis to do so exists.
Personal Data collected by Sercel is required as a consequence of the contractual relationship with its Employees to enable Sercel to carry out its contractual obligations to its Employees. Failure to provide this information may prevent or delay the fulfilment of these obligations.
Subject to applicable laws and regulations, Personal Data collected by Sercel on Employee(s) may include the following:

  • Name, date of birth, gender, marital status, dependants, nationality and identification numbers including social security, driver's license, tax identification and passport numbers; etc.
  • Home and office addresses, phone numbers (home, office and mobile), home and office e-mail addresses, etc.
  • Background information, including education (schools and dates attended, degrees or diplomas obtained), training, work history (names of former employers, dates of employment, and compensation information), military and veteran status, etc.
  • Medical information, including personal contact, health information etc.
  • Sercel work history, experience, competences, training, compensation information (including salary, bonus, options and benefits), and employment performance, etc. 

 

4.    Use of Personal Data


4.1.    The purpose and lawful basis of the processing
Sercel collects and uses the Personal Data disclosed by the Employees or received from other sources in the context of their employment within Sercel. 
Sercel collects and uses the Personal Data of its Employees for the execution of their employment contract, to comply with its legal obligations, and for the purposes of the legitimate interests of Sercel. 
Failure to provide Personal Data may prevent or delay the fulfilment of these obligations.
Sercel collects and uses Personal Data about Employees prior to and throughout employment for the following purposes: to carry out and manage business operations, for staffing assessment and career development purposes (e.g., talent management), to provide remuneration, benefits and other services such as international mobility, traveling arrangements, and more generally to comply with its legal obligations in its quality of employer. Sensitive data shall be processed only where required by local law and only where there is a legitimate purpose for Sercel in doing so. 


4.2.    Recipients of Personal Data 
To fulfil the purposes mentioned in Article 3.1. of the Employee Data Privacy General Instruction, Sercel may disclose Personal Data collected on an Employee to other Employees who reasonably need to receive such Personal Data to perform their duties. In addition, Sercel may disclose Personal Data to third parties on a limited and as-needed basis, including without limitation and for example, third parties who advise Sercel on compensation and benefit programs and/or administer such programs for Sercel, or as otherwise required by law or detailed in this Employee Data Privacy General Instruction.
Sercel has implemented a Third-Party Data Privacy Policy that requires such third parties to sign a written agreement that requires them to maintain the confidentiality of Personal Data and prohibits them from disclosing Personal Data to any other person or entity or using such data for any purpose other than that which Sercel has engaged them to provide as described in the said agreement, except with certain licensed professionals, such as doctors and lawyers, or in the circumstances below mentioned or in case specific laws and/or regulations do not require so.
In certain circumstances, Sercel may be requested or required to disclose Personal Data in response to valid legal process or under applicable laws and/or regulations. Such circumstances may include a search warrant, subpoena, court order or other request from a government or regulatory authority or agency, including to meet national security or law enforcement requirements. Sercel reserves the right to disclose such information in response to any such legitimate government or regulatory request or requirement.
Sercel may also disclose Personal Data during emergency situations, including without limitation if the physical safety of an Employee or others is believed to be at risk, or to notify family members or government agencies of the location or condition of the Employee. 
Sercel does not disclose Personal Data to any person or entity for marketing purposes, and absolutely does not sell, rent or license Personal Information to others. 


4.3.    International Transfer of Personal Data
Subject to applicable laws and/or regulations, Personal Data may be transferred to any country in the world where Sercel does business, including countries where privacy laws may be more or less protective than the privacy laws where an Employee lives or works.
In particular, Sercel may transfer Personal Data of Employees located in the European Economic Area ("EEA") to countries located outside the EEA. Where appropriate, Sercel will ensure that Employees are informed of such transfer and that appropriate transfer mechanisms are in place. 


