Due to its activities and legal and regulatory obligations, the Office WARGNY KATZ (the “Office”) has awareness since several years, of the protection of privacy and personal information concerning its contacts (contacts made in relation to the matters dealt with by the Office, the assignments entrusted to the Office, services in relation to our activity, professional meetings, candidatures, as well as the connections to our data room site and our website, etc.) and has always worked towards implementing and respecting a policy for data processing in accordance with the regulation in force.
The Regulation (EU) on Protection of Personal Data no. 2016/679 of 27 April 2016 applicable since 25 May 2018, reinforces and completes some legal obligations in this matter, notably those resulting from the Law on Informatics and Liberties (Loi Informatique et Libertés) of 6 January 1978, as amended (together the “Regulation”). In this framework, the Office implements new measures and thus reinforces the protection of personal data of the concerned persons. It undertakes to provide any proof of compliance that may be required by the supervisory authorities.
The purpose of the present protection policy of personal data (the “Policy”) is to inform the concerned persons clearly, simply and completely on the manner in which the Office, as the responsible for data processing, collects, keeps and uses the personal data concerning them (the “Personal Data”) and the resources that it has to control this use and exercise their rights.
1. DEFINITION OF A PERSONAL DATA
The term “Personal Data” refers to any information relating to an identified or identifiable natural person. It may concern a person who may be identified directly or indirectly notably due his physical, physiological, economic, cultural or social identity.
The Personal Data that the Office possesses concerns the following categories:
- Identification Data;
- Data on contacts and/or contact details;
- Professional life;
- Personal life;
- Information of connection and/or location;
- Financial data.
Amongst these, some may be considered as sensitive and are subject to compliance with the Regulation by the Office.
2. COLLECTING OF PERSONAL DATA
The Office is required to receive the Personal Data notably in relation to the files dealt with by the Office, the assignments entrusted to the Office, services provided in relation with our activity, professional meetings, candidatures, your arrival in our premises, as well as during your connection to our data-room site and you visiting our website, etc…
The Personal Data is that which you provide through the forms and/or requests for information from the Office, or those that are collected through the documents received or put together by the Office, whether it is in a dematerialised format or paper format.
The Office collects only the data necessary for its activities and implements the protection measures of the Personal Data as soon as it is received. Thus, the Office collects only the data and information that is relevant, adequate and limited to what is necessary with respect to the purpose for which they are dealt with.
These Personal Data are collected as of this day:
- either in paper format, in the premises of the Office or in the premises of the service provider in charge of handling our physical archives;
- or in digital format, in the servers of the Office whether those present physically in the premises of the Office or those situated in our infrastructure host.
3. PURPOSE OF THE PERSONAL DATA PROCESSING
The Personal Data is collected for determined, explicit and legitimate purpose. Depending on the cases, the Personal Data may be used for the purpose of:
- file administration, assignments, etc…
- asking, obtaining or receiving information on the Office;
- participating in our actions of communication, legal information and organisation of events;
- participating in satisfaction surveys, analyses and statistics in order to improve our services and the knowledge of our clients and prospects;
- process your candidature for a position.
The Office is also likely to use your Personal Data for administrative purposes or for any other purpose
imposed by the legislation in force.
No Personal Data may be processed without a specific purpose.
4. PERSONAL DATA PROCESSING
The Personal Data is processed by the Office in the cases authorised by the Regulation and in particular under the following conditions:
- in relation to the Notarial activity of the Office;
- when you have manifested a free, specific, informed and unequivocal consent concerning the
Personal Data processing;
- when it is necessary for the performance of a contract or precontractual measures taken at your request (such as taking charge of a file, sharing of information relating to a file, candidature, etc…);
- to comply with legal or regulatory obligations to which the Office is subject due to its Notarial activity but also under connected obligations (as for example, fight against fraud, money laundering and terrorism);
- when the legitimate interest of the Office may be of such nature as to justify a processing by it (as for example, the computer security measures, changes brought to our computer infrastructure or change in the service providers).
For the minors of less than 18 (eighteen) years, this consent must be given or authorised by the person holding the parental responsibility.
5. RECIPIENTS OF PERSONAL DATA
As the Personal Data is confidential, only the duly authorised members of the Office or the persons duly authorised by the Office may have access to it, without prejudice to their potential transmission to the bodies charged with a mission of control or investigation in compliance with the Regulation, as well as their communication to any authorised third parties.
Our service providers may also be required occasionally to process the Personal Data that is strictly necessary for the provision of services that we entrust them with (assignment, data-room services, electronic and postal distribution, logistics and restauration, etc.) and are bound by an obligation of confidentiality.
The policy of the Office is to have recourse only to service providers situated in the European Union.
However, in the event of having recourse to a service provider that is outside the European Union, the Office undertakes to verify that the appropriate measures have been put in place in order to ensure that the Personal Data is protected at a level that is compliant with the Regulation.
6. PROTECTION OF PERSONAL DATA
The Office ensures that the Personal Data is protected and secured in order to ensure its confidentiality and thus prevent them from being deformed, damaged, destroyed or disclosed to unauthorised third parties by implementing technical and organisational measures during the duration necessary for exercising the intended purpose in accordance with the Regulation.
However, no data transmission or storing is ever totally secured. Therefore, we cannot guarantee the infallible security of the information transmitted or stored on the host servers.
