Personal DATA Protection Policy
-
Purpose
This Policy informs you about the way your personal data is collected and used by HAVAS EVENTS, a general partnership with a capital of 10,000 euros, registered with the Nanterre Trade and Companies Register under number 521 902 882 and whose registered office is located at 29/30 quai de Dion Bouton, 92800 Puteaux in the context of the operation of the website accessible at the URL address https://havasevents.com/ in its capacity as data controller.
This policy is accessible from our home page and at the bottom of each page of the Website.
For more information on our group policy on the protection of personal data, please consult our Group policy.
We also invite you to consult our general terms and conditions of use, which are available on the Website.
-
Definitions
The terms below have the following meaning, in both the singular and plural:
• “personal data” means any information relating to an identified or identifiable natural person, directly or indirectly, within the meaning of the regulations;
• “data subject” means a natural person whose personal data is processed by HAVAS EVENTS;
• “regulations” means the regulations in force in France, applicable to the processing of personal data, in particular Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the “GDPR”) and Law No. 78-17 of 6 January 1978 on Data Processing, Data Files and Individual Liberties as amended;
• “data controller” means a natural or legal person who determines the means and purposes of the processing of personal data within the meaning of the Regulations;
• “processor” means a natural or legal person who processes data on behalf of the data controller in connection with a service;
• “Website” means the HAVAS EVENTS website accessible at the URL: https://havasevents.com/;
• “processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
-
How Do We Process Your Personal Data?
When you browse and interact with the Website, we may collect and process your data in order to manage activities conducted on our own account, as data controller.
Our agency respects the right of each individual, employee, applicant, customer, supplier, partner, administrator, subscriber, prospect or internet user to have their personal data protected. We observe the principles defined by the regulations:
• processing your personal data fairly, lawfully and in a transparent manner;
• collecting your personal data for explicit, specified and legitimate purposes, and not processing them further in ways incompatible with those purposes;
• ensuring that the personal data collected is relevant, proportionate and not excessive with regard to the purposes for which they are collected and processed. Personal data may be anonymized when feasible and appropriate, depending on the nature of the data and the risks associated with the intended uses;
• keeping your personal data accurate and up-to-date if necessary. We will take reasonable steps to rectify or delete inaccurate or incomplete data;
• personal data will be kept for the time necessary for the purposes for which they are collected and processed;
• personal data will be processed in accordance with the rights of individuals;
• technical, physical and organizational measures are taken to secure your data and prevent unauthorized access, unlawful processing and unauthorized or accidental loss, destruction or damage of personal data;
• processing your personal data in accordance with the legal bases for processing, including the collection of consent when required.
-
What Types of Personal Data Are Collected?
In our capacity as data controller, we collect and process your personal data after informing you in an appropriate manner.
The personal data we process includes:
• your identification data (your first name, last name, email address);
• your professional data (your educational and professional background for job applicants, your job title, home company);
• your login data: your IP address;
• your browsing data and expressed preference: traffic and browsing history on the Website, data from cookies and trackers.
We do not collect so-called “sensitive” personal data or special categories of personal data.
In general and barring exceptions, the use of the Website is reserved for adults.
-
What Is the Purpose, the Legal Basis for the Collection of Your Data and the Retention Period?
In accordance with the regulations, the personal data we collect is used for the purposes for which they have been collected for the period of time indicated in the table below.
The processing operations we carry out have the following purposes, legal bases and retention periods:
| Purposes
|
Legal Basis
|
Retention period
|
| Application management
|
Legitimate interest
|
2 years
|
| Management of cookies and other website trackers
|
Consent
Legitimate interest (technical cookies)
|
Periods specified in the Website cookies policy
|
| Management and follow-up of contact requests
|
Legitimate interest
|
Time required to process the request
|
| Reporting and securing access to websites
|
Legitimate interest
|
6 months to 1 year maximum
|
| Exercising your personal data rights
|
Legal and regulatory obligation
|
1 year or 6 years from the request to exercise the right, according to the right exercised
|
In the event of litigation/proceedings, particularly legal proceedings, initiated before the end of the above periods and which require the retention of personal data, particularly with a view to the establishment, exercise or defense of rights, such personal data shall be retained for the duration of said proceedings and until the exhaustion of the legal remedies.
-
Who Are the Recipients of Your Data?
Your personal data may be disclosed to staff in the following departments, according to their powers and authorizations and only if necessary for their activity, according to the purposes strictly pursued:
• Internal recipients: Communication, Digital and IT departments.
• External recipients: The hosting provider of our Website, our duly authorized partners, service providers and subcontractors which we may use to carry out our activities, public authorities, court officers and ministerial officers where applicable.
-
Data Transfer
We prioritize the transfer of personal data within Europe. However, your personal data collected and processed for the purposes described above may in certain cases be transmitted to companies outside the European Union. Some of these countries have an adequate level of data protection.
In other cases, please note that the transfers of your personal data to other entities outside the European Union are governed by the implementation of appropriate safeguards to ensure the confidentiality and security of the transferred data. We may, in this regard, conclude contractual clauses with the recipients of such data in accordance with the recommendations of the European Commission to ensure that appropriate safeguards are taken regarding the protection of said data.
