Protection of the customer data
We are committed to maintaining the confidentiality of your information in accordance with our customer privacy policy
Auchan is committed to maintaining the confidentiality of your personal data. We are constantly improving our systems to ensure the protection of the data you provide us when using our services. Feel free to read our privacy policy to learn more about how we personnalise your experience with Auchan.
We process your personal information in conformity with regulations in effect applicable to the processing of personal information and, in particular, in conformity with the European Regulation relative to the protection of natural persons.
Since the first European directive of 1995 the technology progressed and continues to evolve more and more quickly. Many changes have taken place since and with this the need to adapt a legal framework in order to ensure optimal protection of people with regard to the processing of their personal data and with this their right to respect for their private life. It therefore appeared necessary for the European legislator to lay down, on the one hand, a strong protection framework for citizens while taking account of new technological developments, and, on the other hand, a harmonization of the rules in force in the different States members of the European Union.
It is with this in mind that the European Commission in 2012 initiated a reform of the existing legal framework, with the aim of adapting the rules. This reform led two texts on data protection which contains:
There are 3 types of personal data:
There is a particular category of data: sensitive data. These are the data relating to:
Processing is defined as any operation or any set of operations carried out or not using automated processes and applied to personal data or sets of data, such as collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, reconciliation or interconnection, limitation, l ‘erasure or destruction.
Anyone affected by data processing has a number of rights. These rights are greatly increased with the GDPR. This data protection legislation gives you rights to control the use of your own personal data:
Who processes my personal data, why and how?
Companies or administrations must give you these elements in simple and clear language at the very moment of the collection of your data or, at the latest, within one month of the collection.
This right is limited in certain cases, for example for public security or the prosecution of criminal offenses.
In the event of a security breach resulting in a personal data breach liable to create a high risk for your rights and freedoms, the controller must inform you as soon as possible so that you can take the necessary precautions.
Your bank refuses you a consumer loan because the “system does not want”, what can you do?
Ask for explanations and if necessary contest this decision which was taken without human intervention. In fact, you have the right to be informed about the logic behind the decisions that are made on the basis of automated processes. The organization concerned must give you the opportunity to present your point of view and to challenge the decision, if necessary.
You buy a product on the Internet and want to know what information has been kept by the online merchant?
Contact the controller directly, he must communicate all of your data to you.
Have you noticed that any data concerning you is inaccurate, incomplete or just out of date?
Request the rectification of your personal data! Contact the controller to correct inaccurate information about you. This right prevents an organization from processing or disseminating false information about you.
The conservation of certain data concerning you is no longer justified?
If the data controller no longer has any legitimate reason (for example legal obligations with regard to accounting) which justifies the retention of your data, this data must be deleted.
The right to be forgotten also allows you to demand the immediate withdrawal of personal data collected or published on a social network when you were a minor and not fully aware of the risks inherent in the processing.
You are consulting a search engine (Google, Bing, Yahoo, etc.) and, when entering the combination of your first and last name, you find a search result that is incorrect or irrelevant?
Contact the search engine (check on its site, there is often a dedicated form) and ask for the dereference of the search result. It is necessary that you explain to the search engine why this result is no longer relevant or incorrect.
Do you want to recover your data when you change operator online?
This right allows you to recover, free of charge, the data that you have communicated to an organization in a structured, commonly used and machine-readable format and, if necessary, to transmit it to another (social network, Internet service provider, site streaming, etc.) without the organization obstructing it.
The right to portability only applies if the data processing is:
Do you no longer wish to receive advertisements from a company? Do you no longer want to appear in your car dealer’s database?
Exercise your right to object directly to the controller if you have legitimate reasons.
You can object, without having to provide any justification, to the use of your data for commercial prospecting or canvassing with an ideological orientation (political parties, unions, religious groups, etc.)
You cannot object to processing provided by law.
You notice that information concerning you is inaccurate or irrelevant. But rather than requesting deletion, would you prefer a limitation?
You can claim the blocking of the processing of your data:
The rules, rights and duties relating to the processing of personal data apply in the same way to minors and adults.
However, there are specificities concerning children:
The legislation relating to the protection of personal data places a large number of obligations on the controller which can be summarized as follows:
Auchan Luxembourg has appointed a data protection officer who is available to answer your questions concerning the processing of your data. You can contact him: