The purpose of this Privacy Policy is to allow users of the website (hereinafter “Users”) to learn more about the processing of their Personal Data (hereinafter “Personal Data” or “Data”) that may be implemented when consulting and using the website accessible at the following URL address www.ddg.fr (hereinafter the “Site”).

By using the Site, the User accepts the terms of this Privacy Policy in their entirety, and therefore agrees to the collection and use of their Personal Data in the manner described herein.

Any User who disagrees with any of its terms is free to discontinue using the Site.

 

  1. DATA COLLECTION

Cabinet Deprez Guignot et Associés (hereinafter “DDG” or the “Firm”) collects Users’ Personal Data, in particular through the “contact” section and the User’s subscription to the “newsletter”.

The Data may be collected when the User :

– browses the Site

– subscribes to the newsletter

– sends a question or comment via the contact form

– submits an application for a job or an internship

– physically participates in professional meetings, files, partnerships, applications, or comes to our premises

As the party responsible for processing the User’s Personal Data, the Firm makes every effort to protect the privacy of the Site’s Users, and in particular processes Personal Data in compliance with the applicable laws and regulations.

Personal Data is defined as “any information relating to an identified or identifiable natural person.

An “identifiable natural person” is deemed to be a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.

The term “Regulations” refers to the regulations relating to Personal Data, and in particular to Regulation No. 2016/679, known as the General Data Protection Regulation, the French Data Protection Act No. 78-17 of 6 January 1978, as well as Law No. 2008-493 on the protection of personal data.

 

  1. DATA COLLECTED AND PROCESSED

The Personal Data collected by the Firm are

  • name(s), surname(s), date of birth, email address, telephone number, postal address, age;
  • information on the use of the Site recorded through cookies or other tracers: the pages of the Site visited, the date and time of access, or behavioural data relating to the analysis of actions and choices made on the Site;
  • Users’ personal preferences (including their preference for cookies)
  • work experience data (previous internships and positions held)

DDG takes into account the principles of minimisation and protection of Personal Data at the outset of processing, and of data protection by default. Accordingly, the Firm ensures that it collects only relevant, adequate and limited information for the purposes for which it is processed.

Certain Personal Data must be provided in order to benefit from certain features on the Site (for example, the e-mail address in order to receive the newsletter). This information is then indicated by a “*” sign on the collection medium. In such cases, the User’s refusal to provide such information could result in limiting his or her access to certain services or features offered by the Firm, particularly on the Site.

Apart from these cases, the User is free to provide or not all or part of his Personal Data.

It is important that the information provided and shared by the User is correct, both at the time of registration and at any time during the User’s use of the Site.

Each User therefore undertakes to update the data and information concerning him/her. In this respect, the User guarantees the truthfulness, accuracy and completeness of the information transmitted on the Site and will be solely responsible for any error, omission or failure to update.

DDG does not process any Personal Data qualified as “sensitive” (racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of a natural person) within the meaning of the Regulation.

 

  1. PURPOSES OF COLLECTION

The information communicated on the Site may be collected and processed, if it allows DDG to :

  • improve the experience of the Users on the Site;
  • send DDG’s newsletter to Users by e-mail
  • provide the requested services or information;
  • to carry out anonymous statistics on the activity of the Site in order to measure, in particular, the satisfaction and the quality of the services and to ensure the improvement and optimisation of the Site;
  • to manage the security of the Site;
  • process the application of Users on the Site;
  • subscribe to and receive thematic information;
  • requesting, obtaining or receiving information about the Firm or any of its entities or affiliates, or the products and services they offer.

DDG may also use personal data for administrative purposes or for any other purpose imposed by the legislation in force.

 

  1. USE AND TRANSMISSION OF DATA

DDG is solely responsible for the processing of Personal Data collected in the context of its services and on the Site, and is the sole recipient of such data.

 

DDG may transmit the Personal Data of the users of the Site to third parties only in the cases listed below:

  • when the user has given his prior consent to the sharing of such information;
  • when DDG needs to share such information with its staff (lawyers, administrative personnel), affiliates and duly authorized service providers in order to provide the services requested by the User; and
  • when DDG receives a request from a judicial authority or any administrative authority empowered by law to disclose such information in accordance with applicable law.

As soon as DDG gives access to Users’ Personal Data to third parties, the latter are bound by an obligation of confidentiality. In particular, DDG requires recipients of Personal Data to undertake to comply with the Regulations.

In the event of recourse to affiliates or service providers located outside the European Union, DDG undertakes to verify that appropriate measures have been put in place to ensure that the Personal Data benefit from an adequate level of protection.