-
Security and Subcontracting
We place particular importance on the security of your personal data.
Therefore, we have implemented technical and organizational measures tailored to the nature of the personal data, in order to ensure the integrity and confidentiality of such personal data and to protect them against malicious intrusion, loss, alteration or disclosure to unauthorized third parties.
When we use a processor, we only disclose personal data to it after having obtained a commitment and guarantees from said processor regarding its ability to meet the security and confidentiality requirements and entered into a written contractual commitment with it.
-
Third-Party Websites and Social Networks
The Website may provide links to third-party applications or websites to facilitate your browsing and for your information. If you access these links, you will leave the Website. HAVAS EVENTS does not control these third-party websites or their privacy and data protection practices, which may differ from ours. We accept no responsibility for their content or their practice in terms of personal data protection. Personal data you choose to provide via such websites or which are collected by such third parties are not covered by the Data Protection Policy of this Website. We encourage you to review the privacy policy of any website with which you interact before allowing your personal data to be collected and used. We also provide links to social networks. When you use these links, information about you may be collected or shared. We encourage you to review the privacy policies of the social networks with which you interact. In any event, HAVAS EVENTS may not be held liable for such third-party uses which are not its responsibility.
-
Cookie Management
The management of cookies on the Website is the subject of a cookie policy available on the Website.
-
What Are Your Personal Data Rights?
HAVAS EVENTS is particularly concerned about respecting the rights granted to you in connection with the data processing it implements, to guarantee fair and transparent processing with regard to the particular circumstances and context in which your personal data are processed.
Your right of access
In this respect, you have the right to obtain confirmation as to whether or not your personal data is being processed and, where it is being processed, you have the right to request a copy of your data and information concerning:
• the purposes of the processing;
• the categories of personal data concerned;
• the recipients or categories of recipients and, where applicable, if such disclosure were to be made, the international organizations to which the personal data have been or will be disclosed, in particular recipients established in third countries;
• where possible, the envisaged retention period of the Personal Data or, where this is not possible, the criteria used to determine that period;
• the existence of the right to request from the data controller rectification or erasure of your Personal Data, the right to request a restriction of the Processing of your personal data and the right to object to such Processing;
• the right to lodge a complaint with a supervisory authority;
• information relating to the source of the Data when they are not collected directly from you;
• the existence, where appropriate, of automated decision-making, including profiling, and, in the latter case, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing.
Your right to have your data rectified
You can ask us for your personal data to be corrected or completed if they are inaccurate, incomplete, ambiguous and/or outdated, as the case may be.
Your right to have your data erased
You can ask us to erase your personal data in the cases provided for by the regulations.
Please note that the right to erasure of data is not a general right and that it can only be granted if one of the reasons provided for in the applicable regulations is present.
Your right to restrict data processing
You may request the processing of your personal data to be restricted in the cases provided for by the regulations.
Your right to object to data processing
You have the right to object at any time, on grounds relating to your particular situation, to a processing operation concerning your personal data whose legal basis is the legitimate interest pursued by the data controller.
If you exercise such a right to object, we will ensure that we no longer process your personal data in relation to the processing operation concerned unless we can demonstrate that we can have compelling legitimate grounds for maintaining such processing operation. These grounds must override your interests and rights and freedoms, or the processing must be justified for the establishment, exercise or defense of legal claims.
Your right to data portability
You have the right to data portability with regard to your personal data. Please note that this is not a general right. Indeed, all the data of all processing operations are not portable and this right only concerns automated processing, excluding manual or paper processing operations.
This right is limited to processing operations whose legal basis is your consent or the performance of pre-contractual measures or a contract.
Your right to withdraw consent
When the data processing operations we implement are based on your consent, you can withdraw it at any time. We then stop processing your personal data without the previous operations to which you had given your consent being called into question.
Your right to lodge a complaint
You have the right to lodge a complaint with the supervisory data protection authority in your country of residence, without prejudice to any other administrative or judicial remedy.
Your right to define post-mortem instructions (France)
In accordance with the French Data Protection Act of 6 January 1978, as amended, you have the right to define instructions relating to the retention, erasure and disclosure of your personal data after your death in accordance with the procedures set out below.
How to exercise your rights
You can exercise your rights with the Havas DPO:
at the email address: dpo@havas.com
or by post to: Havas Data Protection Officer, 29/30, quai de Dion Bouton, Puteaux Cedex 92800 France.
We will reply as soon as possible and in any event within one month of receipt of the request. We may, as necessary, extend this period by two months, taking into account the complexity and number of requests, and we will specifically inform you of this.
If, in Europe, you have a complaint about your rights, you can contact the competent supervisory authority.
-
Changes to the Privacy Policy
HAVAS EVENTS reserves the right to amend this policy if necessary, for example, to comply with a change in law, regulations, agency practices and procedures or requirements imposed by data protection authorities. The new policy will be published on the Website. Please check it regularly.
If you have any questions or comments about this policy, please contact our group DPO whose contact details can be found in Article 11 above.
Last updated: June 2024