V 1.1 Applicable as of January 30th 2022
Avisa Partners values your privacy and the protection of your personal data and takes all reasonable precautions to ensure their protection.
The purpose of this Policy is to inform you about the procedures and processing of personal data that are put in place in connection with the organisation of the Cybersecurity Forum (CIF) and related events. The purpose of this Policy is to inform you of the measures taken regarding the protection of your personal data in accordance with applicable legislation.
We have drafted two documents with the aim of informing you about how we collect, use and protect your personal data in the context of our various services:
- a policy dedicated to the data collected via our website and in the context of registration to the CIF (this policy).
In the remainder of this document, we use the terms “personal data”, “personal data” and “personal information” to refer to information that identifies you personally (such as your name, surname, business address, etc.) or, as in this case, data that is linked to you (such as answers to questions on our forms), as well as data about your connection to or browsing of our site (such as your IP address and the date and time of your connection).
You will find the answers to your questions classified by theme in the following sections:
- Who are we?
- Scope of application
- Type of personal data collected and retention periods?
- Confidentiality and security measures
- Recipients of the data
- International data transfer
- Sharing of social networks with which you have an account
- Rights of access, rectification and deletion
- Contacting us
- Changes to the group’s scope
1 – Who are we?
Avisa Partners is a simplified joint stock company with a capital of €31,576,704, registered in the Paris Trade and Companies Register under number 835004094 and whose registered office is located at 17 Avenue Hoche, 75008 PARIS.
We undertake to comply with the framework of the legal provisions in force and in particular to take all reasonable steps to ensure the accuracy and relevance of the Personal Data with regard to the purposes for which Avisa Partners processes them.
2 – Scope of application
This Policy is specific to the organisation of the FIC event and related events (breakfasts, ID Forum, etc.) and concerns only those activities for which the Organiser is a Data Controller within the meaning of the GDPR.
3 – Type of personal data collected and retention periods?
Concerning the collection of personal data linked to your Internet navigation (cookies), we invite you to read our dedicated cookie management policy.
We also collect the data you specifically send us for each purpose:
- Data enabling you to be identified (surname, first name, position, company, telephone, professional email) in order to proceed with any registration (newsletters, publications), in the context of a BtoB relationship.;
- Professional data enabling you to register for our various events (name, first name, position, company, telephone, email, etc.) in order to facilitate access, to enable you to receive the information necessary for your participation and to enable us to properly organise the events for which you have registered. This also includes registration for the various workshops, symposia, competitions, challenges, roundtables, etc. organised within the FIC and related events. We may use this information to invite you to future events that we or some of our partners will organise on similar themes;
- Depending on the venues in which the events will take place and the personalities present, which may require special security procedures for access, official data and documents allowing the verification of your identity (identity card, etc.) and access control.
This data is kept for a period of three years after the last contact we had with you.
Please note: the information marked with an asterisk (*) is essential for the processing of your request.
4 – Confidentiality and security measures
We take all reasonable measures (physical, logistical, organisational) to protect your data at the time of transmission on the service, in particular against loss, misuse, unauthorised access, disclosure, alteration or destruction, through security measures such as vulnerability scanning, deployment of HTTPS protocol, implementation of pseudonymisation and anonymisation processes etc.
Depending on the type of data collected and its purpose, processing is only carried out by authorised personnel in accordance with our confidentiality and security requirements in the constitution of files, exchanges with our partners and subcontractors, and the transfer of this data (see below).
5 – Recipients of the data
The personal information that you may provide may be consulted by the staff of our company, as well as by all the subsidiaries of the group, the departments responsible for control and our subcontractors within the strict framework of the purposes that we have presented to you (including the provision of premises, etc.).
In this respect, we would like to point out that we have signed strict security clauses with our subcontractors, specifying in particular the security objectives that must be achieved.
We may also communicate your professional data to four types of entities
- We would also like to point out that, if you use social modules or your Facebook or LinkedIn account, the social networks in question may have access to some of the information.
- Finally, we may be required to disclose personal information at the request of any Public Authority in the context of a mandatory legal procedure, or in the event of a proven risk that may affect our information system and impact our activities or the conduct thereof, or the fundamental rights of third parties concerned.
6 – International data transfer
We may transfer your personal data to service providers outside Quebec. In this case, please be assured that they are bound by specific rules and measures to ensure the appropriate level of security for the protection of your personal data. For more information, you can contact our Data Protection Officer at email@example.com.
7 – Sharing of social networks with which you have an account
From our websites, we have provided you with the ability to easily share the pages you visit on your favorite social networks. The use of buttons allowing access to social networks is likely to lead to the collection and exchange of certain data between the social networks and the group’s sites.
Our site uses “plug-ins” or social modules on its various pages (“share” buttons on social networks such as Facebook, Twitter, LinkedIn, etc.). When you visit a page on one of our sites containing such social modules, a connection is automatically established with the servers of the social networks (Facebook, Twitter, etc.), which may then be informed that you have accessed the corresponding page on our site.
8 – Rights of access, rectification and deletion
We remind you that you have the right:
- To be informed about the way your data is processed;
- To access your data;
- To object on legitimate grounds to your data being processed and in particular to your data being used for commercial prospecting purposes;
- To limit certain uses of your data;
- To rectify incorrect information, as well as to ask us to delete certain information;
- To challenge the way in which your personal data is processed;
- To withdraw your consent at any time (where we rely on your consent as a legal basis for processing).
9 – Contacting us
You may at any time contact our Data Protection Officer by email (firstname.lastname@example.org) or, failing that, by post addressed to our DPO and sent to the following address: 17 Avenue Hoche, 75008 PARIS. However, we reserve the right to ask you to prove your identitý and the relevance of your request.
If, despite our reply, you are not satisfied, you may contact the Commission Nationale Informatique et Liberté (CNIL) directly at the following address https://www.cnil.fr/fr/vous-souhaitez-contacter-la-cnil.
If, despite our reply, you are not satisfied, you may contact the Commission Nationale Informatique et Liberté (CNIL) directly at the following address https://www.cnil.fr/en/contact-cnil.
10 – Changes to the group’s scope
If we are acquired by or merge with another company, or if there is a restructuring of the group, your personal data will be transferred to the new entity. If this happens, we will apply the same rules as set out in this Policy to your personal data and your rights in relation to its use.
We remind you that it is in our dedicated Cookie Management Policy that you will find the details of your rights on your personal data and their management within the framework of the functionalities of our site and its mode of operation.