PRIVACY AND COOKIE POLICY

Date of last update: 01/04/2026

WWW.SURGIRIS.COM is a website owned by SURGIRIS SAS, registered under SIRET number 43776081200044 in the Lille Métropole Trade and Companies Register and located at 80, rue de la Gare – 59170 CROIX, France(hereinafter referred to as the "Data Controller")..

WWW.SURGIRIS.COM is deeply concerned about the confidentiality of your personal data as Users who visit and browse our Site. That is why we, the WWW.SURGIRIS.COM Site, strive to respect your rights as set out in the General Data Protection Regulation 2017/679 (GDPR) and the ePrivacy Directives of the European Parliament and Council, as well as Law No. 78-17 of January 6, 1978, known as the Data Protection Act, amended by Law No. 2018-493 of June 20, 2018, relating to the protection of personal data.

  • Article 1 – Definitions

§1. "Personal data" or "personal information": any information relating to an identified or identifiable natural person (hereinafter referred to as "data subject"); An "identifiable natural person" is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

§2. "processing" means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;

§3. "controller" means the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union or Member State law, the controller may be designated or the specific criteria for its designation may be laid down by Union or Member State law;

§4. "Processor" means a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller;

§5. "recipient" means the natural or legal person, public authority, agency, or any other body to whom personal data are disclosed, whether a third party or not. However, public authorities 4.5.2016 L 119/33 Official Journal of the European Union EN which may receive personal data in the context of a specific investigation in accordance with Union or Member State law shall not be considered recipients; the processing of such data by those public authorities shall be in accordance with the applicable data protection rules for the purposes of the processing;

§6. "Consent" of the data subject means any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

§7. "personal data breach" means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;

§8. "Cookie": a cookie is a text file that is automatically stored in the browser of any User when visiting a website. This text file may contain personal data and/or information relating to the User's browsing.

  • Article 2 – Purpose

The purpose of this Privacy and Cookie Policy (hereinafter the "Policy") is to define the terms and conditions for the collection, storage, processing, and deletion of personal data (hereinafter "personal data") of any natural person (hereinafter the "User") who uses or simply browses the Website.
The Data Controller assures the User that it will take all necessary measures to ensure compliance with the provisions of the General Data Protection Regulation 2017/679 of the European Parliament and of the Council dated April 14, 2016, by ensuring compliance with retention periods, the necessity of collecting the aforementioned personal data, and the confidentiality of the personal data collected (hereinafter the "Regulation" or the "GDPR").

  • Article 3 – User Consent

This Policy must be read and accepted by all Users visiting the Website. By clicking on the box marked "read and accepted" referring to this Policy upon arrival on the Website, the User acknowledges that they have read and give their free, informed, and unambiguous consent to the processing of their personal data.
The User may, at any time, and without justification or prejudice, withdraw their consent to this Privacy and Cookie Policy. The User may exercise their right to withdraw consent to this Policy by notifying the Data Controller at the following email address: info@surgiris.com.
This withdrawal of consent will take effect when the Data Controller receives notification of the User's withdrawal of consent.

  • Article 4 – Data collected

When visiting and using the Website, certain personal data relating to Users may be collected by the Data Controller, in its capacity as Data Controller, or by one or more processors acting on behalf of and for the account of the Data Controller.

§1 – Means of collection
The User's personal data is collected by the following means:

  • When the User provides them to
    Either by (1) filling out the contact form; or (2) filling out the registration form for a user account.
  • Through automated collection
    When the User browses the Website, the Data Controller automatically records certain information relating to the User's preferences and use of the Website. Cookies are used when the User browses the Website to collect this information automatically.

§2 – Type of data collected
The personal data that may be collected includes:

  • User's email address
  • User's First and Last Name
  • The User's phone number
  • Country of location of the User
  • Any information that the User provides via the contact forms or contact details of the Data Controller available on the Website
  • The User's browsing preferences on the Site

§3 – Recipients of the data
The recipients of the personal data are:

  • the Data Controller
  • the internal employees of the Data Controller acting on its behalf
  • the subcontractor of the Data Controller responsible for hosting the Website domain
  • any person legally or administratively authorized (e.g., judicial authorities)

 

  • Article 5 – Data processing

§1 – Legal basis for processing
The processing of Users' personal data via the Website must necessarily be justified by one of the conditions set out in Article 6 §1 of the Regulation. In accordance with the Regulation, Users' personal data will only be processed if one of the following conditions is met:

  • The User has given their consent: the User concerned has consented to the processing of their personal data for one or more specific purposes;
  • The performance of the contract requires it: processing is necessary for the performance of a contract to which the User concerned is party or in order to take steps at the User's request prior to entering into a contract;
  • Compliance with the law requires it: processing is necessary for compliance with a legal obligation to which the controller is subject;
  • Legitimate interest justifies it: processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, unless the interests or fundamental rights and freedoms of the User concerned, which require protection of personal data, prevail, in particular where the User concerned is a minor.

