Personal data protection charter


1. Objectives of the Personal Data Protection Charter

Acknowledging the importance of respecting the privacy of Users (hereinafter “You”), the Site Publisher is making available its Personal Data Protection Charter to inform You in the most transparent manner of the processing carried out when using the Site’s Product and Services (such as subscriptions to newsletters, mailings, surveys, etc.). This charter complies with the regulations in force and in particular with Regulation (EC) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (GDPR), and repealing directive 95/46/CE.

This Personal Data Protection Charter is an integral part of the General Conditions for Using the Site. This charter describes the methods for collecting, storing and processing Personal Data about You obtained at the time you viewed the Site or registered to use it.

2. Personal Data

In general, the Site Publisher undertakes to ensure that the Personal Data about You:

– is obtained and processed fairly and lawfully and in a transparent manner;

– is collected for specific and lawful purposes on the basis of the legitimate interest of the Site Publisher to communicate about its business field, inform You, and improve our Products and Services;

– is used in accordance with these purposes;

– is adequate, relevant and not excessive in relation to these purposes while respecting the principle of minimisation.

The various categories of Personal Data collected when using the Services offered on our Site are as follows:

– Identification data (including last name, first name, customer number);

– Contact data (including postal or email address);

– Usage data (including web pages visited, URLs clicked);

– Connection data (including your computer’s IP address, connection and usage logs);

– Commercial data (list of Products and Services from which You benefit);

– Content data.

The various categories of Personal Data collected in relation to managing applications in order to recruit (CV, interview reports, etc) are processed by the Site Publisher in its capacity as data controller on the basis of the company’s legitimate interest to evaluate the applicant’s capacity to hold the employment(s) which could be proposed during the data retention of his data, as well as the need to take prior measures at the conclusion of an employment contract. They are the following:

– Identification data of the applicants (including first name, last name, photograph, date of birth, postal address, phone number, e-mail address);

– Professional experience, educational background, languages.

3. Recipients

Your Personal Data may be processed by authorised personnel (marketing, sales, customer relations, administration, HR and functional support) of Sopra Banking Software and other entities of the Site Publisher.

If these recipients are required to process your Personal Data outside the European Union, the data transfers shall be made in compliance with the Regulations.

 4. Purposes

– Personal Data is collected for the following purposes:

– Information dissemination

– Managing and administering User accounts

– Managing User requests

– Managing User reviews

– Moderating blogs, market research, competitions and promotional operations

– Custom research studies for market research purposes

– Statistics

– Surveys and polls

– Managing newsletter subscriptions

– Recruitments and training campaigns management, planning of HR development actions, employment contracts management

5. User Rights

The Site Publisher agrees that You shall have: 

– rights of access, rectification, deletion, portability, limitation, opposition and definition of instructions regarding the fate of your Personal Data after your death by way of a request sent by post or email to the Site Publisher responsible for processing your data (your requests shall be considered within a maximum of one month).

The rights defined in this article shall be exercised by sending an email to the Data Protection Officer (DPO) at [email protected] or by post to this address: 

Sopra Banking Software, Direction Juridique,

6 avenue Kleber

75116 Paris

You also have the right to file a complaint with the French data protection supervisory authority, the Commission Nationale de l’Informatique et des Libertés (CNIL), if the Site Publisher fails to comply with its obligations under the legislation/regulations in force, or to refer the matter to any competent judge.

The Personal Data communicated to You under your personal data access rights shall be done personally and confidentially. As such, in order for your access request to be accepted, You must send the necessary details required to identify you, namely, a sworn written certificate that certifies that You are the owner of said Personal Data and a photocopy of an identity document.

6. Retention of Personal Data

The Site Publisher keeps Your Personal Data only for as long as necessary to fulfil the above purposes or to enable us to meet our legal obligations.

The Personal Data relating to the management of recruitments is kept during a twenty four (24) month period after the last contact of the applicant by Sopra Banking Software.

7. Collection and Use of Personal Data

7. 1. Registration Data

If You are a customer of the Site Publisher’s Products or Services, the Site Publisher may send You, by post and/or email, in the form of a newsletter (hereinafter “Newsletter”), information to provide You with additional information on the Site Publisher’s Products or Services and, with your agreement, the Products or Services of the Group’s Companies (periodic newsletters). In the event that You no longer wish to receive a Newsletter, You may unsubscribe at any time by clicking on the link provided in those Newsletters.

7. 2. Cookies

When you visit our site, the Site Publisher may install a “cookie” on your computer. A “cookie” is used to store information relating to how your computer browses the Site (the pages viewed, the date and time they were viewed, etc.). The Site Publisher may read this cookie at the time of your next visit. However, a cookie does not allow the Site Publisher to identify You directly. Thus, the information You provide to the Site Publisher by filling out a questionnaire shall not be requested again.

These cookies ensure that the Site functions optimally. You may block and delete them using your browser settings; however, this may degrade your User experience.

The following cookies are used on our Site:

– Session cookies that store technical information as you navigate from one page to another on our Site. These cookies have a limited lifespan and expire when you close your browser.

– Feature-related cookies used in particular to recognise you at the time of your next visit to the Site and to personalise the site accordingly.

– Google Analytics audience measurement cookies: These cookies are used to anonymously collect information on website users. The information is used to produce reports and help us improve the Site. You can view Google’s privacy policy at https://support.google.com/analytics/answer/6004245?hl=fr.

The procedure for disabling cookies depends on your internet browser. You may at any time choose to disable one or more cookies, prevent them from being stored or withdraw your consent. You are free to accept or reject cookies on a case-by-case basis or to block them on a systematic basis. Your browser can also be set to notify you when cookies are being installed on your device and ask you whether you accept them or not.

Your browser settings can be changed as follows:

Internet Explorer:

Tools; Internet Options; Privacy.

Chrome:

Settings; Advanced settings: Privacy; Content settings; Cookies.

Mozilla Firefox:

Tools; Options; Privacy.

Safari:

Safari; Preferences; Privacy.

If your browser is not listed above, please refer to your browser’s “Settings” tab and to the “Options” or “Preferences” menu.

Please note that your cookie settings may affect your access to the Site and its features, or change the way they work, and may thus limit its performance.

8. Disclosure of Personal Data

The Site Publisher shall under no circumstances share or disclose your Personal Data, except in the following cases: 

– when You have given the Site Publisher your prior consent (for example for direct marketing activities);

– when the Site Publisher must share your Personal Data with suppliers, service providers and in particular its technical service providers to enable You to use the Site and/or provide You with the information You have requested (storage of personal data on our Internet server hosted by our service provider);

– when the Site Publisher is required to do so by a judicial authority or by law.

9. Security

The Site Publisher makes every effort to protect your Personal Data against any form of damage, loss, misappropriation, intrusion, disclosure, alteration or destruction, in particular by:

– the use of an entry control system, using name badges, at sensitive sites and premises, including computer rooms;

– the protection of sites and premises by an anti-intrusion alarm system, supported by a security guard during non-working hours and/or days;

– restricting administration of the Site and access to its data to authorised persons only;

– the implementation of preventive and remedial security and control procedures for managing security incidents.

Employees of the Site Publisher who, owing to their job function, have access to your Personal Data are required to maintain the utmost confidentiality when processing your Personal Data.