PRIVACY AND COOKIES POLICY

PRIVACY AND COOKIES POLICY

LATEST UPDATED: 13 APRIL, 2022

SDRM’s privacy policy is intended to provide you with transparent and comprehensible information about how your personal data is processed. This privacy policy also explains the rights you have under the regulations and how you can exercise these rights with SDRM using the dedicated forms that are available on this page. Please refer to Section

1. PROTECTION OF YOUR PERSONAL DATA

Personal data is information that makes it possible for you to be identified as a natural person, either directly (e.g. your surname, first name etc.), or indirectly by means of a reference number (e.g. your customer reference numbers etc.).

SDRM is committed to the protection of your personal data. It makes sure that it is in compliance with the regulations in force, as provided in the General Data Protection Regulations of 27 April 2016 (hereinafter the "GDPR"), which is applicable since on 25 May 2018, and the amended law of 6 January 1978, known as the "French Data Protection Act".

1.1 USE AND RETENTION PERIODS OF YOUR PERSONAL DATA BY THE SDRM

The personal data collected by the SDRM is processed for the purposes of managing your customer account, collecting mechanical reproduction rights and transactions related to billing, accounting and collection.

This data is processed based on the provisions of the French Intellectual Property Code (hereinafter 'IPC'). The SDRM may also have to process any personal data that you submit when you make contact with the Society. This data is processed based on the SDRM's legitimate interest in responding to requests for information, as well as any other request related to its activities.

Any personal data collected and processed in this context will be kept only for the time necessary to achieve the purpose of the processing in question, plus any applicable limitation period. This data may be shared with the following organisations:

  • SACEM, which carries out various administrative and accounting tasks on behalf of the SDRM, and which shares information with the SDRM related to performance and mechanical reproduction rights;
  • technical service providers for the SDRM site, including OVH and SIGMA, who host and maintain the site www.sdrm.sacem.fr;
  • AGESSA, the body entrusted with the management of social security issues since 1 January, 1978;
  • SOGENACTIF, a secure platform for the online payment of invoices. In addition, the terms and conditions of use that apply specifically to online payments are those published by SOGENACTIF. Please read them before using this platform to make any payments. The SDRM cannot be held responsible for any technical malfunctions of SOGENACTIF.

Personal data collected on the SDRM website is not transferred outside the EU.

The SDRM, a not-for-profit civil society organisation (CSO), does not engage in any commercial activity. Therefore your personal information is not made available, either for free or for payment, to any third parties and is not used for any kind of commercial exploitation.

  • Combating piracy - ARCOM

According to the so-called HADOPI Laws of 2009 and the regulations applicable to the protection of personal data (GDPR), Sacem, the Civil Society of Phonographic Producers (SCPP - Société Civile des Producteurs Phonographiques), the Society for the Administration of Mechanical Reproduction Rights of authors, composers, publishers, dubbing and subtitles authors (SDRM - Société pour l'Administration du Droit de Reproduction Mécanique des Auteurs, Compositeurs et Éditeurs), the Civil Society for French Producers of Phonograms (SPPF - Société Civile des Producteurs de Phonogrammes en France), and the Association for the Fight against Audiovisual Piracy (ALPA -Association de Lutte contre la Piraterie Audiovisuelle) may process personal data, via a joint system specially set up for this purpose, in order to ascertain the unlawful provision of protected works and objects committed via peer-to-peer networks. This data may then be transmitted to the Audiovisual and Digital Communication Regulatory Authority (ARCOM – Autorité de régulation de la communication audiovisuelle et numérique).

Within the framework of the joint system that they set up, Sacem, SDRM, SPPF, SCCP and ALPA are "joint data controllers", within the meaning of the GDPR : an agreement between them thus defines their respective obligations and sets out the rules for monitoring the compliance of this processing with data protection regulations, in order to guarantee enhanced data protection in the long term.

However, these organisations do not process your contact details (surname, first name, e-mail address); only ARCOM can obtain them from the relevant Internet service providers.

To exercise your rights as a data subject or to obtain more information on the processing, you can use this dedicated form.

For more information on the processing implemented by ARCOM and the graduated response system, please consult this site : https://www.arcom.fr/.