§2 – Purposes of processing and data retention period

In accordance with Article 13 of the Regulation, the reason for and duration of the storage and processing of personal data must be justified by a valid purpose, in addition to one of the legal bases mentioned above.

1. Regarding data collected for commercial prospecting purposes by the Data Controller and for responding to contact/quote requests

  • Shelf life: 3 years
  • Archiving: N/A
  • Legal basis: Legitimate interest of the data controller

2. Regarding data collected for the purposes of order management and payment, access to digital content related to orders, and billing

  • Shelf life: 3 years
  • Archiving: 5 years
  • Legal basis: Performance of the contract by the data controller

3. Regarding data collected for fraud prevention purposes

  • Shelf life: 3 years
  • Archiving: 5 years
  • Legal basis: Legitimate interest of the data controller

4. Regarding data collected for the purpose of ensuring the Data Controller's compliance with its accounting and tax obligations

  • Shelf life: 3 years
  • Archiving: 7 years
  • Legal Basis: Compliance with the law

5. Regarding data collected for the purpose of facilitating user navigation and promoting products related to the Customer's preferences (cookies)

  • Retention period: 13 months from the date the cookies are placed on the user's browser
  • Archiving: N/A
  • Legal basis: Consent

 

  • Article 6 – Data protection measures

In accordance with Articles 5 and 32 of the Regulation, the Data Controller is required to ensure the security of the personal data of Users that it stores and processes.
The Data Controller shall maintain a register containing all personal data collected from Users. The Data Controller affirms that it implements all necessary security measures to protect the personal data of Users contained in this register and to prevent any violation of the User's personal data.
To this end, the Data Controller assures Users that it has undertaken a study of the risks associated with the storage and processing of Users' personal data in order to implement adequate security measures as follows:

  • By enabling the pseudonymization and encryption of the User's personal data
  • By implementing measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services;
  • By implementing measures to restore the availability of and access to personal data within appropriate timeframes in the event of a physical or technical incident;

By ensuring the use of a procedure to regularly test, analyze, and evaluate the effectiveness of technical and organizational measures to ensure the security of processing.
The Data Controller assures Users that the data it stores and processes is stored within the European Union, in a Member State subject to the Regulation.
In the event of a breach of the User's personal data, the Data Controller undertakes to notify the competent supervisory authority of this breach within 72 hours in accordance with Articles 33 and 34 of the Regulation.

  • Article 7 – Cookies

1 – Purpose of using cookies
As explained above, a cookie is a text file automatically stored in any User's browser when visiting a website. This text file may contain personal data and/or information relating to the User's browsing.
The cookies used on the Site are intended solely to improve your browsing experience as a User. The cookies used facilitate your browsing by storing some of your personal data when you access and browse the Site. Three types of cookies are used on the Site, their purpose varying according to their type:

  • Functional cookies: these cookies enable your data entered during authentication or searches on the site to be stored.
  • Advertising cookies: these cookies identify Users' consumption and search habits and preferences in order to offer them advertising content related to their personal preferences.
  • Security cookies: these cookies enable the security of Users' personal data by ensuring the encryption of data contained in other cookies.

§2 – Cookies used, lifespan, and function
Each cookie used on the Website is identifiable by a name. Each cookie has a lifespan, i.e., a period after which it disappears and ceases to be active, forgetting any personal data it stored. Each cookie also has a function, i.e., a purpose that justifies its placement on the Website.
Here is a list of the cookies used on the Website with their names, lifespans, and functions:

1. Cookie: CONSENT
Lifetime: 24 months
Provider: google.com
Function: Used to detect whether the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for the website's compliance with the GDPR.