4.4.    Onward Transfer and Choice 
Sercel does not intend to disclose or use Personal Data in a manner not described herein. However, should at any time Sercel have a need to disclose or use Personal Data in a way that is incompatible with the purpose for which it was collected, Sercel will provide Employee with information relating to this purpose and will offer each Employee a choice whether or not to allow such disclosure or use of that Employee's Personal Data. 
In this situation, Employee's consent must be received in writing (or a legally equivalent electronic form) before Sercel’s disclosure or use of Personal Data in this manner. If an Employee does not consent to such disclosure or use, Sercel shall take reasonable measures to remove that individual's Personal Data before the data is disclosed or used in such a manner.
When the processing of Personal Data is outsourced to a third party, Sercel will select reliable third parties and processing will be subject to written agreements between Sercel and said relevant third parties. In addition to the provisions provided in Article 4.1. of the Employee Data Privacy General Instruction, the written agreements shall specify that the third party has at least the same adequate level of security measures in place as those implemented by Sercel and will only process Personal Data on the specific written instructions of Sercel and only for the purpose(s) described in said agreement.
Sercel shall be held liable in case the third party does not process the Personal Data in an appropriate manner.

4.5.    Personal Data Security
Sercel maintains appropriate technical and organizational measures to process Personal Data on Employees in a secure-access environment and in a manner that complies in all material respects with applicable laws and/or regulations and industry standards to guard Personal Data against loss, destruction, misuse, improper disclosure, and unauthorized access or modification (e.g., encryption, server backups, System Architecture Validation process in place).
 
4.6.     Personal Data Retention Period
Personal Data is not kept for longer than necessary to fulfil the purpose for which it was collected. Personal Data will generally not be retained longer than the term of your employment relationship with Sercel, unless there is any legal or regulatory provision requiring otherwise. 


4.7.     Personal Data Accuracy 
Sercel relies on the accuracy and integrity of its Employees Personal Data in order to comply with its business obligations. Sercel expects the Employees to inform it of any changes to their Personal Data such as changes to contact information, address, marital status, or any information affecting benefits or services provided by Sercel.


4.8.    Rights Over Personal Data
Employees have a right to request access to their Personal Data and to request the rectification of any incorrect or incomplete data. Employees also have the right to data portability, to request the erasure of their Personal Data, to restrict the processing of their Personal Data, as well as to object to their processing by Sercel, unless Sercel demonstrates compelling legitimate grounds. Employees who are not satisfied with the way Sercel processes their Personal Data have the right to lodge a complaint with the competent data protection authority. 
Should the Employees have any request for assistance regarding the exercise of their rights as above mentioned, the Employees shall contact their HR manager and/or use the following internal e-mail address: dataprivacy@sercel.com. Sercel will allow Employees to review their Personal Data. However, in certain limited circumstances Sercel may not be able to provide Employees with access to all of their Personal Data where such refusal is permitted or required by applicable law or regulation.
Subject to all applicable laws and regulations, should any Personal Data concerning an Employee be found to be no longer needed, to be inaccurate or incomplete or if an Employee has withdrawn consent, Sercel will take reasonable steps to erase, correct or update the information it maintains unless Sercel has a legitimate reason not to do so.
These rights can vary depending of your country. Please consult your local HR manager for a list of your rights under applicable data protection and employment law.
 
4.9.    Enforcement and Recourse
As a general principle, Sercel is committed to resolve complaints about collection and/or use of personal information. Any inquiry or complaint regarding this General Instruction should first be referred to Sercel Privacy Officer at data.privacy@sercel.com.

In compliance with the European Laws and the EU-US Privacy Shield Principles,. Sercel will strive to acknowledge any complaint or enquiry and to take all appropriate to remedy any such issue within one (1) month of receipt. However, if Sercel is unable to satisfactorily resolve the issue, Sercel will inform the Employee of the reasons preventing the implementation of measures to resolve such issue. As mentioned above in Article 4.8, the Employee also has the possibility to lodge a complaint to the EU local data protection authorities (DPAs). To contact the DPAs directly please visit: http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm.
Under the GDPR, Employees who consider that the processing of their Personal Data   infringes their rights, have the right to an effective judicial remedy.
In the context of the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework Certification with the Department of Commerce, Sercel is subject to the investigatory and enforcement powers of the Federal Trade Commission.
Pursuant to Privacy-Shield Frameworks, an individual has the possibility under certain circumstances to invoke binding Arbitration 


5.    Changes to this Group Employee Privacy General instruction
 Sercel reserves the right to make changes to this Employee Data Privacy General Instruction from time to time in order to reflect changes in legal or statutory obligations, or changes in the manner in which the Personal Data are managed. 
 


