Legal Notice

Sophia SALMERON

Registered under siren number: 439 875 519

Headquarters: 266, avenue Louis Lépine

84700 SORGUES

Email: cabinetjudilex@gmail.com

LEGAL NOTICES and personal data (GDPR)

Information relating to the Data Protection Act of January 6, 1978

As part of its activity, the firm is required to collect and process personal data relating to contacts, prospects, customers, service providers, partners.

The main objective of this document is to bring together in a concise, transparent, understandable and easily accessible format information concerning the data processing implemented to allow you to understand under what conditions your data is processed.

Fair and transparent collection of your data

In the interest of loyalty and transparency, the firm takes care to inform the above-mentioned data subjects of each processing operation it implements through information notices.

This data is collected fairly. No collection is carried out without people knowing or being informed.

Legitimate and proportionate use of your data

When the firm is required to process data, it does so for specific purposes: each data processing implemented pursues a legitimate, determined and explicit purpose.

For each of the treatments implemented, the firm undertakes to only collect and use data that is adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.

The firm ensures that data is updated and implements processes to enable the erasure or rectification of inaccurate data.

The personal data we process

As part of the processing of personal data, the purposes of which will be presented to you below, the firm collects and processes the following categories of data:

Identification data of the persons concerned such as your title, your first and last name, your electronic, telephone and postal contact details;
Data relating to the professional situation of the person concerned such as profession or professional contact details;
Economic and financial data;
Recording of videoconferences and webinars organized by the firm (video, content, message, dashboard and reports)
Connection and log data;
Content of the exchanges with the firm.

The legal bases and purposes of our data processing

The processing implemented by the firm has the following purposes and legal bases:

Purpose Legal basis, Production management and monitoring of customer files necessary for the execution of a contract or the execution of pre-contractual measures taken at the request of customers, Management of training necessary for the execution of a contract or the execution of pre-contractual measures taken at the request of customers, Management of invoicing necessary for the execution of a contract or the execution of pre-contractual measures taken at the request of customers, management of service providers and partners necessary for the execution of a contract or the execution of pre-contractual measures taken at the request of clients, Maintaining the firm's accounts, Meeting legal and regulatory obligations incumbent upon the firm, Management of prospects and contactsI, legitimate interest, Management of the organization and invitations to firm eventsI, legitimate interest, Management of external communication, Legitimate interest, Management and organization of webinars and videoconferences as part of the management of a client file and preparation of a report, Recording of customer webinars and videoconferencing

Execution of a contract or execution of pre-contractual measures taken at the request of customers, Consent of participants for recording

The recipients of your data

The recipients of your data are each as far as they are concerned:

authorized members of the Cabinet;
any authorized third party intervening for the purposes of the missions entrusted to the Firm (such as bailiffs, legal experts);
the competent authorities or courts.
for knowledge marketing videoconferences and webinars: The people who access and view the knowledge marketing webinars and videoconferences and the service provider providing the solution used;
for videoconferences and webinars with clients as part of the management of client files: authorized participants and members of the firm and the service provider of the solution used;
the firm’s service providers;
the president and Tracfin.

We ensure that only authorized people can have access to this data. The firm applies a strict authorization policy which allows the data it processes to be transmitted only to people authorized to have access to it.

Transfers of your data

The firm may transfer personal data outside the European Union as part of the IT tools it uses for its activities.

These transfers can only be carried out after the firm has taken measures to secure them, for example by ensuring the conclusion of standard clauses defined by the European Commission in order to regulate the flows.

As part of its electronic business development and to allow increased availability of its members, the firm has chosen to use Google workplace solutions in particular for its messaging, videoconferencing, calendar, Google sites and drives.

In this context, the data from these applications are hosted in particular in Ireland, a member state of the European Union, and in the United States.

Authorized recipients of Google will be provided with the following categories of data: data relating to identification, data relating to professional life, economic and financial data, connection data, contact details which may be processed within the framework of the use of services provided by Google.

This data is transferred to the authorized services of Google entities for the main purposes of outsourcing, maintenance, assistance, administration, hosting and to respond to requests from the authorities legally authorized to know about it.

A cross-border flow agreement based on the standard contractual clauses of the European Commission has been concluded with Google LLC, in order to regulate the transfer of data and ensure a sufficient level of protection with regard to the requirements of French regulations.

Furthermore, as part of the development of its dual company policy, the firm uses Zoom for the organization of its webinars and videoconferences, in this context, personal data on the organizers and participants, as well as on the Events are communicated to Zoom in the United States and in any other country outside the European Union that does not have equivalent protection. If you do not want your data to be transferred to Zoom, in this case you are advised not to register or participate in our videoconferences and webinars.

The purpose of this data communication is the provision of the service as well as maintenance, assistance and support, administration and hosting. A cross-border flow agreement based on the standard contractual clauses of the European Commission has been concluded with Zoom, in order to regulate the transfer of data and ensure a sufficient level of protection with regard to the requirements of French regulations.

The periods for which we keep your data

The firm ensures that data is only kept in a form allowing the identification of the persons concerned for a period necessary for the purposes for which they are processed.

The retention periods that we apply to your personal data are proportionate to the purposes for which they were collected.

More specifically, we organize our data retention policy as follows:

Data and purposes Retention period Contact and prospect management 3 years from the last contact Billing and accounting 10 years Client management 5 years from the end of the mandate entrusted to the firm. The data may be kept beyond 5 years in special cases such as the impossibility of transmitting the original to the customer or the need to keep documents supporting an ethical complaint Partner management 5 years from the end of the contractual relationship Management of service providers 5 years from the end of the contractual relationship Video conference and webinars Recording of customer video conferences and webinars: Duration necessary for validation of the report and retention of the report for the duration of management of the customer file until at its closing increased by the applicable limitation periodsRecording of webinars and knowledge marketing videoconferencing: 5 years increased, for the elements justifying it, by the duration of the firm's activity for historical purposes and as archives of productions firm knowledge marketing

6 month cat log

Information on contacts (guests and participants): duration of presence in the firm's prospect client contact database (prospects 3 years from the last incoming contact, clients: 5 years from the end of the mandate entrusted to the firm)

Activity reports concerning the webinar and videoconferencing the time of exploitation of the results

Anti-money laundering and terrorist financing5 years from the end of the business relationship

Personal data security

The firm attaches particular importance to the security of personal data.

It has put in place technical and organizational measures adapted to the degree of sensitivity of personal data, with a view to ensuring the integrity and confidentiality of the data and protecting it against any malicious intrusion, any loss, alteration or disclosure to third parties. unauthorized.

However, the security and confidentiality of personal data rely on everyone's best practices, so the person concerned is invited to remain vigilant on the issue.

Outsourcing

When the firm uses a service provider, it only communicates personal data to it after having obtained from the latter a commitment and guarantees on its ability to meet these security and confidentiality requirements.

In compliance with our legal and regulatory obligations, we conclude contracts with our subcontractors precisely defining the conditions and methods of processing personal data by the latter, in compliance with the regulations on the protection of personal data.

Cookies

Cookies are subject to a

cookie policies

.

The rights granted to you

The firm is particularly concerned about respecting the rights granted to you in the context of the data processing it implements, to guarantee you fair and transparent processing taking into account the particular circumstances and context in which your personal data is processed. .

12.1 Your right of access

As such, you have confirmation that your personal data are or are not processed and when they are, you have the right to request a copy of your data and information concerning:

the purposes of the processing;
the categories of personal data concerned;
the recipients or categories of recipients as well as, where applicable if such communication were to be made, the international organizations to which the personal data have been or will be communicated, in particular recipients who are established in third countries;
where possible, the planned retention period of personal data or, where this is not possible, the criteria used to determine this period;
the existence of the right to request from the data controller the rectification or erasure of your personal data, the right to request a limitation of the processing of your personal data, the right to object to this processing;
the right to lodge a complaint with a supervisory authority;
information relating to the source of the data when it is not collected directly from the persons concerned;
the existence of automated decision-making, including profiling, and in the latter case, meaningful information regarding the logic underlying it, as well as the significance and intended consequences of such processing for data subjects.

1Your right to rectification of your data

You can ask us to have your personal data, depending on the case, rectified or supplemented if it is inaccurate, incomplete, ambiguous or out of date.

12.3 Your right to erasure of your data

You can ask us to erase your personal data in the cases provided for by legislation and regulations.
Your attention is drawn to the fact that the right to erasure of data is not a general right and that it can only be granted if one of the grounds provided for in the applicable regulations is present.

Your right to limit data processing

You can request the limitation of the processing of your personal data in the cases provided for by legislation and regulations.

12.5 Your right to object to data processing

You have the right to object at any time, for reasons relating to your particular situation, to the processing of your personal data, the legal basis of which is the legitimate interest pursued by the data controller (see article below). above on the legal basis of the processing).
In the event of exercising such a right of opposition, we will ensure that we no longer process your personal data in the context of the processing concerned unless we can demonstrate that we can have legitimate and compelling grounds for continuing this processing. These reasons must be greater than your interests and your rights and freedoms, or the processing must be justified for the establishment, exercise or defense of legal rights.

Your right to data portability

You have the right to portability of your personal data. We draw your attention to the fact that this is not a general right. Indeed, not all data from all processing is portable and this right only concerns automated processing, excluding manual or paper processing.
This right is limited to processing whose legal basis is your consent or the execution of pre-contractual measures or a contract.
This right does not include derived data or inferred data, which is personal data created by the firm.

Your right to withdraw your consent

When the data processing we carry out is based on your consent, you can withdraw it at any time. We then stop processing your personal data without calling into question previous operations for which you had consented.

12.8 Your right to appeal

You have the right to lodge a complaint with the CNIL (3 place de Fontenoy 75007 Paris) on French territory, without prejudice to any other administrative or legal recourse.

Your right to set post-mortem guidelines

You have the possibility to define specific instructions relating to the conservation, erasure and communication of your personal data after your death according to the terms defined below. These specific instructions will only concern the treatments implemented by us and will be limited to this area only.
You will also have, when this person has been designated by the executive power, to define general directives for the same purposes.

How to exercise your rights

All rights listed above can be exercised at the following email address

dpo@alain-bensoussan.com

or by post to the following address, Caboinet JUDILEX: 266 avenue Louis Lepine in SORGUES (84700), providing proof of your identity by any means.

Modification of this document

We invite you to regularly consult this policy on our website. It may be subject to updates.

In the event of a dispute or complaint, you can contact one of the Personal Data Protection Delegates: Cabinet Lexing Alain Bensoussan lawyers at 8 boulevard Gouvion-Saint-Cyr – 75017 Paris

Sophia SALMERON

Registered under siren number: 439 875 519

Headquarters: 266, avenue Louis Lépine

84700 SORGUES

Fair and transparent collection of your data

Legitimate and proportionate use of your data

The personal data we process

The legal bases and purposes of our data processing

The processing implemented by the firm has the following purposes and legal bases:

The recipients of your data

The recipients of your data are each as far as they are concerned:

authorized members of the Cabinet;

any authorized third party intervening for the purposes of the missions entrusted to the Firm (such as bailiffs, legal experts);

the competent authorities or courts.

for knowledge marketing videoconferences and webinars: The people who access and view the knowledge marketing webinars and videoconferences and the service provider providing the solution used;

for videoconferences and webinars with clients as part of the management of client files: authorized participants and members of the firm and the service provider of the solution used;

the firm’s service providers;

the president and Tracfin.

We ensure that only authorized people can have access to this data. The firm applies a strict authorization policy which allows the data it processes to be transmitted only to people authorized to have access to it.

Transfers of your data

The firm may transfer personal data outside the European Union as part of the IT tools it uses for its activities.

These transfers can only be carried out after the firm has taken measures to secure them, for example by ensuring the conclusion of standard clauses defined by the European Commission in order to regulate the flows.

As part of its electronic business development and to allow increased availability of its members, the firm has chosen to use Google workplace solutions in particular for its messaging, videoconferencing, calendar, Google sites and drives.

In this context, the data from these applications are hosted in particular in Ireland, a member state of the European Union, and in the United States.

This data is transferred to the authorized services of Google entities for the main purposes of outsourcing, maintenance, assistance, administration, hosting and to respond to requests from the authorities legally authorized to know about it.