When the disclosure of Personal Data to third parties is necessary and/or authorised, and except in case of legal or regulatory obligations of the Office, the latter ensures that these third parties guarantee the same level of protection to the data as that which is offered to them by the Office and require the contractual guarantees so that, notably, the data is exclusively processed for the intended purposes, with the required level of confidentiality and security.
As per the Regulation, in case of proven damage to the Personal Data likely to cause a heightened risk for the rights and liberties of the concerned persons, the Office undertakes to communicate this violation to the competent supervisory authority and, when it is required by the said Regulation, to the concerned persons.
7. DURATION OF PERSONAL DATA RETENTION
The Personal Data are retained for the period necessary for implementing the intended purpose, subject to the legal possibility of archiving, obligations of conservation of certain data and/or anonymisation.
The conservation periods for some large categories of Personal Data are:
- Personal Data of the clients/prospects/business partners: as long as the use is active and at the latest 30 years after the last contact with the latter or computerised archiving of his file;
- Personal Data of connection to our data-room site: 10 years after the last connection;
- Personal Data of connection to our website: 1 year after the last connection;
- Personal Data of candidates: duration necessary for processing the candidature and, in case of a negative outcome, 3 years after the last contact (except in case of the candidate’s consent for a longer period).
8. PERSONAL DATA HOLDER’S RIGHTS
8.1. Right of access and communication of the Personal Data
You have the possibility to have access to the Personal Data that concerns you.
However, due to the obligation of security and confidentiality in the processing of the personal data that is incumbent upon the Office, you are informed that your request will be dealt with subject to you providing the proof of your identity, notably by providing a scan of a valid identity document (in case of request by dedicated electronic form) or a signed photocopy of your valid identity document (in case of a request sent in writing).
The Office informs you that it shall have the right, as the case may be, to oppose to manifestly abusive (by their number, being repetitive or systematic).
8.2. Right of rectification and deletion of Personal Data
Under this right, the Regulation authorises you to request the rectification, update, locking or deletion of the Personal Data concerning you that may prove to be incorrect, erroneous, incomplete or obsolete.
Moreover, you may define the general and specific directives to the outcome of the personal data after your demise. Where applicable, the heirs of a deceased person may require to take into consideration the death of their close relative and/or proceed with the necessary updates.
Finally, subject to the exceptions provided for by the Regulation (notably conservation necessary to comply with a legal obligation, legitimate interest of the Office to retain the data), you have the right to request the Office to delete your Personal Data, at the earliest, when one of the following grounds applies:
- your Personal Data is no longer necessary with respect to the purpose for which it was collected or otherwise processed;
- you with to withdraw your consent on which the processing of your Personal Data was based and there does not exist any other ground justifying this processing;
- you consider and may establish that your Personal Data have been subject matter of an illicit processing;
- your Personal Data must be deleted under a legal obligation.
8.3. Right to withdraw the consent to processing of Personal Data
When the Office processes your Personal Data further to your consent, it can be withdrawn at any moment. However, as per the Regulation, the withdrawal of your consent is valid only for the future and shall therefore not question the legality of the processing before this withdrawal.
8.4. Right to oppose
The exercise of this right is possible only one of the following two situations:
- when the exercise of this right is based on legitimate grounds; or
- when the exercise of this right aims to prevent that the data collected is used for commercial prospection purposes.
8.5. Delegate for data protection
The Office has designated, as per the Regulation, a delegate for data protection who is:
Cil.not, a company of the Group ADSN
SASU with a capital of 100 000 Euros – RCS Aix-en-Provence 793 219 858 Registered office: 95 avenue des Logissons – 13107 Venelles cedex
Telephone: 0800 306 212 then “autre demande” (other request) Fax: 04 42 54 42 42
e-mail: email@example.com • http://groupeadsn.notaires.fr
8.6. Exercising your rights
For any question relating to the present Policy or exercise of your rights mentioned above, you may send a letter or an email along with a copy of your identity document:
a) To the Delegate for data protection indicated above
b) To the Office:WARGNY KATZ
Maitre Marc PATUREL
9, Avenue Matignon 75008 Paris
Telephone: 01 53 81 54 54
Fax: 01 53 81 54 55
9. POLICY RELATING TO COOKIES
During your connection to the website of the Office and on the data-room site of the Office, the information relating to your surfing is likely to be registered in the file called “cookies”.
As the publisher of these sites, the Office may implant a cookie on the hard disk of your terminal (computer, tablet, mobile, etc.) in order to guarantee you a smooth and optimum browsing.
The “cookies” are small files of a limited size which allow us to recognise your computer, your tablet or your mobile in order to improve our services.
The information received through the cookies do not allow in any manner to identify you nominatively. They are used exclusively for our own needs in order to improve the interactivity and performance of our sites.
None of this information is communicated to any third party except when the Office has obtained your prior consent or when the disclosure of this information is required by the law, an order of a court or any administrative or judicial authority authorised to hear it.
Each web browser proposes its own cookie handling settings. To know how to modify your preferences in matter of cookies, you will find below the links towards help necessary to have access to the menu of your browser for this purpose:
- Chrome: https://support.google.com/chrome/answer/95647?hl=en
- Firefox: https://support.mozilla.org/fr/kb/activer-desactiver-cookies
- Internet Explorer: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-
- Opera: http://help.opera.com/Windows/10.20/fr/cookies.html
- Safari: https://support.apple.com/kb/PH21411?viewlocale=fr_FR&locale=fr_FR
For more information on the said tools for handling the cookies, you may consult the website of CNIL: https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser.