Data Protection - Acome

The protection of personal data, which has been reinforced by the General Data Protection Regulation (GDPR), is a priority for ACOME. In this context, we have taken steps to secure the processing of your personal data.

The policy detailed below applies to any person using the services on our website. By browsing our website, any user is likely to share personal data with the ACOME Group. The ACOME Group will then act as data controller. Data processing will be carried out in accordance with the provisions of European regulations on the protection of personal data and in accordance with the provisions of French law as amended following the entry into force of European regulations.

1. Definitions

In the context of this privacy policy, the terms listed below have the following definition:

Consent The agreement given by a person to collect and process personal data concerning him or her. To be valid, consent must be given freely, specific to the processing in question, informed and expressed by a clear statement.
Personal Data

Any information that directly or indirectly identifies a person. This information may in particular correspond to the surname, first name, address, employee number, initials, email or physical address (non-exhaustive list).

Data subject

This privacy policy implies any person whose personal information is processed.

Data controller Legal or natural person determining the rules and purposes relating to the processing of personal data.
GDPR

General Data Protection Regulation: a regulation providing a legal framework for the processing of personal data within the European Union.
It is therefore:

  • Applicable to all countries included in the European economic zone (Union members, Iceland, Liechtenstein and Norway).
  • Applicable to all organisations processing the personal data of European residents.
Data processing Any operation carried out (collection, entry, archiving, correction, erasure, etc.) and relating to personal data. This processing can be automated using software and databases.
Transfer of personal data

Refers to transfers of personal data between Group entities or a subcontractor. 
This transfer may be occasional or permanent.

 

2. Scope and limits

The personal data management policy is limited to browsing on our website. This includes links to other sites operated by other companies (social media administrators, press articles, etc.). Each user accessing a page or social media platform from our site must consult the personal data management policies put in place by these third-party sites. Upon leaving our site, the Acome Group will not be responsible for the processing of information by other platforms. We recommend that you consult the privacy policies of the sites visited.
 
3. Identity of the Data Controller

The data controller is ACOME S.A., registered at 52 rue du Montparnasse, 75014, Paris, France.
The Data Protection Officer can be contacted in writing at the following address: dataprotection @acome.fr
 
4. Types of data collected

There are two categories of data collected when you browse our website:

  • Data provided by the user

Several sections of our website include registration forms requiring the communication of personal data (in particular: registration for events organised by the company, application for a position, contact by email or subscription to a newsletter).
In the case of subscription to a service or communication, the user voluntarily transmits their data. As subscription to services/events is optional, users acknowledge that they have freely disclosed their personal information. It is important to remember that in all cases, the user retains the right to view, modify and delete information concerning him or her in our possession.

  • Browsing data

Internet communication protocols involve the automatic transmission of personal identification information. This identification information is managed by the cookies on our website (link to the cookie management policy). These protocols enable us to improve the reliability of browsing on our site and improve safety. The processing of navigation data is detailed in paragraph 8.
The information contained in the navigation data is as follows:

  • IP address
  • Type of Internet browser
  • Access method (domain name and original site)
  • Pages consulted on our site and internal flows
  • Access time and viewing time per page
  • Other parameters (user OS and hardware data)

This technical data is collected automatically and used in an environment that does not allow an individual to be identified without intervention. This data may be communicated to the administrative and/or governmental authorities upon their founded request.
Automatically transmitted data is not retained for more than one year.

5. Purposes of the processing

The main objective of our website is to communicate information about our products, our expertise and our company. In this context, we only compile navigation data (detailed in §2, point 2).
The data transmitted directly by the user is used for the following purposes:

  • Receiving job applications and for the recruitment process;
  • Processing registrations for the various events organised by the company (Symposium, Forum, training programme, etc.);
  • Processing registrations for ACOME communication campaigns;
  • Processing requests and responding to messages posted on our site;
  • Responding to legal obligations and requests from the Administrative Authorities.

When registering for events organised by ACOME, an entry is made into our customer data processing software (Salesforce). This data is retained for marketing purposes.
 