A cross-border flow agreement based on the standard contractual clauses of the European Commission has been concluded with Google LLC, in order to regulate the transfer of data and ensure a sufficient level of protection with regard to the requirements of French regulations.

The periods for which we keep your data

The firm ensures that data is only kept in a form allowing the identification of the persons concerned for a period necessary for the purposes for which they are processed.

The retention periods that we apply to your personal data are proportionate to the purposes for which they were collected.

More specifically, we organize our data retention policy as follows:

Personal data security

The firm attaches particular importance to the security of personal data.

However, the security and confidentiality of personal data rely on everyone's best practices, so the person concerned is invited to remain vigilant on the issue.

Outsourcing

When the firm uses a service provider, it only communicates personal data to it after having obtained from the latter a commitment and guarantees on its ability to meet these security and confidentiality requirements.

In compliance with our legal and regulatory obligations, we conclude contracts with our subcontractors precisely defining the conditions and methods of processing personal data by the latter, in compliance with the regulations on the protection of personal data.

Cookies

Cookies are subject to a

cookie policies

.

The rights granted to you

The firm is particularly concerned about respecting the rights granted to you in the context of the data processing it implements, to guarantee you fair and transparent processing taking into account the particular circumstances and context in which your personal data is processed. .

12.1 Your right of access

As such, you have confirmation that your personal data are or are not processed and when they are, you have the right to request a copy of your data and information concerning:

the purposes of the processing;

the categories of personal data concerned;

the recipients or categories of recipients as well as, where applicable if such communication were to be made, the international organizations to which the personal data have been or will be communicated, in particular recipients who are established in third countries;

where possible, the planned retention period of personal data or, where this is not possible, the criteria used to determine this period;

the existence of the right to request from the data controller the rectification or erasure of your personal data, the right to request a limitation of the processing of your personal data, the right to object to this processing;

the right to lodge a complaint with a supervisory authority;

information relating to the source of the data when it is not collected directly from the persons concerned;

the existence of automated decision-making, including profiling, and in the latter case, meaningful information regarding the logic underlying it, as well as the significance and intended consequences of such processing for data subjects.

1Your right to rectification of your data

You can ask us to have your personal data, depending on the case, rectified or supplemented if it is inaccurate, incomplete, ambiguous or out of date.

12.3 Your right to erasure of your data

You can ask us to erase your personal data in the cases provided for by legislation and regulations.

Your attention is drawn to the fact that the right to erasure of data is not a general right and that it can only be granted if one of the grounds provided for in the applicable regulations is present.

Your right to limit data processing

You can request the limitation of the processing of your personal data in the cases provided for by legislation and regulations.

12.5 Your right to object to data processing

You have the right to object at any time, for reasons relating to your particular situation, to the processing of your personal data, the legal basis of which is the legitimate interest pursued by the data controller (see article below). above on the legal basis of the processing).

Your right to data portability

You have the right to portability of your personal data. We draw your attention to the fact that this is not a general right. Indeed, not all data from all processing is portable and this right only concerns automated processing, excluding manual or paper processing.

This right is limited to processing whose legal basis is your consent or the execution of pre-contractual measures or a contract.

This right does not include derived data or inferred data, which is personal data created by the firm.

Your right to withdraw your consent

When the data processing we carry out is based on your consent, you can withdraw it at any time. We then stop processing your personal data without calling into question previous operations for which you had consented.

12.8 Your right to appeal

You have the right to lodge a complaint with the CNIL (3 place de Fontenoy 75007 Paris) on French territory, without prejudice to any other administrative or legal recourse.

Your right to set post-mortem guidelines

You will also have, when this person has been designated by the executive power, to define general directives for the same purposes.

How to exercise your rights

All rights listed above can be exercised at the following email address

dpo@alain-bensoussan.com

or by post to the following address, Caboinet JUDILEX: 266 avenue Louis Lepine in SORGUES (84700), providing proof of your identity by any means.

Modification of this document

We invite you to regularly consult this policy on our website. It may be subject to updates.

In the event of a dispute or complaint, you can contact one of the Personal Data Protection Delegates: Cabinet Lexing Alain Bensoussan lawyers at 8 boulevard Gouvion-Saint-Cyr – 75017 Paris