What personal data do we collect ? what special categories of personal data does C-RISK SAS process about you ? How do we use your personal data ? When do we share your personal data ? How do we keep your personal data secure ? For how long will your personal data be retained ? What are your rights in relation to your personal data ? Updates to the privacy notice
In this context, Personal Data means any information relating to an identified or identifiable natural person (a Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
For the purposes of this notice, as a Data Subject and user of C-Risk’s website, you will be hereinafter referred to as ‘’You’’/“Your”.
C-RISK SA, “société anonyme par actions simplifiée” registered in the Nanterre Trade and Companies Register under the number 823 709 050, acts as a Data Controller in the processing of Your personal data (i.e. it determines the purposes and means of the processing of said data). It will hereafter be referred to as ‘’We’’/ “Our”.
We collect/process the following Personal data about You:
We process the Personal Data above for the following purposes:
In the context of your utilization of our website, we do not collect any special categories of Personal Data.
Your personal data are collected and used for the aforementioned purposes on the basis of Your consent.
Please note that You can withdraw Your consent at any time. However, if You decide to do so, You will no longer be able to receive newsletters or communicate with C-RISK via online forms. This withdrawal, however, does not affect the lawfulness of any processing carried out prior to Your withdrawal.
We communicate Your Personal Data only to identified and duly authorized recipients. These include:
Please be advised that Your Personal Data can be transferred outside of the European Union.
In that case, We provide safeguards to ensure the security and the confidentiality of Your Personal Data, by framing the transfer through the Standard Contractual Clauses adopted by the European Commission .
We use appropriate technical and organizational measures designed to protect the Personal Data collect about You. These measures are designed to provide a level of security appropriate to the risk of processing Your personal information in line with C-RISK standards.
The collected Data needed will be retained according to the following table:
Purpose of Personal Data
Personal Data processed for newsletters
Until user unsubscribes
Personal Data sent through online forms and included in your resume
Personal Data processed for questions during live broadcasts
In accordance with the French "Informatique et Libertés" law (the law on data protection and civil liberties) n° 78-17 of 6 January 1978 modified and the GDPR, You have the right to:
Please be aware that if you are a French Data Subject, as per national law, you have the right to decide how your data will be used after Your death.
Considering the legal basis for the Processing is your consent, please be reminded that You may withdraw said consent at any time. If You decide to do so, You will no longer be able to receive newsletters or communicate with C-RISK via online forms. This withdrawal, however, does not affect the lawfulness of any processing carried out prior to it.
You can exercise Your rights by contacting Our Data Privacy Officer at www.c-risk.com/gdpr. As part of Our response to Your request, You may be asked to provide further information to confirm Your identity and/or to facilitate locating the Personal Data associated to your request.
Finally, You have the right to raise any concerns about how Your personal data is being processed with a competent supervisory authority, namely the authority of the Member State of Your habitual residence or place of work or place where you think an alleged infringement to your rights occurred.
In France, the data protection authority is the Commission nationale de l'informatique et des libertés, or “CNIL”
- 3 place de Fontenoy - TSA 80715 – 75334 Paris Cedex 07
Date of the last update : 03 September 2020