 

  1. DATA RETENTION PERIOD

DDG keeps the Personal Data communicated to it for a period of time strictly necessary for the achievement of the purposes pursued. DDG may also keep the Data for a longer period of time in accordance with its legal obligations.

In particular, DDG keeps :

– Personal Data of Clients relating to a current file: as long as the User is active, for a period of five (5) years from the closing of the file;

– Personal Data of Prospects: as long as the User is active, for a period of three (3) years from the last contact;

– Personal Data of candidates in the context of recruitment procedures: for as long as the storage is necessary to process the application and, in the event of a negative outcome, for 2 (two) years after the last contact between the Firm and the candidate (unless the candidate agrees that his or her Personal Data be stored for a longer period);

– Browsing data, regardless of the person concerned, for a period of thirteen (13) months.

Some Data may however be kept (invoices, estimates, credit notes) for a commercially reasonable period of time, in particular for backup, archiving or auditing purposes.

DGG may also retain the Data for research or statistical analysis, it being specified that the Data will then be anonymised, and may thus be retained without any specific period.

The Firm may also retain the Data for a longer period of time in order to comply with its legal obligations.

In the context of newsletters, DDG will no longer contact Users who have not opened the newsletters for more than three (3) years.

 

  1. HOSTING OF YOUR PERSONAL DATA

The Personal Data processed by DDG are hosted by OVH (SAS with a capital of €10,069,020, registered with the CS Lille Métropole under the number 424 761 419 00045 and whose registered office is located at 2 rue Kellermann – 59100 Roubaix – France) and/or DDG’s partners in order to ensure the functionality of the services, in particular for the sending and management of the newsletter.

In any case, DDG has put in place appropriate technical measures to maintain the security of the Personal Data.

 

  1. RIGHTS OF INDIVIDUALS TO THE DATA COLLECTED

7.1 Rights concerned

Each User of the Website has a number of rights, in accordance with the Regulations in force, in particular

– Users’ consent and right to information on the processing of your personal data

Users’ consent must be given in a clear and unambiguous manner. Therefore, DDG endeavours to provide Users with concise, transparent, understandable and easily accessible information on the conditions of the processing of Personal Data and the practices in force.

Users may withdraw their consent at any time. Thus, registered Users who no longer wish to receive communications, in particular in the form of newsletters, may unsubscribe by clicking on the link located at the bottom of each email sent by DDG. However, and in accordance with applicable law, the withdrawal of consent is only valid for the future and does not call into question the lawfulness of the processing carried out prior to this withdrawal.

– Right to request access to personal data

These rights allow the User to receive confirmation as to whether or not their Personal Data is being processed, and the conditions of such processing. They may also access and receive a copy of the Personal Data that DDG holds about them

– Right to rectification:

This right allows Users to request the correction of inaccurate information about them, upon request to DDG, as soon as possible.

– Right to limitation

The applicable regulations provide that this right may be invoked in certain cases, in particular the following

  • the accuracy of the Personal Data is disputed
  • it can be established that the processing of the Personal Data is unlawful but the User objects to the erasure of the Personal Data and demands instead the limitation of the processing;
  • when DDG no longer needs the Personal Data but they are still necessary to the User, in particular for the establishment, exercise or defence of legal claims;
  • when the User objects to the processing which would be based on the legitimate interest of the controller, during the verification as to whether the legitimate grounds pursued by the controller prevail over those of the data subject.

– Right to the cancellation or erasure of Personal Data

  • This right allows the User to request from DDG the erasure, as soon as possible, of Personal Data, where one of the following legal grounds applies:The Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed;
  • The consent on which the processing of Personal Data was based is withdrawn and there is no other basis for such processing;
  • It can be established that the Personal Data has been unlawfully processed; and
  • The Personal Data must be erased pursuant to a legal obligation.

– Right to portability of personal data

Where processing is based on consent (including contractually expressed consent), this right to portability allows the User to request to receive Personal Data provided to DDG in a structured, commonly used, machine-readable format and to transmit such Personal Data to another controller without DDG being able to object.

Where technically possible, the User may also request that his/her Personal Data be directly transferred to another controller by DDG.

– Right to object

This right of objection allows the User to object to the use of his/her Data by an organisation for a specific purpose, provided that he/she specifies “the reasons relating to [his/her] particular situation”.

When the processing is carried out for the purpose of commercial prospecting, the User may object to the processing at any time, without giving any reason.

