Data protection policy
Safeguarding privacy is of utmost importance to the Hexagone Group, and we ensure your personal data is safely protected. The group has pledged to respect client confidentiality, and more generally, to protect any personal data that is collected and processed during our exchanges.
Hexagon Group firms are therefore subject to private data protection rules and particularly to the European General Data Protection Regulation EU 2016 679 of April 27th, 2016 (“GDPR”) and the French “Data Processing and Freedoms Act” 78-17.
This text provides details on the disclosures required for processing personal data in the context of your business relationship with the group.
Hexagone Participations is the data controller as per article 4 of GDPR for all services provided by the different firms of the Group (email@example.com)
The purposes and legal basis for data processing are the following:
– Managing sales relationships with our customers (art 6(b) of GDPR) ;
– Complying with legal and regulatory requirements, notably for the prevention of money laundering and the financing of terrorism; (art 6(c) of GDPR) ;
– Managing relationships with prospective clients and organising events related to the firms’ activities (art 6(f) of GDPR.
What data is concerned :
Personal data providing information on the person’s identity, and his/her professional, wealth or financial situation.
How long do we keep the data :
The group will hold personal data for the time strictly necessary to achieve the purposes for which it was collected. Clients: for the duration of the relationship, then filed for 5 years from the end of the relationship. Prospective clients: 3 years from our last contact with the prospect.
Who can access the data :
The data collected is for the sole use of the Financial Investment Advisor, its employees who are duly authorised to collect or process client data, as well as the other Hexagone Group entities. The data may also be sent to regulatory authorities or representative organisations (AMF, ACPR, CNCEF Patrimoine) in order to comply with our regulatory obligations. The data may also be sent to our commercial partners for the execution of services entrusted by the Hexagone Group.
International data transfer :
In the event of the personal data being transferred outside of the European Economic Space, the transfer process would come with appropriate safeguards, including on the contractual front.
Your GDPR rights:
In accordance with French Law 78-17 of January 6th, 1978, and GDPR, you have the following rights :
– To be informed of the use that is made of your personal data (via this text and in the various contractual documents that will be handed to you: Document d’entrée en relation and Lettre de Mission)
– To access and modify your own personal data, if it’s no longer accurate
– To have your personal data erased (right to be forgotten)
– To request the limitation of the processing of your data
– To request the portability of your data (right to receive your personal data)
– To object the processing of your data (unless the processing is required by law)
– To withdraw your consent at any time
– To instruct on what happens to your personal data after your death.
To exercise these rights, you may contact Hexagone Participations: 39 rue de la Bienfaisance – 75008 PARIS – FRANCE. firstname.lastname@example.org.
The Hexagone Group will handle all requests as quickly as possible.
If you are not satisfied with the way your personal data is being handled, you may file a complaint with the Commission Nationale Informatique et Libertés (C.N.I.L) at the following address: Service des plaintes, 3 place de Fontenoy, TSA 80715 – 75334 Paris Cedex 07 – FRANCE.