sigle

Personal data processing policy

Introduction

The Personal Data Processing Policy (hereinafter the "Policy") is intended to provide visitors and users (hereinafter "Users") of the website published by Stratégies & Publics (hereinafter the "Site") with information on how Stratégies & Publics processes and protects their personal data (hereinafter "Personal Data") collected through the Site.

The Personal Data collected by the Site will only be used for the purposes listed in the aforementioned Policies and will not be used for other purposes without your consent.

The protection of Personal Data is very important to Stratégies & Publics. Therefore, we process Personal Data in accordance with regulatory and legal provisions, including Regulation (EU) No 2016/679 of April 27, 2016 (known as the "General Data Protection Regulation" or "GDPR") and Law No 78-17 of January 6, 1978 (known as the "Data Protection Act") as amended by Law No 2004-801 of August 6, 2004.

Therefore, within the framework of these Policies, Stratégies & Publics must be considered as the Data Controller within the meaning of Article 4(7) of the GDPR.

For any questions regarding the processing, collection, and protection of Personal Data, you can contact Stratégies & Publics at the following address: administration@strategiesetpublics.com

The Policies only cover the Personal Data collected by the Site, accessible at the following URL: www.strategiesetpublics.com. Stratégies & Publics may include hyperlinks on its Site. In this sense, Stratégies & Publics is not responsible for the content or personal data processed or disseminated through other sites.

 

Policy on the Processing of Personal Data on the Site

 

What Personal Data are we likely to process?

 

Personal Data is defined by Article 4(1) of the GDPR as "any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more specific elements specific to his physical, physiological, genetic, mental, economic, cultural or social identity;."

Through the Site, Stratégies & Publics collects the following Personal Data:

  • Identity: name, first name
  • Contact: phone number, email address
  • Professional information: company name
  • Content of messages/requests sent via our contact form

 

For what reasons do we process this data?

The processing purposes are the reasons why the Data Controller collects Personal Data.

Regarding the Personal Data collected via the Site, the purposes are as follows:

  • Respond to requests that Users send us through the contact form;
  • Ensure the proper functioning of the Site and track statistics related to its visit (see II. Cookie Policy);
  • Carry out maintenance and preserve the integrity and security of the Site;
  • Process and respond to Users' exercise of their rights.

On what legal basis do we process your Personal Data?

Any processing of Personal Data must be lawful. To do this, Article 6(1) of the GDPR lists the legal bases on which all processing must be based.

Stratégies & Publics bases the processing of Personal Data processed through the Site on the following legal bases:

  • Performance of pre-contractual measures: in the event that, as a User, you contact Stratégies & Publics through its Site, for commercial purposes or related to its services;
  • Our legitimate interests: in the event that Stratégies & Publics processes a spontaneous application transmitted through our Site;
  • Performance of contractual measures: when functional and/or technical cookies are deposited on the Site;
  • Consent: for the use of certain cookies;
  • A legal obligation: when the User exercises their rights regarding their Personal Data (defined in point 5).

Do we share your data with third parties?

Users' Personal Data is not transmitted to third parties.

However, Users' Personal Data on the Site may be transmitted:

  • In the event of a merger, acquisition, or sale of all or part of Stratégies & Publics' assets;
  • When required by law, to respond to requests from judicial or administrative bodies, government authorities, or courts.

In the event that third-party services are necessary to ensure the maintenance, integrity, or security of the Site, hosting, backup, administration, processing, or management of Personal Data, these third parties may only access this Personal Data if such access is necessary to provide the service in question.

In any case, such access will be provided in accordance with applicable regulatory and legislative provisions, including the GDPR and the Data Protection Act.

What are your rights regarding your Personal Data? How to exercise them?

Your rights

In accordance with Articles 12 to 23 of the GDPR, Users, as data subjects, have several rights regarding their Personal Data.

