According to the Data Protection Act No. 78-17 of January 6, 1978 such as it currently stands, and to Regulation No. 2016-679 of April 2016 on the protection of individuals regarding the processing of personal Data and on the free movement of such Data, the “GDPR” (hereinafter referred to as the “Regulation”), Emeria, acting as Data processing Controller (hereinafter referred to as “Emeria” or ”We ”) is committed to protecting and respecting your privacy.
The Policy aims at informing you about the categories of personal Data that are collected or stored, how that Data is used, to whom that Data is disclosed, how we protect it, and the rights you have regarding your personal Data, in accordance with the current Regulation.
1. The Data that is collected on this site.
By using the Site, you may transmit information, some of which could identify you and, therefore, constitutes personal Data (hereinafter referred to as the “Data”) as defined by GDPR. This is most notably the case when you create your account on the Site or use the Site.
This information includes the following data in particular:
- Account-related Data: refers to Data and personal information that is provided by you when creating an account and filling in the registration form, e.g. first name, last name, occupation, email address and phone number.
- Navigation-related Data: refers to data that we collect when you browse the site, such as date and time of connection and/or navigation, browser type, browser language, and IP address.
2. For what purpose is the Data collected?
The Data collected on this site is in order to:
2.1 Enable you to use the Site and receive responses to your enquiries.
On basis of your consent, we will process your request using your personal Data when you use the Site.
To use some of the services or features available on our Sites, you may be asked to provide additional Data. Additional consent will be required from you before your Data is used.
2.2 Enable you to access the required service.
If you contact our Investor Relations department, your Data will be used to resolve your problem or to answer your requests.
Rest assured that you will be able to oppose the processing of your personal Data at any time, by contacting the Investor Relations department, or the Data Protection Officer (DPO) at the following email address: firstname.lastname@example.org.
2.3 Allow us to ensure and improve the functioning of our sites and services.
Your personal Data is useful to us to ensure that our sites are operational, and that we provide better service.
We may use your personal Data regarding the way you use our sites and services to enhance your user experience and help us highlight potential technical problems.
The legal basis for this processing is our legitimate interest.
2.4 Help us better understand your behavior and preferences, and so be able to meet your needs and expectations.
Based on your consent, we use Data regarding the way you use our sites to:
- understand your behavior and preferences; for instance, the way in which information is sought, and our services are found.
- understand the best ways to organize and present our offers and services on our sites and in our agencies.
When collecting the Data, we will inform you if some information is required or if it is optional. Mandatory Data is marked with an asterisk on the form.
Without this mandatory Data, processing requests may be restricted.
3. What are the conditions concerning cookie management?
When the Site is consulted, cookies are stored on your computer, your tablet, or any other device you may be using. Cookies are used according to their function and in the following mentioned goals.
Cookies and trackers are used to collect Data, which may include your (i) IP address; (ii) unique identification cookie, information cookie and information about your equipment contents to access some characteristics; (iii) unique identification number of your equipment and configuration type; (iv) domain, browser type and language; (v) operating system and settings; (vi) country and time zone; (vii) previously viewed sites; and (viii) access times and referring URL.
We hereby inform you that third parties, such as Google, may collect Data as well on our Sites through cookies, plugins, and widgets.
These third parties collect Data directly from your browser and Data processing is subject to their own privacy policies.
Four categories of cookies are generally used on our sites:
- functional cookies: These cookies are required for basic operations of the site and, consequently, are always active. This includes cookies that make it possible to recognize you when you visit our sites during a single session, or, if you wish, from one session to the other. They allow the online subscription process to be implemented, as well as secure exchanges and ensure respect of the policy.
- performance cookies: These cookies help us improve our sites’ features by monitoring their usage. In some cases, these cookies may help improve request processing speed, thanks to the storage of your pre-selected preferences. Refusing these cookies may result in less accurate recommendations and slower site performance.
- advertising cookies: Advertising cookies (from third parties) collect Data to better adapt advertising content to your interests, both on our sites, and outside. In some cases, these cookies need some personal Data processing. Refusing these cookies may result in advertising that is not relevant.
- Social media cookies: These cookies enable you to log on to your social media accounts and share content there from our Sites. Should you sign in to our services while using the social media feature at your disposal, we will access some of your account Data on that channel (such as your first name, last name, photography, email address, number of Facebook friends), in compliance with the general terms and conditions of the social media channel concerned. We may also collect some of your Data when you interact with some of these social media features, such as “like”. Refusing these cookies may preclude effective log on to Facebook, Twitter, or other social media, and/or prevent you from sharing content on them.
Since each browser is different, you should check the “Help” menu of your browser to learn how to alter your cookie preferences.
Should you refuse the cookies, access to our sites numerous contents may be less effective and some of our services may not function correctly.
The consent you have provided will be valid for a duration of thirteen (13) months, starting the first day of storing data on your device, following your official consent.
