personal data protection policy
The Sofinord Group, of which Armonia is a subsidiary, is committed to build a relationship of trust with its customers, partners, and employees. In this context, the Sofinord Group is committed to ensure the highest level of protection of your Personal Data.
This policy expresses Armonia's commitment to respect the French Data Protection Act of January 6, 1978, as well as the General Data Protection Regulation (GDPR: n° 2016-679). It will allow you to know more about the collection and processing of your personal data, as well as your rights regarding those data.
Definitions
"Personal data": A personal data is any information relating to an identified or identifiable individual. But, because it concerns individuals, they must have control over it. An individual can be identified:
- directly (example: first and last name);
- indirectly (e.g., by a telephone number or license plate number, an identifier such as a social security number, a postal or e-mail address, but also by voice or image).
“Processing”: Processing covers a wide range of operations performed on personal data, including by manual or automated means. It includes the collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction of personal data.
“Data controller": The data controller is the legal or natural person who determines the purposes and means of a processing operation, i.e., the objective and the way it is carried out.
"Purpose of processing": The purpose of processing is the main objective of the use of personal data. Data is collected for a specific and legitimate purpose and must not be further processed in a way that is incompatible with that initial purpose.
"We": refers to the entity of the Sofinord Group that operates the personal data processing activities.
Who is the data controller of your data?
For the Personal Data collected in the context of browsing the Website, the controller of the Personal Data is: Armonia, a subsidiary of the Sofinord group.
As the data controller of the data we collect, we are committed to respect the applicable legal provisions. In particular, it is our duty to establish the purposes of data processing, to provide our prospects and customers, as well as our employees, job applicants or Internet users, with detailed information on the processing of their personal data, and to maintain a record of the processing in accordance with reality.
What personal data do we collect?
When you browse the website, we may collect the following data:
- The information you provide by filling out the contact forms or by contacting us via an e-mail address (last name, first name, e-mail address, and any other information you give to us).
- Information you provide when applying for a job at [Insérer filiale]: your last name, first name, e-mail address, curriculum vitae, and any other optional information you may wish to share with us.
- Cookies, when you consent to their collection. Some cookies are mandatory and needed for the good functioning of the website, others are optional and require your consent. You can at any time revoke your consent and choose the cookies you accept by clicking on the yellow icon at the bottom left of the website.
- Social networks: on our website, you can access our dedicated pages on social networks by clicking on icons (for example, Facebook, Instagram, Twitter, or LinkedIn). When you click on these icons and decide to follow us on one of these social networks, we will be able to access the personal data you have chosen to make publicly visible on your profiles.
- IP addresses: This is an identifier that some electronic devices use to identify and interact with each other on the Internet. When you visit our website, we may use the IP address of the device you are using to connect to it. We use this information to determine the approximate physical location of the device and to understand the geographic region from which visitors to the site are coming.
- Statistics: Our website may use Google Analytics to compile statistical reports, which allow us to see how many visitors have visited the website, which pages have been visited, and from which geographic area the visitors come. Information collected using statistics may include, for example, your IP address, the website from which you arrived at our website and the type of device you are using. We do not use any of this information to identify visitors and we do not share it with third parties.
In any case, we do not sell any of the personal data we collect.
Purpose of the collected data
We may process your personal data for the following purposes:
Purpose of the processing
Recruitment and hiring management
Legal basis of the processing
- Our legitimate interest in recruiting profiles adapted to our needs
- Your consent to send us your application
- Compliance with legal obligations
- The execution of the contractual relationship when you are hired by Armonia
Data retention period
- If you are recruited: for the duration of the contractual relationship
- If you are not recruited and recruitment is envisaged in the future: 2 years from the date of the submission of your application
- If no recruitment is considered: only for the duration of the recruitment process
Purpose of the processing
- Recruitment and hiring management
- Answer your information requests, your quotation requests, or your contact requests
Legal basis of the processing
- Our legitimate interest in responding to your requests, to offer you the best quality of service
Data retention period
Maximum 3 years from the last contact or data collection
- Where applicable, the execution of the contractual relationship we have with you
Purpose of the processing
To improve your experience on our website
Legal basis of the processing
- Our legitimate interest to offer you the best quality of service
Data retention period
Maximum 12 month from the last contact or data collection
What are your rights?
In accordance with the existing regulations, you have the following rights regarding your personal data:
- Right of access and rectification, update, completeness of your personal data. Right to block or delete your personal data, when they are inaccurate, incomplete, ambiguous, outdated, or if their collection, use, communication, or storage is prohibited
- Right to withdraw your consent at any time
- Right to restrict the processing of your data
- Right to object to the processing of your data
- Right to the portability of the data you have provided, where such data are subject to automated processing based on your consent or on a contract
- The right to determine the fate of your data after your death and to choose a third party to whom we should communicate your data.
As soon as we are informed of the death of a user and in the absence of instructions from him/her, we undertake to destroy his/her data, except if their conservation is necessary for probatory purposes or to meet a legal obligation.
If you wish to know how we use your personal data, ask to correct them or if you wish to exercise any other right regarding your personal data, you can contact our DPO at the following address: dpo@sofinord.com
In this case, you must specify your request. If your request concerns a correction, an update, or a deletion, please indicate the personal data you wish us to correct, update or delete. If we are unsure of your identity, we may ask you to provide a copy of your identity document (ID card or passport or any other equivalent document).
Requests for the deletion of Personal Data will be subject to the obligations imposed by law, in particular regarding the conservation or archiving of documents. Lastly, you can file a complaint to the supervisory authorities, and in particular to the CNIL.
Data transfer outside EU
As a general rule, we do not transfer any personal data about you to a country outside the European Union. However, in the event of a transfer of your personal data outside the European Union, we are committed to informing you of the transfer in advance. We also undertake to take all necessary measures to ensure a sufficient and appropriate level of data protection.
Security
We undertake to take all necessary precautions to preserve the security of your data, and to take all reasonable steps to protect it against loss, misuse, unauthorized access, disclosure, alteration, or destruction. However, if an incident affecting the integrity or confidentiality of your personal data is brought to our attention, we will inform you as soon as possible and inform you of the corrective measures taken.
To ensure the security and confidentiality of Personal Data, our site uses networks protected by standard devices such as firewalls, pseudonymization, encryption and passwords.
Incident report
Despite our best efforts, no method of transmission over the Internet and no method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify affected users so that they can take appropriate action. Our incident notification procedures take into account our legal obligations, whether at national or European level. We are committed to fully inform you of all matters relating to the security of your data.
Applicable law and jurisdiction
Any dispute relating to the use of the website is subject to French law. Except in cases in which the law does not allow it, exclusive jurisdiction is given to the competent courts of Paris.
Update of our policy
In the event of changes in regulations, or in the processing of personal data on this website, we may update or revise this policy.
Contact
If you have any questions regarding this policy, the processing of your personal data, or if you wish to exercise your rights, you can contact the Data Protection Officer of the Sofinord Group at the following address: dpo@sofinord.com