THIRD PARTY PRIVACY POLICY
1.    Summary
 This Third-Party Privacy Policy describes the manners in which Sercel S.A.S., 16, rue de Bel Air 44470 Carquefou and all Sercel Group affiliates (“Sercel”), as the data controller, collect, use and protect Personal Data received from Third Parties and/or Personal Data from its Employees transferred to Third Parties.
Sercel agrees to comply in all material respects with all applicable privacy laws, rules and regulations, including but not limited to: (i) the European Regulation (EU) 2016/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing the EU Data Protection Directive” (the “GDPR”) and any implementing legislation enacted by the member states of the European Union (“European Laws”). 
Sercel complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal information transferred from the European Union and Switzerland to the United States. Sercel has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.
Affiliates (and their employees) shall not be considered as Third Parties for the purpose of this Third-Party Policy. A separate Group Employee Data Privacy General Instruction applies to Sercel’s employees (including the third-party employees subcontracted to Sercel, “the Employees”).
Third Parties include applicants clients, subcontractors, vendors/suppliers, investors, insurers and visitors to Sercel’s website (such parties herein referred to individually as a “Third Party” or collectively as “Third Parties”). 
By providing Personal Data as below defined to Sercel, Third Parties consent to the disclosure and/or collection and use of information as set forth herein unless otherwise required.  


2.    Definitions
 Personal Data" and "personal information" are used interchangeably herein and refer to information that can be used to identify a Third Party either on its own or in combination with other readily available data (e.g., the individual's name, title, work location, home address, date of birth, compensation, benefits or family members).
"Sensitive Data" means Personal Data, which reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data or data which concern health, sex life or sexual orientation.
Please note that Personal Data and Sensitive Data may have different definitions depending of your country. 


3.    Personal Data Collected
 Sercel collects Personal Data entered by Third Parties on Sercel's websites or through cookies used by Sercel as specified below, or given in any other way, such as writings or phone calls during any transactional or administrative communications.
Subject to applicable laws and regulations, Personal Data and/or Personal Information collected may include, but is not limited to, the following:

  • Personal Data such as date of birth, gender, marital status, and identification numbers including social security, driver's license, tax identification, passport numbers and resume;
  • Contact information such as name, company name, address, phone number, fax number, and e-mail address;
  • Financial and billing information, such as billing name and address, payment information (which might include credit card and/or bank account information);
  • Additional information such as title, department name, fax number, and additional company information, such as shareholder names, annual revenues, number of employees or industry.

4.    Use of Personal Data
4.1.    Purpose and Lawful Basis of the Processing

Sercel uses Personal Data collected from Third Parties for the purposes of Sercel’s operations and activities management, training programs, and recruiting job applicants. 
Sercel collects and uses the Personal Data of Third Parties for the execution of its contracts with them, to comply with its legal obligations, on the basis of Third Parties’ consent and for the purposes of the legitimate interests of Sercel. 
Failure to provide this information may prevent or delay the fulfilment of these obligations.
Sercel processes Third Parties’ Personal Data on the following legal basis:

  • Performance of a contract – the use of Third-Party Personal Data may be necessary to perform the contract that you have with us;
  • Legitimate interests – Sercel may use Third-Party Personal Data for its legitimate interests, for example to improve our products and services or our marketing practices by monitoring and measuring engagement;
  • Consent – Sercel will rely on Third Parties’ consent to use Personal Data for marketing purposes;
  • Legal obligation – to comply with Sercel legal obligations.

Sensitive Data shall be processed only where required by local law and only where there is a legitimate purpose for Sercel in doing so.


4.2.    Recipients of Personal Data 
To fulfil the purposes mentioned in Article 4.1 of the Third-Party Privacy Policy, Sercel may disclose Personal Data to Third Parties on a limited and as-needed basis, including without limitation for example, services providers who advise Sercel on compensation and benefit programs or administer such programs for Sercel, insurers, or as otherwise required by law or detailed in this Third-Party Privacy Policy.
In the event that Sercel or any portion of its assets are acquired, sold or transferred, Sercel may disclose Personal Data with the company involved to perform the operation and complete the transition, on a limited basis in compliance with applicable law.
In certain circumstances, Sercel may be requested or required to disclose Personal Data in response to valid legal process or under applicable laws and/or regulations. Such circumstances may include a search warrant, subpoena, court order or other request from a government or regulatory authority or agency, including to meet national security or law enforcement requirements. Sercel reserves the right to disclose such information in response to any such legitimate government or regulatory request or requirement.
Sercel does not disclose or sell any Personal Data to any person or entity for marketing or any other commercial purposes. 