6. Treatment Rationale

The communication of personal data by the user is optional. This communication is based on the consent of the user.
The use of related services requires the user to communicate his/her personal data. The absence or refusal to provide ACOME with personal data in the event of registration will not allow the user to benefit from the related services.
The data processing listed in paragraph 3, navigation data, does not require the prior consent of the data subject. It will nevertheless be possible to assert the rights to information, portability, modification and deletion of this data subsequently.

7. Data Security

Personal data collected in connection with the operations listed in paragraph 4 (Purpose of processing) is used under the responsibility of the data controller and only authorised persons may have access to it. Such access is restricted and may only be carried out within the framework provided for by the legislation in force.
Processing methods are either automatic or manual. When subscribing to an event organised by the company, an entry is made into our customer management database (CRM). These entries are made in an environment which guarantees the confidentiality and security of the information (reduction of the risk of accidental or voluntary data loss, fraudulent modification, unauthorised disclosure, etc.).
 
8. Retention periods

The data collected is only retained for a period deemed useful and proportionate to the purposes of processing. The data is not retained beyond the periods provided for by the various laws and regulations in force. When these deadlines are reached, the information is either made anonymous or deleted.
 
9. Exchange of information with third party companies

The data collected when using our website is not communicated to third party companies.
However, when signing up for the Symposium, the data communicated is sent to a travel company for organisational purposes, making it possible to carry out stewardship for participation (travel bookings, hotels, etc.). In this context, the consent of the data subject is required.
As part of the service management of our website (service providers, hosting providers, communication agencies or IT support), ACOME may use third-party companies. ACOME will be responsible for selecting third-party companies that meet the same requirements as the data controller (ACOME S.A.). A list of our subcontractors can be provided on request using the contact form below.
Finally, the information collected may be communicated as part of a legal process at the request of the Administration.
 
10. Data exchange with companies located outside the EU

Data is not exchanged with companies located outside the European Union that are not part of the ACOME Group. Information transfers to our subsidiaries are based on the same purposes and are guaranteed by the same information protection and security criteria. Transfers may not relate to purposes other than those listed above. These transfers are not made without guarantees of equivalent security and protection equivalent to those offered by us.

 

11. Cookies

Cookies are small text files downloaded to a device (computer, tablet, smartphone, etc.) when a user accesses a website. Cookies enable the website to recognise visitors and understand how users navigate our website. In practice, information is exchanged between the site server and the user’s browser in order to provide a personalised navigation experience.

The cookies we use:

In order to offer a good browsing experience, the data logs of the browsing activity can be collected with the aim of understanding the different uses of the sections of our site and their functionalities. Google Analytics tools are used in this context.

After being placed on a device, cookies are stored for a period of approximately 2 years.
If the user does not want cookies to be installed on their device, they can configure their browser to reduce or exclude this. The browser settings chosen for the use of our website do not apply to links to other sites that can be found on our website.

To help you configure your browser, here are some useful links:

Cookie management - Google Chrome

Cookie management - Mozilla Firefox

Cookie management - Internet Explorer

Cookie management - Safari

Cookie management - Android

Cookie management - IOS

 

12. Data subject rights

All data subjects have the following rights:

  • Access to information held about them and related retention periods;
  • The ability to have any information corrected or modified;
  • The possibility of receiving an extract of the information concerning them;
  • The right to erasure of data concerning them (subject to the retention or use obligations imposed by the legislation in force);
  • The right to object to the processing of information concerning them (where applicable, the use of proposed services would no longer be possible such as participation in the Symposium for example);
  • The possibility of lodging a complaint with the competent supervisory authority – The CNIL for France (Filing of complaint).
  • In order to exercise the rights listed above or for any other information, you can use the following email address: dataprotection@acome.fr

 
13. Updating of the data protection policy

The data controller reserves the right to update this personal data management policy in order to meet the requirements of legislative changes. For this reason, ACOME S.A. advises users to consult this page periodically.