Charter relating to protection of clients’ personal data

Information relevant to the use of the AssessFirst service.

1. Definition and nature of personal data

During your use of the site http://www.assessfirst.com (hereinafter referred to as the
“Website”), we may ask you to provide us with personal data about you.
The term “personal data” means any data that enables a person to be identified, which
corresponds in particular to your surname, first name, gender, postal and email addresses,
telephone numbers, date of birth, spoken language, sector, job title, position, level of
education, level of career, as well as any other information that you may provide relating to
your professional skills and experience, business name, business postal address, business
phone numbers, internet website address, intra-community VAT number, data related to your
transactions on the Website, details concerning your subscriptions, as well as any other
information that you chose to send us about you.

 

2. Purpose of this Charter

The purpose of this charter is to inform you of the means that we use to collect your personal
data, with the strictest respect for your rights.
We would like to point out to you on this subject that we comply, in the collection and
management of your personal data, with the current version of the French law N° 78-17
dated 6th January 1978 on Computer Processing, Filing Systems and Liberties.

 

3. Identity of the entity responsible for collecting data

The entity responsible for collecting your personal data is AssessFirst, a simplified joint-stock
company, registered under number 443 179 684 with the Registry of Trade and Companies
of Paris, whose head office is located at 20, Rue du Sentier, 75002 Paris, France (hereinafter
referred to as: “Us” or “We”).

 

4. Collecting Personal Data

Your personal data is collected to meet one or several of the following requirements:
(i) To manage your access to certain services available on the Website and their
use.
(ii) To carry out operations relating to client management concerning contracts,
orders, deliveries, invoices, loyalty schemes, follow-up with clients, etc.
(iii) To make up a file of registered members, users, clients and prospects.
– 2 –
(iv) To send newsletters, entreaties and promotional advertisements. If you do not
wish to receive these, we offer you the option to express your refusal in this
regard when your data is being collected.
(v) To provide commercial and web traffic statistics for our services.
(vi) To organize competitions, lotteries or any other promotional campaigns with the
exception of online gambling which is subject to the Regulatory Authority for
Online Gaming.
(vii) To manage reviews on products, services or content.
(viii) To manage unpaid invoices and potential disputes regarding the use of our
products and services.
(ix) To respect our legal and regulatory obligations.
We will inform you, when requesting your personal data, if certain data must be provided or if
it is optional. We will also inform you of the consequences should you not wish to provide this
data.

 

5. Recipients of the collected data

Only our company’s staff, authorities in charge of audits (external auditors in particular) and
our subcontractors will have access to your personal data.
Government agencies may also be recipients of your personal data, exclusively to meet our
legal obligations, or representatives of the law, ministerial officers or organisations
responsible for the collection of debts.

 

6. Transfer of Personal Data

Your personal data may be transferred, loaned or exchanged with third parties. If you agree
to this, we offer you the option to check a box expressing your agreement when your data is
being collected.

 