4.3.    International Transfer of Personal Data
Subject to applicable laws and/or regulations, Personal Data may be transferred to any country in the world where Sercel does business, including countries where privacy laws may be more or less protective than the privacy laws where a Third Party is located.
In particular, Sercel may transfer Personal Data of Third Parties located in the European Economic Area ("EEA") to countries located outside the EEA. Where appropriate, Sercel will ensure that Third Parties are informed of such transfer and that appropriate transfer mechanisms are in place.


4.4.    Onward Transfer and Choice « Opt in – Opt out »
Sercel does not intend to disclose or use Personal Data received from a Third Party in a manner not described herein. However, should at any time Sercel need to use Personal Data for a new purpose that is materially different from that or which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to an non-agent Third Party, Sercel will provide individuals with an opportunity to choice whether to have their Personal Data so used or disclosed. Requests to opt-out of such uses or disclosures of Personal Data should be sent to: data.privacy@sercel.com.
If Personal Data that qualifies as Sensitive Data is to be used for a new purpose that is different from that for which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to a Third Party, Sercel will obtain the Third Parties’ explicit consent prior to such use or disclosure, except if the use or disclosure is in the vital interests of the Third Party or another person; necessary for the establishment of legal claims or defences; required to provide medical care or diagnosis; necessary to carry out Sercel’s obligations in the field of employment law; or related to data that are manifestly made public by the individual.
If the Third Party does not consent explicitly to such disclosure or use, Sercel will take all reasonable measures to remove the Third Party’s Personal Data from the intended disclosure or use.
The same principles apply for the Personal Data received from Employees that is anticipated to be disclosed and/or used to a Third Party as described in the Employee Privacy General Instruction above referred to.
When the processing of Personal Data is outsourced to a third party processor, Sercel will select reliable third parties and data processing will be subject to written agreements between Sercel and the relevant third party processor. This written agreement will require that the third party processor: (i) has at least the same adequate level of security measures in place than those implemented by Sercel, and (ii) will process Personal Data in strict compliance with Sercel’s specific written instructions only for the purpose(s) mentioned in the said agreement. Sercel shall be liable in case the Third Party does not process the Personal Data in an appropriate manner. 


4.5.    Personal Data Security
Sercel maintains appropriate technical and organizational measures to process Personal Data collected from Third Parties in a secure-access environment and in a manner that comply in all material respects with applicable laws and industry standards to guard Personal Data against loss, destruction, misuse, improper disclosure, and unauthorized access or modification. These safeguards are routinely tested internally and periodically audited by outside firms.  


4.6.    Personal Data Retention Period
Personal Data is not kept for longer than necessary to fulfil the purpose for which it was collected. Personal Data will generally not be retained longer than the term of Third Party’s contractual relationship with Sercel, unless there is any legal or regulatory provision requiring otherwise.
 
4.7.    Personal Data Accuracy 
Sercel relies on the accuracy and integrity of Third Parties’ Personal Data in order to comply with its business obligations. Sercel expects Third Parties to inform it of any changes to their Personal Data such as changes to contact information, address, or any information affecting benefits or services provided by Sercel.

Sercel makes all reasonable efforts to ensure that the Personal Data it collects and maintains is reliable for its intended use, and is accurate, complete, for the purposes for which it was collected. 