4. Who are the recipients of the Data we collect and why do we share it?
Data transferred to third parties, authorities and/or public services.
We collaborate with third-party companies, allowing access to your Data, namely with:
- third-party service providers processing personal Data on the Group’s behalf, e.g. data hosting, managing, and handling, email display, research, and analysis, and the management of some services and features.
- other third parties when necessary, in order to: (i) comply with a legal or administrative request, or the enforcement of a law; (ii) prevent illegal use of our sites; (iii) defend ourselves against third parties’ claims; (iv) help in fraud prevention.
5. How long do we store your Data?
Your Data will not be held for longer than required for Data processing purposes as defined in the Policy and therefore, is held in accordance with the current regulation.
In this respect, Data used to answer your requests are stored during the processing of your request then archived in accordance with all statutory periods of limitation. As mentioned, technical Data for site management purposes and with the objective of better understanding your behaviour and preferences is stored thirteen (13) months starting the day of the User’s consent.
Your Data is erased when the storage durations expire. Nevertheless, your Data may be archived longer than the aforementioned periods of retention, for research, establishing and prosecuting criminal offenses for the sole purpose of allowing, when required, the provision of your Data to a judicial authority.
Data archiving means that your Data will no longer be searchable online but will be extracted and retained on an independent secured storage medium.
6. Will your Data be transferred? If so, how, and where?
Your Data may be transferred from a country located in the European Union towards a country located outside the European Union.
When we transfer your Data outside the European Union, we will always do it in a secured and legal manner, i.e.:
- either transferring the Data to a recipient located in a country on which a decision of adequacy has been made by the European Commission which ensures it applies an adequate level of protection.
- either processing or having processed the European model contract clauses, which have been approved by the European Commission as ensuring your Data an adequate level of protection.
- either using internal binding corporate rules validated by competent Data Protection Authorities.
- or by means of all accurate guarantees referred to in Article 46 of the Regulation.
You may access these documents by contacting us at the address referred to in Article 10 of this document.
7. How is your Data protected?
We take adequate measures regarding technique and organization to forbid unauthorized access, alteration, disclosure, or destruction of your Data. It is important that you preserve your login confidentiality to avoid illegal use of your account.
8. What are your rights regarding your Data?
In accordance with the applicable laws and rules regarding Data Protection, you have some rights regarding your Data, such as:
A right to access and information: You may be informed in a concise, transparent, comprehensible, and easily accessible way about your Data processing. You are also entitled to (i) confirmation that your personal Data is processed and if so, (ii) access to a copy of that Data.
A right to rectification: you have a right to have inaccurate Data about yourself rectified, by providing an additional declaration. If this right is exercised, we are committed to communicate any correction to all your Data recipients.
A right to erasure: in certain cases, you may obtain the erasure of your Data. But this is not an absolute right, and we can store this Data for legal and legitimate reasons.
A right to processing limitation: in certain cases, you may obtain the limitation of your Data processing.
A right to Data portability: You may receive the Data that with which you provided us in a structured form, commonly used and readable by a machine, for your personal use or to transfer it to a third person of your choice. This right applies only if your Data processing is based on your consent, on a contract or if processing is done by automatized means.
A right to oppose handling: You may at any time oppose the handling of your Data for processing based on our legitimate interest, a public interest task, and for commercial prospection purposes.
This is not an absolute right, and your opposition request may be refused for legal and legitimate reasons.
The right to withdraw your consent at any time: You may withdraw your consent to your Data processing when processing is based on your consent. Consent withdrawal does not jeopardise processing legality based on consent given before this withdrawal.
The right to lodge a complaint with a supervisory authority: You may contact your Data Protection Authority to file a complaint about our Data protection practices.
The right to give instructions regarding the future of your Data after your death: You may give us instructions regarding your Data processing after your death.
To exert the rights mentioned above, you may directly contact the Investor Relations Department, or the Data Protection Officer (DPO) at the following email address: email@example.com..
Please note that we can demand credentials from you so that you can exert these rights.
If you think we have not respected your rights, you may contact the CNIL (the French Data Protection authority) at http:/www.cnil.fr, or at the following address: CNIL – 3 place de Fontenoy – TSA 80715 – 75334 Paris CEDEX 07.
9. Modification of our Policy
It may happen that we occasionally modify the current Policy, to comply with regulatory, jurisprudential, editorial, or technical changes. If so, we will change the last update date and will mention the date the modifications were carried out. When necessary, we will inform you and/or request your agreement. We advise you to regularly consult this page to remain informed about possible modifications or updates to our Policy.
For any question regarding the current Policy or any request regarding your Data, you may contact us:
- by sending an email to our Data Protection Officer at the following address: firstname.lastname@example.org. ;
- or by sending a letter to the following postal address:
ATTN: Data Protection Officer (DPO)
13 avenue Le Brun 92160 Antony
Updated version: 1 January 2022