However, if the User’s request to object does not concern commercial prospecting, the organisation may justify its refusal on the grounds that

– there are legitimate and compelling reasons for processing the data, in particular if they are necessary for the establishment, exercise or defence of legal claims;

– the User has previously consented – the User must then withdraw this consent and not object;

– a contract binds the User to DDG;

– DDG is required by law to process the Data;

– the processing is necessary to protect the vital interests of the data subject or another natural person.

– Right to decide what happens to personal data after death (e-Will)

This right allows the User to regulate the fate of his/her Personal Data after death by adopting general or specific directives, which DDG undertakes to respect. In this respect, the User may decide, in particular, that the data be passed on to relatives or be deleted.

DDG may, however, even in the absence of instructions, give the heirs the possibility to exercise certain rights, in particular the right of access, in order to allow the settlement of the deceased’s estate.

– Right to lodge a complaint with a supervisory authority

If, despite the efforts made by DDG to preserve the confidentiality of the User’s Personal Data, the User believes that his or her rights have not been respected, the User may at any time lodge a complaint with a supervisory authority, in particular the CNIL.

7.2 Exercising the rights concerned

For any question relating to this Privacy Policy and/or to exercise the rights as described above, the User may at any time, and at no cost, send a request to DDG, by :

e-mail to the following address: ddg@ddg.fr, or

by post to the following address Deprez Guignot Associés 21 rue Clément Marot, 75008 Paris.

DDG undertakes to respond to the User concerned as soon as possible, and in any event within one month of receipt of the request, it being specified that this period may be extended by two months, taking into account the complexity and number of requests sent simultaneously to DDG. In this case DDG will inform the User of the reasons for the extension.

It is possible that DDG does not comply with the User’s request, in particular for legal reasons. In this case DDG undertakes to inform the User of the reasons for its inaction and of the possibility for the User to lodge a complaint with a supervisory authority, in particular the CNIL, and/or to lodge a legal appeal.

 

  1. SECURITY OF INTERNAL NAVIGATION

DDG takes care to protect and secure Personal Data in order to ensure their confidentiality and to avoid any damage, destruction or disclosure to unauthorised third parties.

8.1. Integrity of the Data

All Personal Data collected is stored on secure servers. Procedures to deal with any breach of personal data have been put in place.

8.2. Malicious use

Without prejudice to the foregoing, in order to prevent the Data from being captured by malicious third parties, independent of DDG, Users must exercise caution to prevent unauthorised access to their personal data, and in particular

– to connect only to secure, preferably private, networks; and

– install and regularly update anti-virus and anti-spyware software on their computers.

8.3. Spoofing/Phishing

DDG undertakes not to solicit Users by e-mail asking them to provide personal information.

The User is asked not to respond to such solicitations and to immediately forward to DDG any request that he/she finds suspicious.

 

  1. COOKIES

Depending on the settings of their cookies, each User accepts that the Site memorises information concerning their navigation, in order to ensure the proper functioning of the Site, to establish statistics on the number of visitors and to optimise its conditions of use and the services offered.

9.1 What is a cookie?

A cookie is a connection indicator, i.e. a small text file deposited on the terminal’s hard disk when an Internet site is consulted. It contains some data relating to the connection, in particular the name of the server concerned, most often an identifier in the form of a unique number and, possibly, an expiry date. This identifier may enable the Site to recognise the User’s computer, browser, mobile or tablet on each visit. Cookies are managed by the User’s internet browser.

9.2 What types of cookies are used by DDG?

Only the sender of a cookie is likely to read or modify the information contained in it. DDG may, subject to the choices of the Users, install various cookies on their terminal that allow the browser of your terminal to be recognised during the period of validity of the cookie concerned, in particular :

FUNCTIONAL COOKIES

These make it possible to improve the quality of navigation on the Site, in particular by saving the preferences that the User has expressed during the visit to the Site (language used, display resolution, operating system).

AUDIENCE MEASUREMENT COOKIES

These cookies are used by the Site to produce anonymous statistics. They enable us to recognise visitors, count them and identify the way they move around the Site when they use it. This makes it possible to improve the operation of the Site, the interest and ergonomics of the services, for example by ensuring that Users can easily find what they are looking for.

COOKIES ENABLING THIRD PARTIES TO PROVIDE SOCIAL SHARING TOOLS

Subject to the User’s acceptance, when using one of the sharing buttons on the Site, a cookie may be installed by the relevant social network in order to share the content instantly on the social network. The Site does not block cookies from these third-party sites and has no control over their installation. The User is invited to consult the cookie policy of these social networks for more information.