Their rights are as follows:

  • Right of access: this right allows the User to request a comprehensive list of all Personal Data that Stratégies & Publics holds about them.
    The User can also exercise this right to verify the accuracy of the Personal Data, and if necessary request their rectification or deletion. In exercising this right, no legitimate reason can be requested by the Data Controller from the User.
  • Right to rectification: to ensure the accuracy of Personal Data and prevent Stratégies & Publics from processing inaccurate or incomplete data, the User can also request their rectification.
  • Right to erasure: the User can request that Stratégies & Publics delete or erase their Personal Data. However, this right is not absolute as Stratégies & Publics may be legally required to retain some of your Data. Deletion of Personal Data can be requested in the following cases:
    • If the User has withdrawn their consent to the processing of their Personal Data;
    • If the User has validly objected to the processing of their Personal Data;
    • When the Personal Data processed by Stratégies & Publics is no longer necessary for the processing purposes (see point 2);
    • If the Personal Data is processed unlawfully.
  • Right to object: the right to object is possible where Personal Data is processed on the basis of the legitimate interests of the Data Controller (see point 3). In this case, the User can, at any time, object to the processing of their Data.
    Stratégies & Publics may, however, refuse to comply with the request, on a case-by-case basis, for reasons related to a legitimate and compelling reason or if such processing is necessary for the establishment, exercise, or defense of a legal right.
  • Right to restrict processing: the right to restriction complements the exercise of other rights available to the User. If the User disputes the accuracy of the data used by Stratégies & Publics or opposes the processing of their Personal Data, the law allows the Data Controller to verify or examine your request for a certain period. During this period, the User has the option to request that Stratégies & Publics freeze the use of their Personal Data. In practice, Stratégies & Publics must no longer use the Personal Data but must retain it.
    Conversely, the User can directly request the restriction of certain Personal Data in cases where the Data Controller wishes to delete them. This will allow them to keep the data, for example, to exercise a right.
  • Right to data portability: you can request to retrieve the data you have provided to a platform, for personal use or to transmit it to a third party of your choice. This right applies to:
    • Data collected with your consent, and
    • Data collected in the context of a contract (pre-contractual and contractual measures).
  • Right to withdraw consent: if the User's Personal Data is processed based on consent (see point 3), they can withdraw their consent at any time.

 

How to exercise your rights?

If you wish to exercise any of the rights listed above, you can send a request to the following address: administration@strategiesetpublics.com

Stratégies & Publics will endeavor to respond to your request as soon as possible.

If you believe that we are not complying with this Policy, or are not satisfied with how we have handled your request, or if we have refused your request, you may file an official complaint with the National Commission for Data Protection and Liberties on their website (CNIL).

However, before filing a complaint, we invite the User to contact Stratégies & Publics at the aforementioned email address.

How long do we retain your Personal Data?

The retention period of Personal Data varies depending on the nature of the Data and the processing purpose in question.

Stratégies & Publics retains Users' Personal Data in accordance with applicable regulatory and legislative requirements, including the GDPR and the Data Protection Act.

In the case of requests sent via the contact form, Personal Data will be kept for the time necessary to process the request.

In the event that an application is submitted via the contact form, Personal Data will be retained:

  • For a period of two (2) years from the last contact between the User and Stratégies & Publics if the application is not accepted, unless the User, considered as a candidate, refuses such retention;
  • For the entire duration of the contract between the User who becomes an employee and Stratégies & Publics if the application is accepted.

In the case of a simple visit to the Site by a User, the data retention period cannot exceed thirteen (13) months, as this data is collected by Cookies, as defined in our Cookie Policy.

In any case, Personal Data is retained for the entire duration of the contractual or pre-contractual relationship. Once this period has expired, either the last contact or the end of the contract, the Data will be archived for the legal prescription period, which is five (5) years in France.

Security and storage of Personal Data?

Security of Personal Data

The security of Users' Personal Data is very important to Stratégies & Publics.

Stratégies & Publics uses various methods, such as firewalls, intrusion detection software, and manual security procedures, to protect your data against loss or damage, to help protect the accuracy and security of Personal Data, and to prevent unauthorized access or misuse.

If a User believes that the Site or any Personal Data is not secure or that there has been unauthorized access to the Site or their Personal Data, please contact the Data Controller as soon as possible at the following address: administration@strategiesetpublics.com.

Storage of Personal Data

Users' Personal Data is stored with the website host.

Global Switch, 7-9 rue Petit, 92582 Clichy Cedex, France (http://www.global-switch.com.fr/locations/paris.fr.html)