Personal Data Protection Charter
The Business & Decision Group cares about respecting your privacy and protecting your personal data. Therefore, the Business & Decision Group observes applicable European laws on personal data protection, and the General European Regulation on Personal Data Protection No. 2016/679 dated 27 April 2016 (GDPR), as well as all national legal regulations which have been adopted pursuant to it. The Business & Decision Group is responsible for processing your personal data in the sense of the above-mentioned legal standards.
The purpose of this Personal Data Protection Charter (the “Charter”) is to inform all individuals and entities concerned about why and how the Business & Decision Group processes your personal data, the safety measures taken to ensure data integrity, and the methods available to you for controlling the use of your data and exercising your rights.
2. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The Business & Decision group, taking into account its parent company, the Business & Decision corporation, with a capital of 551 808,25 €, registered at the Nanterre RCS under N384 518 114, of which the headquarter is located at Cœur Défense A - 110, esplanade du Général de Gaulle 92931 Paris La Défense Cedex, as well as the entirety of its subsidiaries, existing or future, is the editor of this site.
3. WHY AND ON WHAT BASIS WILL YOUR DATA BE COLLECTED?
Your personal data are collected for specific and legitimate purposes.
We collect personal data about you to send you content that we make (newsletters, white papers, etc.) or to get in touch with you (for example after a contact request). We also use it for our marketing communications (for example, registration to events organised by B&D or its partners, etc.). Concerning our customers, we use their personal information to set up their client account and provide our services to them.
We use your personal data for the proper operation of our business. Your personal data may be processed by B&D for the purposes, or related to:
- Legal and regulatory requirements;
- Requests from official authorities;
- For administrative management;
- To administer customer relationship and maintain contractual relations;
- For accounting and tax purposes;
- For recruitment and business development purposes.
In addition to the purposes connected to the operations of our business, we may also use your personal data for marketing and business development, for example:
• Communicating information about the Group and the services offered;
• Sending communications, white papers, newsletters, etc.
• Invitations and registrations to events, including those of partners, etc.
We are legally required to indicate on which legal grounds we rely on to process your personal data.
As a result, you can find below the legal grounds on which we carry out the processing operation :
a. Contract performance e.g.: partnerships, employment contracts, etc.
b. Legal and regulatory obligations we are subject to e.g.: responding to official authorities
c. Serving our legitimate interests e.g.: IT safety measures; operational delivery of our business.
d. Your consent e.g.: application, subscription to a newsletter, registration to an event.
For minors under 18 years of age, such consent must be given or authorised by the holder of parental responsibility. Should the holder of parental responsibility discover that the minor’s personal data have been entrusted to B&D, he/she shall be entitled to request their deletion.
4. TO WHOM WILL YOUR PERSONAL DATA BE DISCLOSED?
We do not rent or sell information for monetary consideration.
Your personal data may be disclosed to the following persons or entities, depending on the purposes involved:
• All entities of the B&D Group (e.g.: Contact forms; B&D events; Content downloads, etc.);
• Service providers and subcontractors (e.g.: registration and participation in events; subscription to the Newsletter; processing of applications by a recruitment agency.);
• Business partners (e.g.: registration and participation in events.)
5. HOW WILL YOUR PERSONAL DATA BE KEPT SAFE?
Ensuring the security of your personal data is a priority at B&D Group.
To protect the confidentiality and integrity of your personal data, B&D Group has taken the necessary technical and organisational measures to prevent data from being distorted, damaged, or accessed by unauthorised third parties. B&D Group guarantees an appropriate level of security according to the state of knowledge, implementation costs, and the nature, scope, context and purposes of the data processing, as well as the risk involved and the likelihood thereof.
In the event that B&D communicates personal data to a third party, B&D will ensure that such third party certifies that it has and maintains the same level of protection as that applied within B&D Group, and will obtain contractual guarantees so that, in particular, all data are processed for the agreed purposes while ensuring their integrity and confidentiality, and that the required security measures are taken. However, as a reminder, no security system or measure is infallible, and despite all precautions and measures taken, B&D Group cannot guarantee absolute security for all personal data.
In the event of a verified breach of personal data likely to generate a high risk for the rights and freedoms of the individuals and entities concerned, B&D agrees to communicate such breach to the competent supervisory authority, and, wherever required by said regulations, to the individuals and entities concerned.
The recipients of your personal data may be located abroad, including outside of the European Economic Area. Your data are likely to be transferred to our subsidiary located in Tunisia to process your requests. Any transfer of your data outside the European Economic Area will be made with the appropriate guarantees, including contractual guarantees, in accordance with applicable regulations on personal data protection.
6. HOW LONG WILL YOUR PERSONAL DATA WILL BE KEPT?
B&D Group will keep your personal data for the period necessary to achieve the pursued purposes.
This period will vary depending on the purpose of data collection, e.g.:
• Personal data of clients/prospects/partners: 2 years after the last contact with the client/prospect/partner;
• Personal data of website users: 2 years
• Any retention period that is required by law.
At the end of this period, B&D may contact you again to know whether you wish to continue receiving communications about offers, news and events from B&D. In addition, your data will be destroyed within a maximum period of 30 days starting from your request to unsubscribe.
7. YOUR RIGHTS
If you would like to access, review, update, rectify, and delete any Personal Information we hold about you, or exercise any other data subject right available to you under the EU General Data Protection Regulation (GDPR), you can.
You have the following rights on your personal data:
• The right to obtain information about the data we have about you and what type of processing they are subject to, and to obtain a copy of these data in an electronic form;
• Under certain circumstances, the right to withdraw at any time your consent to the processing of your personal data (please note that we are likely to continue processing your personal data if we have a legitimate reason for doing so, or if we are subject to a legal requirement);
• Under certain circumstances, the right to ask us to transfer this information to third parties when it is technically possible (please note that this right will only apply to data which you have provided to us);
• The right to edit or correct your personal data;
• The right to restrict the processing of your personal data in certain cases;
• The right to ask that we delete your data under certain circumstances (please note that legal or regulatory provisions, or legitimate reasons, may require us to continue storing your data);
• The right to ask us to restrict the processing of your data, or to oppose such processing, under certain circumstances (please note that we are likely to continue processing your personal data if we have a legitimate reason for doing so, or if we are subject to a legal requirement);
• The right to set guidelines for the storage, deletion or communication of your personal data which will apply after your death.
8. CONTACT US
For any questions about this Charter and/or to exercise your rights such as described above, you may contact B&D, electronically or by post, by sending a letter together with a copy of an identification document to:
Business & Decision Direction juridique et DPO
Cœur Défense A -110 esplanade du Général de Gaulle 92931 Paris La Défense Cedex
9. CHANGES TO OUR PERSONAL DATA PROTECTION CHARTER
B&D may need to make changes to this Charter from time to time. We invite you to check this webpage regularly to make sure you are aware of the latest version update of this Charter.