fbpx

As personal data is an important part of FI Group, Solenne Desprez Braun, Head of the Legal Department and Data Protection Officer Group has been certified by AFNOR (that has obtained accreditation by the French Authority, under article 42 and 43 of the GDPR.)

Thanks to her DPO team and to the GDPR Compliance Ambassador, everything is done in order to be transparent about personal data processing.

A “GDPR compliance Ambassador” is a data protection representative appointed by the DPO Group in order to comply with the GDPR wherever FI Group is located and to help the DPO Team by being a relay dpo@fi-group.com

The GDPR Compliance Ambassador is a local voice to increase the visibility of GDPR compliance.

afnor certification

"Transparency is the key to a successful business relationship".
Solenne DESPREZ BRAUN, DPO

FOR OUR CLIENTS

Management of Personal Data for our Clients

  • Personal Data Policy (coming soon)
  • Appendix of the Policy (coming soon)

FOR OUR SERVICE PROVIDERS

Management of Service providers’ personal data

  • Data controller Policy (coming soon)
  • Appendix of the Data controller Policy (coming soon)

PERSONAL DATA – MANAGEMENT OF CONTACT FORMS

FOR ALL

Please visit the tab Exercise of your right as well as our ‘Personal data Policy’ intended for our Clients and the ‘Data Controller Policy’ intended for our Data processors.

For information regarding the Cookies Banner, please click on our Cookie Policy.

We are committed to respecting the principle of minimization by collecting only the personal data that we need for the purpose concerned.

LEGAL BASIS FOR THE PERSONAL DATA PROCESSING UNDER THE WEBSITE
The legal basis for the processing of personal data is your consent. Your consent is reflected by your initiative.
The appropriate legal basis is the user’s consent for this processing. A traceable consent collection system is set up for all of them.

FOR OUR CANDIDATES

SECTION INTO THE WEBSITE TYPE OF DATA TRANSMITTED BY THE WEBSITE USER DATA PROCESSED / COLLECTED BY & RETENTION PERIOD RECIPIENTS OF THE DATA PROCESSING PURPOSE OF DATA PROCESSING
« CAREER » Identity (Gender, Last Name, First Name); Contact details (professional or personal email address); Phone number; Address (not necessarily required); CV ; diploma, cover letter reference, book (not necessarily required) ð  HR department

 

ð  For 2 years after the last contact from the candidate

·   The FI Group website Marketing Department

 

·   Dropbox

·       To review and process applications for job offers

FOR OTHER FORMS ON THE WEBSITE

SECTION INTO THE WEBSITE TYPE OF DATA TRANSMITTED BY THE WEBSITE USER DATA PROCESSED AND COLLECTED BY & RETENTION PERIOD RECIPIENTS OF THE DATA PROCESSING PURPOSE OF DATA PROCESSING
« CHECK ELIGIBILITY » Identity (Gender, Last Name, First Name); Contact details (professional or personal email address); Phone number (not necessarily required); IP address, Client files, statistics attendance files; Message content (not necessarily required) ð  At the time of contact via the contact forms on the website, if applicable, we may send your contact details and the nature of your request to the relevant Departments and/or the Management of the Company in order to process your request

 

ð  For 2 years after the last contact

•  The FI Group website Marketing Department

 

 

 

 

 

 

• To review and process contact requests from users

• To contact users of the website who request it

NEWSLETTER

 

Email address, log in, function (eventually) ð  FI Group website Marketing Department which manages the mailing list

ð  For 3 years (from the last contact)

Your mailbox software (Outlook; Gmail, etc) To send to those who subscribe to the FI Group’s Newsletter
REQUEST FOR RIGHTS OF ACCESS, CORRECTION, OBJECTION Identity of the applicant or representative (with ID), proof of address.

Please note that we are asking for this information in order to protect individuals from identity fraud.

ð The DPO Team shall receive your request and shall send it to anyone who could contribute to the processing of your request within the legal deadlines (IT department)

ð Duration strictly necessary for the execution of the request

ð  Internal FI Group France services (dpo@fi-group.com) Manage, track and respond to user requests to exercise rights

EXERCISE OF YOUR RIGHTS

EXPLANATIONS OF YOUR RIGHTS TO YOUR PERSONAL DATA

Since the EU General Data Protection Regulation (EU) 2016/679 (GDPR), has granted you certain rights about your personal data held by FI Group. To help you in being assured of the protection and privacy of your personal data, GDPR and the right to information empower you with the ability to ask FI Group for information about which personal data is being processed and what happens to your personal data.

Right to access (Art. 15 GDPR): provides you with the ability to access your personal data that is being processed by FI. This request provides you the right to see your own personal data, as well as request copies of your personal data.

Right to rectification (Art. 16 GDPR): in case you are believing that your personal data is not up to date or is inaccurate and you are requesting that modifications to your personal data be made as soon as possible.

Right to erasure (Art. 17 GDPR): provides you with the ability to ask FI Group to delete your data. The request would then require FI Group to stop the processing of the personal data that was based on the consent provided earlier.

Right to restriction of processing (Art. 18 GDPR): the right to restriction allows your data to continue being stored without being processed. The right to restrict processing provides you with an alternative to requesting the erasure of your personal data.

Right for data portability (Art. 20 GDPR): provides you with the ability to ask for the transfer of your personal data to another company.

Right to object (Art. 21 GDPR): provides you with the ability to object to the processing of your personal data. In this case, consent wasn’t appropriately requested and no processing other than that for legitimate purposes is being conducted.

Right to object to automated processing (Art. 22 GPDR): provides you with the ability to object to a decision based on automated processing.