Personal Data Protection Policy
This Personal Data Protection Policy (the Policy) purports to inform the clients of NIMBLE Legal and Contract Solutions (including their employees, representatives and managers) (the Clients) and the users of its website accessible at https://www.nimble-lcs.com (the Website) on how Geißel Federn Partners (GFP), the operator of the Website, is processing their personal data pursuant to the applicable laws and regulations (notably European Regulation 2016/679 of April 27, 2016 known as the General Data Protection Regulation (GDPR) and Law No. 78-17 of January 6, 1978) (the Applicable Legislation) and on its commitments to protect the said personal data. As used herein, the terms: « Personal Data », « Processing », « Processor » and « Subcontractors » shall have the meaning given to them in Article 4 of the GDPR.
1/What personal data do we process?
In the course of its business relationship with its Clients, and in the course of its interacting with the users of the Website, GFP collects and processes Personal Data. In the context of its business relationship with its Clients, GFP, in its capacity as Controller, implements Processing of Personnal Data, in compliance with Applicable Legislation, for the purposes of: (a) marketing, contract and accounting management of its Clients; (b) managing the assignments entrusted with it by its Clients; (c) carrying out studies and analysis; and (d) communicating with its Clients through appropriate means (e.g. newsletters, press releases, invitations to training sessions or other events organised by GFP); the foregoing in a purely professional context. Similarly, in the context of its interacting the users of the Website, GFP, in its capacity as Controller, implements Processing of Personnal Data, in compliance with Applicable Legislation, for the purposes of communicating though appropriate means with the said users who have registered to newsletters, press releases, invitations to training sessions or other events organised by GFP, the foregoing in a purely professional context.
2/What legal grounds do we rely on to use and process your personal data?
GFP Processing of Personnal Data is based on the following legal grounds: (a) the assignment entrusted with GFP i.e. Processing Personnal Data relating to GFP carrying out its missions thereunder, managing the relevant contracts, invoicing services and following up its contractual relationship with its Clients; (b) GFP legitimate interests, in particular its economic interests: Processing Personnal Data relating to marketing initiatives that contribute to improving GFP services and benefit its Clients, the users of the Website, and GFP, while preserving its Clients’ interests, rights and fundamental liberties; (c) GFP compliance with legal requirements i.e. Processing Personnal Data relating to GFP accounting and tax obligations.
3/How long do we keep your personal data and who can access them?
The Personal Data collected and processed in this context, as well as the entire file associated with you or your company or organization, are kept during the entire period of our contractual relationship and for the applicable statute of limitation period i.e. 5 years, unless a longer period applies for accounting or tax reasons i.e. 10 years. The Personal Data collected and processed in this context can be accessed by the competent internal departments i.e. our lawyers (and, as applicable, interns), our billing department, our communication department and our IT department. These Personal Data may be transmitted to third parties, acting as Subcontractors, for the performance of hosting, storage, communication, data processing, database management, IT maintenance or other services, under GFP supervision. Such Subcontractors will be under the same security and confidentiality obligations as GFP. Any and all Personal Data collected and processed in this context will be hosted in the European Union and will not be subject to any transfer outside the European Union.
4/What are Cookies? Why do we need them? How do we use them?
5/What are your rights?
Pursuant to Applicable Legislation, you have: (a) a right to access, to rectify and to erase your Personal Data; (b) a right to restriction of Processing; (c) a right to object to Processing of your Personnal Data; and (d) a right to the portability of your Personnal Data (including the right of issuing to GFP special instructions regarding what should happen to your Personal Data after your death). To exercise these rights, you can send us a request by email to: firstname.lastname@example.org or by postal mail to: Geissel Federn Partners, 11 Boulevard Sebastopol, 75001 Paris, France, specifying your surname, name and address and accompanying your request by a copy of both sides of your ID document. You can object to receiving any communication from GFP by sending an email to one of the addresses indicated above or by unsubscribing from these services. In case of any difficulty with the management of your Personal Data, you can lodge a complaint with the French Data Protection Authority (CNIL) or any other competent authority. However, we would appreciate if you could contact us before lodging any such complaint. As a Client, you are responsible for sharing this Policy with any of your employees, representatives and/or managers whose Personal Data may be processed by GFP in the performance of matters on which you instruct us.