FR | EN

FR | EN

Cookies and data protection policy

Cookies

Our website uses cookies designed to improve your user experience. No commercial use is made of your personal data. Your consent can be given and withdrawn at any time. The cookies can be disabled by clicking on the link below : by clicking on the link below.

 

Personal Data Management Policy

The Hexagone group attaches the utmost importance to the protection of privacy and ensures the protection of your personal data. The group is committed to respecting confidentiality and, more generally, to protecting the personal data that is collected and processed in the course of our exchanges.

The companies of the Hexagone group are thus subject to the applicable rules on the protection of personal data and in particular the European Regulation 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as “GDPR”) and the law n° 78-17 of 6 January 1978 on information technology, files and freedoms, as amended (hereinafter referred to as the “Data Protection Act”).

This policy details the information required under the processing of personal data implemented in the context of your relationship with the group.

 

Data Controller:

Each entity of the Hexagone group acts as a data controller within the meaning of Article 4 of the GDPR in the context of its activities. (mailto:contact@groupe-hexagone.com)

 

Purposes of processing:

The purposes of the processing of personal data carried out by the entities of the Hexagone group are as follows:

  • the provision of services by one of the entities of the Hexagone group (art 6(b) of the GDPR);
  • compliance with legal and regulatory obligations, in particular in the prevention of money laundering and the financing of terrorism (art 6(c) of the GDPR);
  • the legitimate interests of one of the entities of the Hexagone group, in particular the management of the relationship with prospects in the context of commercial prospecting and the organization of events related to the activities of the companies (art 6(f) of the GDPR).

 

Concerned data:

The data concerned by the processing we carry out are as follows:

  • identification data (e.g. name, first name);
  • contact data (e.g. email addresses);
  • professional, economic or financial situation.

 

Data retention period:

Personal data is kept for the duration strictly necessary to achieve the purposes for which it is processed:

  • For customers: during the business relationship, then they are archived for 5 years after the end of this relationship;
  • For prospects: three years from the last contact with the prospect.

At the end of the periods mentioned above, the Hexagone group undertakes to delete your personal data or, where applicable, to anonymize it for statistical purposes.

 

Data security:

The Hexagone group implements all useful precautions, in view of the nature of the data and the risks presented, to preserve the security of your personal data and makes its best efforts to prevent them from being distorted, damaged or accessed by unauthorized third parties.

 

Data recipients:

Depending on the type of business relationship maintained with the Group, the data collected is intended for one or the other entity, their authorized employees to collect or process customer data. They may be sent to supervisory authorities or representative associations (AMF, ACPR, CNCEF Patrimoine), in order to comply with our regulatory obligations. The data may also be transmitted to commercial partners in the context of the execution of services that the Group entrusts to them.

 

Transfer of data abroad:

In the event of a transfer of personal data to a country that does not provide an adequate level of protection, we undertake to inform you beforehand and to implement appropriate guarantees, in particular on a contractual level.

 

Your GDPR rights:

In accordance with the GDPR and the Data Protection Act, you have:

  • the right to be informed of the use made of your personal data (via this policy and, where applicable, via the Group’s website and any contractual documents that may be provided to you: Document d’Entrée et Relation et Lettre de mission);
  • the right to access your personal data, to know its origin and to obtain a copy;
  • the right to ask us to rectify your personal data if it is not accurate or complete;
  • the right to ask us to erase or delete your personal data when there is no longer any reason for us to continue processing your personal data;
  • the right to ask us to limit or restrict the processing of your personal data;
  • the right to data portability (to receive the data concerning you);
  • the right to object to the processing of your personal data legally based on our legitimate commercial interests, unless we are able to demonstrate that, overall, our legitimate interests outweigh your rights and freedoms or that we must continue to process your personal data to establish, exercise or defend legal rights;
  • the right to withdraw consent if the processing is based on your consent;
  • the right to object to any automated individual decision-making, including profiling, when the decision has a legal or very significant impact on you;
  • you can also define the directives on the fate of your data after your death.

You can exercise these rights by presenting a copy of an identity document and contacting the Data Protection Officer (DPO) of the Hexagone group (mailto:dpo@groupe-hexagone.com) or by postal mail to the following address: 39 rue de la Bienfaisance – 75008 Paris – France.

The Hexagone group undertakes to process any request exercised in accordance with this Policy whether your request to exercise one or more rights to data protection is founded or not.

The Hexagone group may ask you for additional information if your request is not sufficiently precise or does not include all the information allowing us to respond.

If you consider that your rights have not been respected, you also have the right to file a complaint with the Commission nationale de l’informatique et des libertés (CNIL) at the following address: Service des plaints, 3 place de Fontenoy, TSA 80715 – 75334 Paris Cedex 07 – France

 

Modifications

The Hexagone group reserves the right to modify this Policy at any time and without notice, in particular in order to comply with all its legal and regulatory obligations.