In this context, “Personal Data” means any information relating to an identified or identifiable natural person (a “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
For the purposes of this Policy, as a Data Subject and user of the Website, you shall be hereinafter referred to as ‘’You’’/“Your”.
AXA Climate, “société par actions simplifiée à associé unique” registered in the Paris Trade and Companies Register under the number 493.363.378, acts as a controller in the processing of Your Personal Data (i.e. it determines the purposes and means of the processing). AXA Climate shall herineafter be referred to as ‘’We’’/“Our”/”Us”.
1.What Personal Data do We collect?
We collect and process the following categories of Personal Data when You use the Website:
- identification data: such as Your name, surname, phone number, e-mail address, region, login and password;
- professional data: such as Your profession, professional email, company name, business field;
- technical data, as results from cookies: such as Your IP address, browser type, preferred language, etc.; and
- any Personal Data that You may specify in the messages You send to Us.
Please note that, in some cases, providing Your Personal Data is mandatory otherwise We cannot provide You with the services or information You request from Us. For example, if You want to send Us a request through Our contact form on the Website, You will have to provide Your name and email address so that We can answer Your request. Where providing Your Personal Data is mandatory, We will inform You accordingly. Besides, in the event You would decide to provide Us with Personal Data relating to other individuals, please ensure that such individuals have been informed about the processing of their Personal Data in accordance with this Policy and, to the extent applicable, have consented to the processing of their Personal Data.
2.What special categories of Personal Data do We process about You?
Under the GDPR, certain categories of Personal Data are considered as particularly sensitive so that processing thereof is subject to specific rules. Such is notably the case with respect to Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, etc.
However, please note that We do not collect any special categories of Personal Data when You use Our Website.
3.How do We use Your Personal Data?
We process Your Personal Data for the following purposes:
- (a) answering any request or questions You may submit thanks to Our Website, and, more generally ensuring customer and prospect relationship management You may need through Our Website;
- (b) managing any potential or actual dispute with You or third parties;
- (c) managing Your subscription to Our newsletter and further sending You Our newsletter;
- (d) complying with any legal or regulatory obligations We are subject to.
For purposes (a) and (b) above, please note that the legal basis We rely upon for lawfully processing Your Personal Data is Our legitimate interest consisting in ensuring the proper management of Our relationships with Our customers and prospects as well as the defence of Our interests.
We process Personal Data as part of purpose (c) above based on the necessity for the performance of a contract to which You are party.
With respect to purpose (d), We will only process Your Personal Data based on Your consent when You subscribe to Our newsletter. Please note in this respect that You are entitled to withdraw Your consent at any time, without affecting the lawfulness of the processing based on Your consent before its withdrawal.
In addition, We rely on Our need to comply with legal obligations We are subject to when We process Your Personal Data for purpose (e) as specified above.
4.Do We share Your Personal Data?
As part of Our processing activities, We communicate Your Personal Data to the following categories of recipients:
- other entities of the AXA group;
- Our suppliers, service providers, agents and contractors assisting Us in meeting the purposes identified herein (e.g. IT service providers hosting Your Personal Data on Our behalf, Our legal counsels, etc.); and
- competent courts, public authorities, government bodies and law enforcement forces (in particular, where We must respond to legal or regulatory requests).
In any event, and disregarding the recipient at stake, We communicate Your Personal Data on a strict need-to-know basis and only to the extent necessary for meeting the processing purposes identified in this Policy.
5.Do We transfer Your Personal Data outside the EEA?
For the purpose of the processing activities detailed herein, We transfer Your Personal Data outside the European Economic Area (“EEA”), including to countries which are not regarded by the European Commission as ensuring an adequate level of data protection.
In this respect, We have implemented appropriate safeguards to ensure that the level of protection applied to Your Personal Data is not altered by such transfers. Such safeguards consist in: (i) the execution of standard contractual clauses based on the models issued by the European Commission; and (ii) the implementation of Binding Corporate Rules (where We transfer Your Personal Data to entities of the AXA group).
You can obtain copies of these appropriate safeguards by sending an email to Our Data Protection Officer (“DPO”), whose contact details are specified below in Section 11 (How can You contact Us?) below.
6.How do We keep Your Personal Data secure?
To keep Your Personal Data secure, We have implemented technical and organizational measures designed to protect Your Personal Data against the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Your Personal Data.
We review such measures on a regular basis to check that they remain adequate and relevant to secure Your Personal Data.
7.For how long will Your Personal Data be retained?
In the course of Our processing activities, We retain Your Personal Data for a period not exceeding what is necessary in light of the processing purpose at stake.
Concretely, this means that the data retention periods We implement vary, depending upon the concerned processing purpose, as follows:
|Answering any contact request or questions You may submit thanks to Our Website, and, more generally ensuring prospect relationship management You may need||To the extent that You are a prospect, Your Personal Data will be retained for a maximum period of 3 years following the last contact with You, as per the CNIL’s recommendation.|
|Managing Your subscription to Our newsletter and further sending You Our newsletter||Your personal Data is retained until You unsubscribe form Our newsletter.|
Complying with any legal or regulatory obligations We are subject to
We retain Your Personal Data as long as We are subject to the legal or regulatory obligations at stake.
Managing any potential or actual dispute with You or third parties
Your personal Data is retained until all the relevant courses of appeal have expired
8.What about cookies?
9.What are Your rights in relation to Your Personal Data?
As a Data Subject, You benefit from various rights in accordance with the applicable data protection legislation, and notably the GDPR, as follows:
- You have the right to request access to Your Personal Data as well as to request rectification or erasure thereof.
- You are also entitled to request the restriction of the processing carried out with Your Personal Data or to object to such processing.
- You can request the portability of Your Personal Data.
- You have the right to specify guidelines on the use of Your Personal Data after Your death.
However, please note that some of the above mentioned rights are subject to particular requirements resulting from the applicable data protection legal framework. As a result, if Your particular case does not meet the legal requirements to do so, We will not be able to let You exercise the concerned right.
You can exercise Your rights by contacting Our DPO with the contact details specified in Section 11 (How can You contact Us?). As part of Our response to Your request, You may be asked to provide further information to confirm Your identity and/or to facilitate locating the Personal Data associated to Your request.
In any event, please note that You are entitled to lodge a complaint with the French Data Protection Authority (“CNIL”) in the event You consider that the processing activities We carry out with Your Personal Data are unlawful.
10.Updates to the Policy
We will update this Policy from time to time, notably in response to new legal, technical or business developments. When We make any material change to this Policy, We take appropriate measures to inform You accordingly.
11.How can You contact Us?
Should you have any questions or requests regarding the processing activities we carry out with your personal data under this Policy, including the exercise of Your rights detailed above, please feel free to contact us with the contact details here.
Date of the last update: 20th November 2022