PERSONAL DATA PROTECTION CHARTER

Pathé Belgique (Belgium) (hereinafter referred to as “We”) would like to give you visibility, as a Customer, on the processing of your personal data (your “Data”) and your rights under the regulations applicable in this regard.

This charter (“the Charter”) applies to all the services offered by all the Pathé Belgique cinemas, especially when you book shows through our www.pathe.be website (“Website”), mobile application or at the cinema.

We can change the Charter by updating this page. You are requested to regularly check this page to ensure that you agree with any changes that may have been made.

Once you use our services, we consider that you have accepted this Charter.

For any questions related to the Charter, you can contact us by email at dpo.fr@pathe.be

THE CHARTER IN A NUTSHELL:

Collected data

When you subscribe to one of our services (purchase of a seat online or at the cinema), we ask you for some Data.

In addition to this Data that is directly collected from you, other Data can be automatically collected or generated by our IT systems.

What we do with your Data

Collecting your Data allows us to provide you with the subscribed services as well as to understand you better in order to offer you customised options.

Data Recipients

Your Data is sent to all our cinemas, our various departments, service-providers that are authorised to process your Data on our behalf in order to provide you with the associated services.

Location of your Data and transfer

We store your Data mainly in the European Union.

Some of your Data is transferred to the United States for hosting purposes by one of our service-providers providing all the suitable guarantees of protection.

Configuration of your options

You can configure your consents at any time in the “Configure your cookies” section of our www.pathe.be website.

Contact us

For any questions related to the Charter, you can contact us:

by email at dpo.fr@pathe.be

Who are we?

Pathé Belgique is a network of cinemas under the brand Pathé/Acinapolis/Cinescope/Euroscoop/Siniscoop/Cinepointcom. You will find its list on our Website.

Who is the data controller in charge of your Data?

Pathé Belgique is the data controller in charge of your Data.

What types of Data do we collect?

We collect different types of information about you to offer you different services for you to be able to make the most of your experience at the cinema.

We can collect the following Data:

Automatically when you access the Website or application: your IP address, geolocation (upon explicit approval from you), technical information about your browser and terminal as well as Browsing data.
When you make a booking or a purchase online or at the cinema: the selected show, the cinema concerned, your payment method (bank card, cinema cheque or any other means of payment), your bank card imprint (if need be, to manage any refunds and if you request the same to facilitate your subsequent purchases); transactional information, email address to which your booking is sent; as well as your Data pertaining to marital status, Data of history concerning your online booking and purchases (date, show, film, cinema).
When you contact our customer department or one of our cinemas: your surname, first name, email address (if need be, from your customer account if you are connected to it), telephone number, your loyalty card number and the information about your request (film, cinema concerned, show concerned, etc.) and any documents relating to the same. We also save the Data of the history of our exchanges.

Why do we process your Data / for what purpose do we process your Data?

We use and process your Data for several reasons:

booking and online purchase of seats and the online purchase of cinema cheque;
management of your requests to the customer department;
management of customer relations and its improvement;
sending information and customised offers (sending the schedule of your preferred cinema, organisation of preview or event, offer at your customer space of films that you are likely to like, etc.);
organisation of promotional activities mainly through social networks;
conducting statistical studies mainly to best meet your expectations;
improvement of the Website and your browsing.

In addition, we may need to store and process your Data for anti-fraud activity and prevention of payment problems as well as to ensure the protection of our interests in case of legal action or dispute.

Do you have to provide us with your Data?

There is no legal obligation upon you to share your information with us. However, we cannot provide the requested service if you do not provide the information that is indicated as mandatory on our collection forms.

Moreover, you are free to share with us the Data indicated as optional. Collecting this data allows us to enhance the offered service.

How do we collect your consent?

We collect, process and use your Data only after having obtained your clear, explicit and unequivocal consent.

We obtain your consent in the following different situations:

during the purchase or booking of products on our Site
during the acceptance of web browsing cookies (see 8. The cookies);
to offer you customised services.

What are the legal bases for the processing?

The legal basis for the processing of your personal data is based on:

your consent;
the completion of any request from you and the necessity of the creation or execution of our contract with you;

We actually need to collect some of your data to respond to any request you may have. If you choose to not share this data with us, it could render the execution of the contract impossible; or

our legitimate interest as long as it is in line with your interests, freedoms and fundamental rights.

In fact, we have a legitimate interest in providing you with this information and having exchanges with you, mainly to respond to your requests or enhance our services, prevent abuse and fraud, control access, check the regularity of our operations, exercise, protect and preserve our rights, e.g. during disputes, as well as constituting proof of any violation of our rights, managing and improving our relationship with you, continuously improving our website as well as our products/services, and the respect of your privacy except if these interests are replaced by your interests or freedoms and fundamental rights requiring the protection of your personal data. Whatever the circumstances, we ensure that we maintain a proportionate balance between our legitimate private interest.

If the legal basis for our processing is based on your consent, you are entitled to withdraw the same at any time without it affecting the legality of the processing carried out before the withdrawal.

What is the retention period of your Data?

Your Data is stored for the entire duration of the contractual relationship or the subscription to a service and then during a period necessary to ensure the management of the end of the contract or service and preserve our interests in case of legal action or dispute. We ensure that the retention period is reasonable in view of the purpose of this retention.

Here are the different retention periods for your Data by offered service.

