SCOPE OF THE POLICY

GTH places the utmost importance and care on protecting privacy and personal data, as well as complying with applicable regulations.

Regulation (EU) 2016/679 of April 27, 2016, on the protection of natural persons regarding the processing of personal data and the free movement of such data (hereinafter “GDPR”), states that personal data must be processed lawfully, fairly, and transparently. Therefore, this privacy policy (hereinafter the “Policy”) aims to provide simple and clear information about the processing of personal data concerning you during your navigation and interactions on our website.

DATA CONTROLLER

While using the website https://groupe-gth.com/, we collect and process personal data related to you, natural persons (hereinafter referred to as “Data Subjects”).

For all processing activities, GTH, a simplified joint-stock company registered with the RCS of Nanterre under No. 318 744 406 and headquartered at 27 RUE CAUCHY, 75015 PARIS, determines the means and purposes of the processing. Thus, we act as the Data Controller under personal data regulations, particularly Regulation (EU) 2016/679.

TYPES OF DATA COLLECTED

By using our website, you share certain information about yourself, some of which may identify you (“Personal Data”). This occurs, for example, when you browse the site or complete online forms.

The nature and quality of personal data collected depend on your interactions with GTH, primarily including:

  • Identification Data: Information enabling us to identify you, such as your name and email address.
  • Navigation Information: Data collected as you browse and interact with our website.
  • Data from Third Parties: Personal data you have agreed to share with us via social media or public sources.

WHY AND HOW DO WE COLLECT YOUR PERSONAL DATA?

PROCESSING METHODS

We collect your personal data for specific purposes based on various legal grounds:

  • Purposes of Processing:
    • Managing your contact requests.
    • Conducting marketing and commercial prospecting activities.
    • Managing newsletters.
    • Managing cookies requiring your consent.
  • In GTH’s Legitimate Interest:
    • Generating statistics to improve products and services.

LEGAL BASIS FOR PROCESSING

The Data Controller may process personal data if one of the following conditions applies:

  • Users have given consent for one or more specific purposes.
  • Data is necessary for fulfilling a contract with the user or pre-contractual obligations.
  • Processing is required to comply with a legal obligation.
  • Processing is necessary for tasks carried out in the public interest or the exercise of official authority.
  • Processing is necessary for the legitimate interests of the Data Controller or a third party.

The Data Controller will help clarify the specific legal basis for processing, especially regarding whether providing personal data is a legal or contractual requirement.

DO WE SHARE YOUR PERSONAL DATA?

Your data may be shared with:

  • GTH Employees: Responsible for managing contracts and legal obligations.
  • Entities within the GTH Group: For outsourced activities.
  • Service Providers/Subcontractors: Such as:
    • OVH
    • ACONSEIL

These providers are bound by agreements ensuring data confidentiality and security. Only necessary data is shared, and secure methods are employed during transmission.

DATA TRANSFERS OUTSIDE THE EU

GTH strives to store personal data within France or the European Economic Area (EEA). However, some data may be transferred to other countries, for example, if providers are located outside the EEA. In such cases, we ensure that transfers:

  • Are to countries offering adequate protection levels.
  • Follow standard contractual clauses or corporate rules.

DATA RETENTION PERIOD

We retain personal data only as long as necessary for its intended purpose, complying with legal obligations. Retention periods vary depending on:

  • GTH’s business needs.
  • Contractual requirements.
  • Legal obligations.

Retention examples:

PurposeRetention Period
Commercial and marketing prospecting2 years from the last contact
Newsletter management5 years from the last contact
Cookie management requiring consent6 months from the last agreement

HOW DO WE PROTECT YOUR PERSONAL DATA?

GTH is committed to safeguarding the personal data we collect against loss, destruction, alteration, unauthorized access, or disclosure. Measures include:

  • Restricted access to data for authorized personnel.
  • Pseudonymization or encryption of data.
  • Regular updates to security practices and policies.

YOUR RIGHTS

Under GDPR, you have the following rights:

  1. Right to Information: Receive clear and complete details about the use of your data.
  2. Right to Access: Obtain a copy of your personal data.
  3. Right to Rectification: Correct inaccurate or outdated data.
  4. Right to Erasure: Request data deletion under certain conditions.
  5. Right to Object: Oppose data processing for reasons related to your situation.
  6. Right to Withdraw Consent: Revoke consent at any time.
  7. Right to Data Portability: Request data transfer in a reusable format.
  8. Right to Define Post-Mortem Instructions: Specify data handling after death.

To exercise your rights, contact our Data Protection Officer (DPO): rgpd@groupe-gth.com.

If unsatisfied, you may lodge a complaint with the CNIL:
3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07

PRIVACY POLICY UPDATES

This Policy may be updated to reflect changes in data protection regulations.

Last Updated: 19/09/2024

Scroll to Top