7. Duration that Personal Data is held

(i) Concerning your data relating to client and prospect management:
Your personal data shall not be held any longer than is strictly necessary for the
management of our business with you. However, data that enables a right or a contract to be
proven, that must be held as a legal obligation, shall be held for the term stipulated by the
law in force.
Concerning potential prospecting operations for clients, their data may be held for a period of
three years after the termination of the business contract in question.
Personal Data relating to a prospect, who is not a client, may be held for a period of three
years from the moment it is collected or from the last contact with the prospect.
At the end of this period of three years, we may contact you again in order to find out if you
wish to continue to receive commercial prospecting.
– 3 –
(ii) Concerning identity documents:
In the event of exercising the right to access and rectify collected personal data, information
related to identity documents may be held for the period provided for in Article 9 of the
French Code of Criminal Procedure, that being one year. In the event of exercising the right
of opposition, this data may be archived throughout the statute of limitation provided for in
Article 8 of the French Code of Criminal Procedure, that being three years.
(iii) Concerning data relating to banking cards:
We do not keep data relating to banking cards any longer than the time necessary to enable
the transaction to be processed, with the exception of our subscriptions, to facilitate payment
by our regular clients. In this case, this data is held throughout the term of your subscription
and at least until you carry out your last transaction.
By checking the box on our Website expressly reserved for this purpose, you give us your
express consent to keep this data.
Your banking card’s security code or CVV2 code is not stored.
In the event of payment by banking card, data relating to the card may be held for the
purposes of evidence in the event the transaction is contested, in intermediary archives, for
the period stipulated in Article L 133-24 of the French Monetary and Financial Code, namely
13 months following the date the card is debited. This period may be extended to 15 months
in order to take into account the possibility that deferred payment cards were used.
(iv) Concerning the management of opposition lists receivable from prospecting:
Information allowing your right of opposition to be taken into account is held for a minimum of
three years from the moment you exercise this right of opposition.
(v) Concerning web audience analysis statistics:
Information stored in users’ terminals, or any other element used to identify users and enable
tracking or traffic analysis, is not held any longer than 6 months.

 

8. Security

For your information, we take all necessary precautions and appropriate organisational and
technical measures to maintain the security, integrity and confidentiality of your personal
data, and especially to prevent it from being deformed or damaged and to prevent any third
party from accessing it. We also use secured state-of-the-art payment systems that comply
with any applicable regulations.

 

9. Cookies

Cookies are text files that are often encrypted and are stored in your browser. They are
created when a user’s browser loads a given website: the website sends information to the
browser, which then creates a text file. Each time the Client comes back to the same
website, the browser recovers the file and sends it to the website’s server.
– 4 –
There are two types of cookie and they do not have the same purpose: technical cookies and
advertising cookies:
Ø Technical cookies are used throughout your browsing in order to facilitate certain
functions. A technical cookie can be used, for example, to remember answers previously
filled in to a form, or a user’s language or presentation preferences for a website, when
these options are available.
Ø Advertising cookies can be created not only by the website which the user is visiting but
also by other internet websites displaying advertisements, ad banners, widgets or other
elements on the page that is being displayed. These cookies can be used to carry out
targeted advertising for example, which is advertising that is determined by the user’s
browsing habits.
We use technical cookies. These are stored in your browser for a period of 6 months.
We do not use advertising cookies. However, if we should decide to use them in the future,
we will inform you prior to this and you will have the option to deactivate these cookies
should you wish.
We use an audience analysis statistics tool that generates a cookie that enables us to
measure the number of visits to our Website, the number of page views and visitors’ activity
on the Website. This cookie is stored for a maximum of 6 months. Your IP address is also
collected to determine the city you are connecting from.
We would like to remind you that you may refuse cookies by configuring your browser to this
end. However, such a refusal may prevent the Website from functioning correctly.

 

10. Consent

When you choose to provide your personal data you expressly give your consent for the
collecting and use of this data in compliance with the provisions set forth in this charter and
the legislation in force.

 

11. Access to your personal data

In accordance with French law N° 78-17 dated January 6, 1978 on Computer Processing,
Filing Systems and Liberties, you have the right to obtain and, where appropriate, correct or
delete information concerning you.
For this, you may contact us at:
– Email Address: hello@assessfirst.com
– Postal Address: AssessFirst, 20, Rue du Sentier, 75002 Paris, France.
– 5 –
By way of reminder, any person may, for legitimate reasons, oppose the processing of their
Personal Data.

 

12. Amendments

We reserve the right, at our sole discretion, to modify all of this charter or any portion thereof.
These changes will be effective from the time of publication of the new charter. Your use of
the Website following the entry into force of these changes shall constitute acknowledgement
and acceptance of the new charter. If you are not in agreement with the new charter, you
should refrain from accessing the Website.

 

13. Entry into Force

This charter becomes effective on January 4, 2015.