Personal Data means any information relating to an identified or identifiable person (a data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
AXA Partners Holding SA, ”Société anonyme” registered in Nanterre Trade and Companies Register under the number 410.011.208, acts as the Data Controller in the processing of YOUR Personal Data (meaning that it determines the purposes and means of the processing of the said data).
The Data Controller for Personal Data will be hereinafter referred to “US” or “OUR”.
What personal data do we collect?
WE collect the following types of Personal Data about YOU:
· Identification and contact data, such as last name, first name, telephone number and email address.
· Professional data, such as business sector, profession, the country in which YOU perform YOUR job, company name, professional email address.
WE process the categories of Personal Data listed above for the following purposes:
· To provide an answer to any requests for information that YOU may have sent US via forms;
· allow YOU to receive AXA Partner newsletters.
What special categories of personal data do we collect?
WE do not process special categories of Personal Data (namely information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation).
How do we use your personal data?
YOUR Personal Data is collected and used for the aforementioned purposes on the basis of the consent that YOU grant on the contact form.
YOU are free to withdraw YOUR consent at any time. However, remember that if YOU do withdraw YOUR consent, YOU will no longer receive any newsletters and will no longer be able to engage in discussions via the contact form. This withdrawal, however, will not affect the lawfulness of any processing carried out prior to YOUR withdrawal.
When do we share your personal data?
WE communicate YOUR Personal Data that WE collect via axapartners.com only to identified and authorised recipients.
These recipients are the following:
· Entities of AXA Partners Group which will be best able to grant YOUR requests;
· Where applicable, entities of AXA Group to which AXA Partners belongs, if WE believe that these requests were intended for them;
· French authorities (administration, regulators, jurisdictions).
As a general rule, these recipients are located within the European Union (EU) or in countries outside the EU which provide an adequate level of protection (meaning that YOUR Personal Data is afforded the same level of security as in the EU).
Please be advised that YOUR Personal Data may also be transferred to entities within the Group located in countries which do not provide an adequate level of protection; in such cases, AXA Partners provides guarantees to ensure the security and confidentiality of YOUR Personal Data, ensuring that such transfers are governed by Binding Corporate Rules (BCR).
How do we protect your personal data?
WE use appropriate technical and organisational measures designed to protect the Personal Data that WE collect and process about YOU. These measures are designed to provide a level of security appropriate to the risks of processing YOUR personal information, in line with AXA Partners' standards.
How long will your personal data be kept?
The Personal Data required for processing shall be kept in compliance with the information presented below:
Sending of messages via the contract form: 1 year
Sending of newsletters: until users unsubscribe.
What are your rights in relation to your personal data?
In accordance with the French ”Informatique et Libertés” Law (the law on data protection and civil liberties) n° 78-17 of 6 January 1978 (amended) and the GDPR, YOU are entitled to:
· access YOUR Personal Data: You have the right to request access to the personal data We process about you, and to obtain a copy of that data,
· rectify YOUR Personal Data: YOU have the right to ask US to rectify or complete the Personal Data that We process about YOU that are inaccurate, incomplete, or not up to date,
· request the limitation of the processing of YOUR Personal Data: YOU have the right to ask US to limit the processing of YOUR personal data. This means that the Data Controller may simply keep YOUR data but may not process or use it in any other way,
· decide what happens to YOUR Personal Data after YOUR death: YOU have the right to give us instructions as to how YOUR Personal Data should be used after YOUR death.
Based on the legal basis for the processing of YOUR personal data, YOU have also the right to:
· request the deletion of YOUR Personal Data: YOU have the right to ask US to delete YOUR Personal Data, except where the processing is based on the performance of a legal obligation of the Data Controller,
· right to portability of YOUR Personal Data: YOU have the right to receive the Personal Data YOU have provided to US in a suitable format and have the right to transfer that data to another data controller without US interfering but only where the processing is based on the performance of a contract or YOUR consent.
In any case, YOU have the right to object to the marketing of YOUR data. Please note that AXA Group does not market YOUR personal data.
YOU can send any requests pertaining to YOUR rights and YOUR Personal Data to OUR Data Protection Officer at email@example.com.
YOU may be asked to provide further information to confirm YOUR identity and / or to facilitate locating the Personal Data associated to YOUR request.
Finally, YOU have the right to inform raise any concerns about how YOUR Personal Data is being processed with a competent supervisory authority, namely the authority of the Member State of YOUR habitual residence or place of work or place where YOU believe an alleged infringement to your rights occurred.
In France, the personal data protection authority is the Commission nationale de l’informatique et des libertés (CNIL) – 3 place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07.
Update of the personal data protection policy
Version dated 17 February 2022