ERLAB ← Back to login

Privacy Policy

Last updated: 01/01/2025

1. Data Controller

The data controller for your personal data in connection with the use of this portal is ERLAB GROUP, headquartered in Laval (53000), France.

2. Data Processed

This customer portal provides access to your commercial data already recorded in our ERP (Odoo). We do not collect new personal data — we only display information you have previously shared with ERLAB as part of your business relationship.

  • Email address and name (login identifier)
  • Session data (kept for the duration of the session)
  • Commercial documents (quotes, orders, deliveries, invoices) — read only
  • Company profile information (address, VAT, contact)

3. Purpose and Legal Basis

Purpose Legal Basis (GDPR) Legal Basis (PIPL)
Authentication and portal access Art. 6.1.b — Contract performance Art. 13 — Contractual necessity
Viewing commercial documents Art. 6.1.b — Contract performance Art. 13 — Contractual necessity
Submitting requests (support, quotes, appointments) Art. 6.1.b — Contract performance Art. 13 — Contractual necessity
Security and logging Art. 6.1.f — Legitimate interest Art. 13 — Legitimate interest

4. Cookies Used

This portal uses only one session cookie (strictly necessary cookie). No analytics, advertising, or third-party tracking cookies are used. No consent is required for this type of cookie (ePrivacy Directive, Art. 5.3).

Cookie Purpose Duration Type
laravel_session Maintain authentication session Session (deleted on close) Necessary
XSRF-TOKEN Protection against CSRF attacks Session Necessary

5. Security Measures

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss or unintended disclosure. These measures include communication encryption, authentication session protection, defences against common web attacks, and robust access controls.

6. Your rights

In accordance with GDPR (Art. 15 to 22) and PIPL (Art. 44 to 50), you have the following rights:

🔍
Right of Access
Obtain a copy of your personal data
✏️
Right to Rectification
Correct inaccurate or incomplete data
🗑️
Right to Erasure
Request deletion in cases provided by law
⏸️
Right to Restriction
Limit processing in certain circumstances
📦
Right to Portability
Receive your data in a structured format
🚫
Right to Object
Object to processing based on legitimate interest
🇺🇸 California residents (CCPA): you have additional rights under the California Consumer Privacy Act. ERLAB does not sell personal information. Contact privacy@erlab.com to exercise your rights.

7. Contact & Complaints

To exercise your rights or for any question regarding the protection of your data, contact our Data Protection Officer (DPO):

ERLAB GROUP — DPO
📧 privacy@erlab.com
📍 ZA La Hammerais — 53170 Laval, France

You also have the right to lodge a complaint with the CNIL or the competent supervisory authority in your country of residence.

© 2026 ERLAB GROUP. All rights reserved. ← Back to login