4.8.    Rights Over Personal Data
Third Parties have a right to request access to their Personal Data and to request the rectification of any incorrect or incomplete data. Third Parties also have the right to data portability, to request the erasure of their Personal Data, to restrict the processing of their Personal Data, as well as to object to their processing by Sercel, unless Sercel demonstrates compelling legitimate grounds. Third Parties which are not satisfied with the way Sercel processes their Personal Data have the right to lodge a complaint with the competent data protection authority.
Should a Third Party have any request for assistance regarding the exercise of their rights as above mentioned, the Third Party shall use the following e-mail address: data.privacy@sercel.com.
Sercel will allow a Third Party to review the Third Party’s Personal Data that Sercel stores and maintains about that Third Party in his/her personnel file, including information relevant to the use and disclosure of that person’s Personal Data. However, in certain limited circumstances Sercel may not be able to provide Third Party with access to all of his or her Personal Data where such refusal is permitted or required by applicable law or regulation.
Subject to all applicable laws and regulations, should any Personal Data concerning a Third Party be found to be no longer needed, to be inaccurate or incomplete, or if a Third Party has withdrawn consent, Sercel will take reasonable steps to erase, correct, or update the information it maintains unless applicable laws or regulations exempt Sercel from doing so.
These rights can vary depending on your country. 


4.9.    Website 
An individual can access Sercel’s website without providing any Personal Data. However, should you choose, you may provide us with certain Personal Data. Sercel may use this information:
To correspond with you ;

  • To allow you to participate in features or services we offer on this website;
  • To provide you with a subscription or newsletter;
  • To transmit your resume within Sercel for possible employment opportunities.

If you subscribe to any service provided by Sercel through Sercel’s website or otherwise, and you wish to terminate that subscription and have all Personal Data about you removed from any list we maintain, please contact Sercel by sending an e-mail to data.privacy@sercel.com, informing us of your request. We will promptly make reasonable efforts to remove all Personal Data about you from our data banks. In addition, e-mail communications from Sercel inform the recipient how to stop receiving further communication.
Sercel does not automatically log Personal Data about visitors to our website. Sercel does not use cookies to store Personal Data, nor does Sercel link non-Personal Data stored in cookies with Personal Data about specific individuals. We may collect certain non-Personal Data from a visitor to our website such as what browser was used, what pages were accessed, and the Internet address of the service provider in order to compile statistics and analyse this data for trends.


4.10.    Use of Cookies 
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org.
Sercel’s website uses the following cookies to understand how the site is being used in order to improve the user experience.


Functional Cookies
 

Cookie Purpose Expiration
ASP.NET_SessionID This cookie is necessary for site functionality and is set even if you do not give your consent. It is held temporarily in memory and is deleted when the web browser is closed. Session
COOKIE_AGREEMENT This cookie is saved when you agree to the use of cookies on our website. 13 months maximum
CULTURE This cookie is saved when you choose a language. Session & Longer

Google Analytics
Sercel uses this to understand how the site is being used in order to improve the user experience. User data is all anonymous. You can find out more about Google’s position on privacy as regards its analytics service at: https://policies.google.com/privacy?hl=en.
To opt out of being tracked by Google Analytics across all websites, visit: tools.google.com/dlpage/gaoptout.

 

Enforcement, Rescourse and Liability

Sercel will monitor its compliance with this Third-Party Privacy Policy and address questions and concerns regarding its adherence.
As a general principle, Sercel is committed to resolve complaints about collection and/or use of Personal Data.
Any inquiry or complaint regarding this Third-Party Privacy Policy can be referred to a Sercel Privacy Officer at data.privacy@sercel.com

In compliance with the European Laws, Sercel will strive to acknowledge any complaint or enquiry and take appropriate action to remedy any raised issue within one (1) month of receipt. However, if Sercel is unable to satisfactorily resolve the issue, Sercel will inform the concerned Third Parties of the reasons preventing the implementation of measure to resolve such issue. 

Regarding the rights over Personal Data as described in Article 4.10. of this Third-Party Privacy Policy, Third Parties also have the possibility to lodge a complaint to the EU data protection authorities (DPAs). To contact the DPAs directly please visit: ec.europa.eu. 

Under the GDPR, the Third Parties who consider that the processing of their Personal Data infringes their rights have the right to an effective judicial remedy.
In the context of the EU-US Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework Certification with the Department of Commerce, Sercel is subject to the investigatory and enforcement powers of the Federal Trade Commission.

Pursuant to the Privacy-Shield Framework, an individual has the possibility under certain circumstances to invoke binding arbitration.


5.    Changes to this Third Party Privacy General instruction
 
Sercel reserves the right to make changes to this Third-Party Privacy Policy from time to time in order to reflect changes in legal or regulatory obligations, or changes in the manner in which Sercel manages personal data. This Third-Party Privacy Policy was last updated in July 2023.