Purpose / Legal basis	Retention period before deletion or anonymisation	Additional comments
Online booking of shows and online purchase of cinema cheque	5 years and 3 months at the end of the transaction	Retention of Data of the bank card for 13 months from payment
Management of requests to the customer department	5 years and 3 months at the end of the request
Sending of information and customised offers	Till the withdrawal of consent
Organisation of promotional activities mainly through social networks	5 years and 3 months at the end of the operation
Anti-fraud activity and the prevention of payment problems	5 years and 3 months after the last payment
Exercise or protection of a right through the courts	5 years and 3 months after the last payment

When you visit our Website, cookies may be placed and read in the browser of your computer or terminal.

These cookies allow us to automatically collect Data in order to:

enable browsing on our Website;
track your browsing and measure the audience;
customise your navigation;

bring you advertising that corresponds to your interests.

The maximum storage period of cookies is 13 (thirteen) months after they are placed on your browser or terminal. A new consent will be required after this period ends. You can manually delete these cookies at any time.

Type of cookie	Partner	Retention period	Consequences of blocking
Technical session cookies	-	12 months	Hinders a smooth browsing experience
Authentication cookies	Movio Google (optional) Facebook (optional)	2 months	Blocks the creation and connection to the customer account or requesting the customer department
Security cookies and improvement of performance	Akamai	2 hours	No consequences
Audience measurement cookies	Google	13 months	No consequences
Advertising targeting cookies	Webedia	13 months	No consequences
Advertising targeting cookies	Facebook	6 months	No consequences
Customised advertising (mobile)	Airship	13 months	No consequences

The cookies are placed either directly by us or by third-parties depending on the selection you have made earlier for the sites managed by third-parties.

For more information about these cookies and how you can deactivate them, please refer to

- Google Analytics: https://tools.google.com/dlpage/gaoptout?hl=fr

- Webediad: http://fr.webedia-group.com/cookies

- Facebook: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen

- Airship : https://www.airship.com/legal/privacy/

You can also configure the management of cookies by configuring your browser.

For Internet Explorer™: http://windows.microsoft.com/fr-FR/windows-vista/Block-or-allow-cookies
For Safari™: https://support.apple.com/kb/ph21411?locale=fr_CA
For Chrome™: http://support.google.com/chrome/bin/answer.py?hl=fr&hlrm=en&answer=95647
For Firefox™: http://support.mozilla.org/fr/kb/Activer%20et%20d%C3%A9sactiver%20les%20cookies
For Opera™: https://help.opera.com/en/latest/web-preferences/#cookies

Please click on the links below to make this configuration on your mobile or tablet:

Who are the recipients of your Data?

Pathé Belgique is the recipient of your Data as data controller.

With whom do we share your Data?

We ensure that our subcontractors have the suitable guarantees for the implementation of the confidentiality and security measures for the Data to which they have access while carrying out their tasks as defined by the regulations applicable in this regard.

We share your Data with external service-providers that help us to manage the services that we offer you, especially the Website, customer department, payment services. The intervention of each of these external service-providers is strictly limited to the service that it executes on our behalf.

To which countries do we transfer your Data?

We store your Data mainly in the European Union.

A part of your Data is transferred to the United States for hosting purposes by one of our service-providers. This service-provider is a trusted third-party that guarantees suitable Data protection measures and has obtained the Privacy Shield certification.

Which measures are implemented to guarantee the security of your Data?

We implement suitable organisational and technical measures in order to guarantee a security level for your Data that is suitable in view of the risks of loss, access, modification, change, disclosure or unauthorised destruction of the same.

The access to your Data is strictly monitored and reserved for the employees of the Pathé group, and its subcontractors.

In accordance with the regulations in force, Pathé Belgique implements electronic and physical back-up procedures for the Data collected on the Website.

We draw your attention to the fact that Pathé Belgique does not control the risks related to the working of the Internet and mainly the occurrence of one-off events that could lead to the loss of Data or breach of confidentiality of the same passing through the Website.

Pathé Belgique cannot be held liable in the event of interruption of access to the Website for reasons of forces majeure or those that are beyond its control.

Any breach of security and/or confidentiality of your Data will be immediately brought to your attention as well as that of the French Data Protection Authority when it is so required by the regulations applicable in this regard.

What are your rights and how to exercise them?
1. You have the right:

As a person concerned, you have a right to access your Data, a right to rectify your Data when it is inaccurate, a right to delete your Data, a right to object to and restrict the processing of your Data, and a right to the portability of your Data, i.e. the right to receive the Data that you have communicated in a structured format, which is commonly used and is readable by computer and send it to another data controller.

How to exercise your rights?

For any questions, you can contact us:

Or write to us at:
DPO – EMPIRE, Grand-Rue 141-143, 6000 Charleroi.
For requests that cannot be formulated on your personal space or using the contact form, you can write to our data protection officer at dpo.fr@pathe.be

For us to be able to effectively process your request, please mention your surname and first name, e-mail address and date of birth and attach a copy of your identity document. Please also indicate in your request whether we should reply to you by post or electronically. If there is no such indication, we will reply to you electronically.

We will reply to you as soon as possible and, whatever the circumstances, within one month after receiving your request that can be extended by an additional month depending on the request.

Filing a complaint with the Data Protection authority

In case of any disagreement between us, we undertake to prioritise dialogue and openness to seek an amicable solution. You can also contact the Data Protection Authority. Its address is:

Data Protection Authority

Rue de la Presse, 35, 1000 Brussels

Tel.: +32 (0)2 274 48 00

E-mail: contact@apd-gba.be

PERSONAL DATA PROTECTION CHARTER