 

9.3 User’s choice regarding cookies

Several possibilities are offered to allow the User to manage cookies. Any setting may modify Internet navigation and the conditions of access to certain services requiring the use of cookies.

– Agreement on cookies

The recording of a cookie on a terminal is subject to the will of the User of the terminal, which can be expressed at any time and free of charge according to his or her browser software.

If the User accepts in his browser software the recording of cookies in his terminal, the cookies integrated in the pages and contents consulted may be stored temporarily in a dedicated space of his terminal and may be read by their issuer.

– Refusal of cookies

The User may choose to refuse cookies, partially or entirely.

The User may delete all cookies or only some of them. Deleting cookies does not prevent browsing or their reinstallation during browsing. Refusing cookies allows the User to control the cookie library of his browser at a given moment.

The technical cookies, necessary for navigation, will however be reinstalled as soon as the User visits the Site again.

It is possible that such a refusal may lead to a degraded functioning of the Site by the Internet user, or even prevent him/her from benefiting from a certain number of functionalities which may be necessary to navigate in certain areas of the Site. This is the case in particular when the content or services require the User to identify himself.

Where applicable, DDG declines all responsibility for the consequences related to the degraded functioning of its services resulting from the impossibility for it to record or consult the cookies necessary for their functioning that the User has refused or deleted.

However, DDG informs the User that certain cookies cannot be deleted insofar as they are strictly necessary for the technical functioning of the Website.

If the User wishes to change his/her wishes regarding cookies, he/she can do so at any time on the Website and by configuring the settings of his/her browser:

Below, we explain the steps to follow according to your browser, to refuse cookies.

For Chrome™: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=fr
For Firefox™: https://support.mozilla.org/fr/kb/autoriser-bloquer-cookies-preferences-sites
For Internet Explorer™: https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies
For Safari™: https://support.apple.com/fr-fr/guide/safari/sfri11471/mac
Depending on such settings, browsing may be modified and access to the Site’s services more or less limited. In particular, the deactivation of so-called functional cookies will alter, or even make it impossible to visit the Site.
The procedure to follow is explained below according to the browser.

Chrome
In the Chrome menu, select “Settings”.
Display the advanced settings
Go to the “Privacy” section
Click on “Content settings”.
In the “Cookies” section (first section), click on “Cookies and Site Data
Find the cookies you want to delete and click “OK”. You can also choose to delete all your cookies.

Firefox
In the Firefox menu, go to “Tools” and then to “Options”.
On the ‘Privacy’ tab, click on ‘Show Cookies
Find the cookies you want to delete and click on ‘Delete Cookies

Internet Explorer
Internet Explorer does not allow for case-by-case cookie management. To delete all your cookies:
Click on “Tools” and then on “Internet Options”.
In the “General” tab, under “Browsing History”, click on “Delete”.
Check the “Cookies” box and click on “Delete”.

Safari
In the Safari menu, select ‘Preferences
In the window that opens, go to the ‘Security’ tab
Click on ‘Show Cookies
In the window that opens, find and select the cookies you want to delete, and click ‘Delete

 

Deactivation of third party cookies
The User may choose to disable third party cookies that are not usually required to take advantage of the resources available on the Internet. The steps to follow to refuse third-party cookies are explained below, depending on the browser.

In Chrome :
From the Chrome menu, select “Settings”.
Display the advanced settings
Go to the “Privacy” section
Click on “Content Settings”.
In the “Cookies” paragraph (first paragraph), check the box “Block cookies and data from third-party sites”, and click OK to validate the choice.

Firefox
In the Firefox menu, go to “Tools” and then to “Options”.
On the “Privacy” tab, set the “Retention rules” menu to “Use custom settings for history”.
Finally, uncheck the “Accept third-party cookies” box.

Internet Explorer
In the menu select Internet Options
Then in the “Privacy” tab and on the “Advanced” button, bring up the Advanced Privacy Settings window.
Then check the box “Override automatic cookie handling” and select “Deny” in the “Third party cookies” column.

 

  1. SPECIAL FEATURES FOR MINORS

The Site is not intended for minors under the age of 16.

However, if information is collected on a minor under 18 years of age by the Site, the minor’s legal representative must give his or her prior consent and validate the communication of the data.

 

  1. UPDATE OF THE PRIVACY POLICY

DDG may change its Privacy Policy from time to time. The revised Privacy Policy will be posted on the Site by the company with the last update date.

The User is therefore required to check the Site regularly to remain informed of any changes or updates to the Firm’s Privacy Policy.

Any change will only apply to users of the Site and the Application after the said change has been made.