1.2 YOUR RIGHTS CONCERNING YOUR PERSONAL DATA

In compliance with the relevant regulations on personal data, you have the following rights :

  • the right of information: gives you the right to obtain additional information on how your personal data is being processed by SDRM
  • the right of access: gives you the right to access your personal data and check their accuracy
  • the right to rectification: gives you the right to to modify or complete your personal data
  • the right to erasure: gives you the right to request the deletion of your data if it is inaccurate or out of date
  • the right to restriction of processing: gives you the right to request to limit processing of any inaccurate, contested or outdated personal data
  • the right to object: gives you the right, on grounds relating to your particular situation, to object to the processing of your personal data
  • the right to the withdrawal of consent: in cases where the processing of your data has required your consent, you may withdraw it at any time
  • the right to data portability: gives you the right to request a copy of any personal data that you have submitted to SDRM, in a structured, commonly used and machine-readable format, and the right to transmit those data to another controller.
  • In addition, under the amended act of 6 January 1978, you have the right to set out specific instructions on how your personal data should be handled after your death.

In order to exercise these rights:

  • if you have a private account, you can view your personal information directly and make a number of changes;
  • you can send your request in writing to the SDRM at the following address:
    SDRM
    225 Avenue Charles de Gaulle
    92528 Neuilly sur Seine Cedex
  • Finally, you can exercise your rights by submitting the form on our site.

However, the SDRM hereby informs you that, when you exercise these rights, it is within its rights:

  • to ask you to provide additional information to confirm your identity or
  • to refuse to process applications that are manifestly unfounded or excessive, in particular if they are repetitive in nature, or will require the payment of reasonable expenses to apply the measures requested, in such a case.

Finally, if you feel, after contacting the SDRM, that your rights are being abused or that any processing carried out by the SDRM does not comply with the regulation for the protection of personal data, you can submit a complaint to the CNIL or any other competent national data protection authority, (in particular, the authority of the European Union Member State in which you usually reside, where your workplace is located, or where a violation of the GDPR has taken place).

2. COOKIES

When you first visit the "sdrm.sacem.fr" website, a banner informs you that one or more browser cookies may be automatically installed on your terminal and invites you to indicate your choice.

2.1 WHAT IS A COOKIE?

A cookie is a small text file that may be placed on your terminal (computer, tablet, mobile phone, etc.) when you visit a website or application via your browser. A cookie file allows its issuer to identify the terminal in which it is stored, for the duration of the validity or storage of the cookie.

This file is stored for a specific time on your device and your browser sends it back to the web server each time you log in to the site.

2.2 WHAT TYPES OF COOKIES DOES SDRM USE ON ITS SITE?

We use various types of cookies on our website, each with its own purpose:

  • "Strictly necessary cookies": are required for the SDRM website to work properly
  • "Performance and audience measurement cookies": collect information about website usage so that SDRM can improve the performance of their website
  • "Functionality cookies": are used to optimise your browsing experience on the SDRM website
  • "Targeting or advertising cookies and Social Network Cookies": these cookies are set by partner companies as you browse the SDRM website. They make it possible to deliver targeted advertising, based on your personal interests, while you are browsing other websites. They also make it possible for you to share SDRM content on social media sites.

For details on the cookies used on our site, purpose by purpose, please consult our Cookie Settings tool.

2.3 Cookie Settings

Thanks to our cookies banner, you can accept or refuse the placement of all cookies on your terminal.

Cookies will only be placed on your terminal if you accept them. Continuing to browse the site is equivalent to refusing to consent to the placement of cookies.

We inform you that your consent to cookies will be valid for a period of 6 months. At the end of this period, you will be asked again to make your preferences known with regard to the placement of cookies.

You also have the option to consent to cookies on a purpose-by-purpose basis via our Cookie Settings tool.

Please note that you can also change your cookie settings at any time via the tab at the bottom left of your screen.

Performance and audience measurement cookies, functionality cookies, targeted advertising cookies and social network cookies will only be placed on your terminal after you have given your express consent, via the cookie acceptance button available on our cookie banner.

On the other hand, strictly necessary cookies do not require your express consent and are placed on your terminal by default.

We would also like to inform you that you can configure your browser in such a way as to make it impossible to deposit strictly necessary cookies.

However, we draw your attention to the fact that, if you have a password protected/members-only area on the SDRM website, these cookies are necessary to guarantee that this area is secure and operates properly. As a result, if you deactivate these cookies, you will no longer be able to browse your password protected/members-only areas.

If you want to continue to use this feature, we recommend that you keep the default setting "strictly necessary cookies".

For more details on the cookies we use, and on how to manage your authorisation and cookie settings, we recommend that you use our Cookie Settings tool.