2. Cookie: rc::a
Lifetime: Persistent
Provider: google.com
Function: This cookie is used to distinguish humans from robots. This is beneficial for the website in order to create valid reports on the use of their site.

3. Cookie: rc::c
Lifetime: Session
Provider: google.com
Function: This cookie is used to distinguish humans from robots.

4. Cookie: CookieConsent
Lifetime: 12 months
Provider: surgiris.com
Function: Stores the user's consent to the use of cookies for the current domain.

5. Cookie: has_js
Lifetime: Session
Provider: surgiris.com
Function: Records whether or not the user has enabled JavaScript in their browser.

6. Cookie: visitor
Lifetime: 12 months
Provider: surgiris.com
Function: Stores user settings across page requests.

7. Cookie: CONSENT
Lifetime: 24 months
Provider: youtube.com
Function: Used to detect whether the visitor has accepted the marketing category in the cookie banner. This cookie is necessary for the website's compliance with the GDPR.

8. Cookie: _ga
Lifetime: 399 days
Provider: surgiris.com
Function: Records a unique identifier used to generate statistical data on how visitors use the site.

9. Cookie: _gat
Lifetime: 1 day
Provider: surgiris.com
Function: Used by Google Analytics to drastically reduce the request rate.

10. Cookie: _gid
Lifetime: 1 day
Provider: surgiris.com
Function: Records a unique identifier used to generate statistical data on how visitors use the site.

11. Cookie: visit
Lifetime: 1 day
Provider: surgiris.com
Function: Unique user identifier allowing the user to be recognized on subsequent visits.

12. Cookie: DEVICE_INFO
Lifetime: 179 days
Provider: youtube.com
Function: Allows YouTube to identify the type of device with which the user connects to the Site.

13. Cookie: VISITOR_INFO1_LIVE
Lifetime: 179 days
Provider: youtube.com
Function: Attempts to estimate user bandwidth on pages with embedded YouTube videos.

14. Cookie: YSC
Lifetime: Session
Provider: youtube.com
Function: Attempts to estimate user bandwidth on pages with embedded YouTube videos.

15. Cookie: ytidb::LAST_RESULT_ENTRY_KEY
Lifetime: Persistent
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos

16. Cookie: yt-remote-cast-available
Lifetime: Session
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

17. Cookie: yt-remote-cast-installed
Lifetime: Session
Provider: youtube.com
Function: Stores the user's video playback preferences for embedded YouTube videos.

18. Cookie: yt-remote-connected-devices
Lifetime: Persistent
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

19. Cookie: yt-remote-device-id
Lifetime: Persistent
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos

20. Cookie: yt-remote-fast-check-period
Lifetime: Session
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

21. Cookie: yt-remote-session-app
Lifetime: Session
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

22. Cookie: yt-remote-session-name
Lifetime: Session
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

23. Cookie: api/v1/analytics/create
Lifetime: Session
Provider: youtube.com
Function: Stores user video playback preferences for embedded YouTube videos.

§3 – Managing cookies: enabling and disabling
Users can manage cookies at any time in the browser they are using. Users can enable or disable them at any time. The means of managing cookies depends on each browser. To facilitate the management of Users' cookies, below is an explanatory guide to managing cookies on the main browsers used by Users:

  • Google Chrome: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=fr
  • Safari: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
  • Mozilla Firefox: https://support.mozilla.org/fr/kb/activer-ou-desactiver-les-cookies on-firefox-for-android
  • Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies

 

Article 8 – User Rights

The User has the right to request from the Data Controller access to their personal data, the rectification or erasure thereof, or a restriction on processing relating to the User concerned, or the right to object to processing and the right to data portability.
The User has the right to withdraw their consent to the processing of their personal data at any time. This withdrawal of consent will take effect when the Data Controller receives notification of the User's withdrawal of consent.
The User has the right to lodge a complaint with the French Data Protection Authority (CNIL) using the contact form available on the following website: https://www.cnil.fr/fr; or to the Directorate-General for Competition, Consumer Affairs and Fraud Control via the contact form available at https://www.economie.gouv.fr/dgccrf.
Users may also exercise their rights as set out above in relation to this Policy by notifying the Data Controller at the following email address: info@surgiris.com.

MERCASAFE© License Agreement: MS 1001-179023

Welcome to the Surgiris website

This site is intended for healthcare professionals only.
I certify that I am a healthcare professional.

Yes
No