In this context, “Personal Data” means any information relating to an identified or identifiable natural person (a “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
For the purposes of this Policy, as a Data Subject and user of the Website, you shall be hereinafter referred to as ‘’You’’/“Your”.
AXA Climate, “société par actions simplifiée à associé unique” registered in the Paris Trade and Companies Register under the number 493.363.378, acts as a controller in the processing of Your Personal Data (i.e. it determines the purposes and means of the processing). AXA Climate shall herineafter be referred to as ‘’We’’/“Our”/”Us”.
1.What Personal Data do We collect?
We collect and process the following categories of Personal Data when You use the Website:
- identification data: such as Your name, surname, phone number, e-mail address, region, login and password;
- professional data: such as Your profession, professional email, company name, business field;
- technical data, as results from cookies: such as Your IP address, browser type, preferred language, etc.; and
- any Personal Data that You may specify in the messages You send to Us.
Please note that, in some cases, providing Your Personal Data is mandatory otherwise We cannot provide You with the services or information You request from Us. For example, if You want to send Us a request through Our contact form on the Website, You will have to provide Your name and email address so that We can answer Your request. Where providing Your Personal Data is mandatory, We will inform You accordingly. Besides, in the event You would decide to provide Us with Personal Data relating to other individuals, please ensure that such individuals have been informed about the processing of their Personal Data in accordance with this Policy and, to the extent applicable, have consented to the processing of their Personal Data.
2.What special categories of Personal Data do We process about You?
Under the GDPR, certain categories of Personal Data are considered as particularly sensitive so that processing thereof is subject to specific rules. Such is notably the case with respect to Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, etc.
However, please note that We do not collect any special categories of Personal Data when You use Our Website.
3.How do We use Your Personal Data?
We process Your Personal Data for the following purposes:
- (a) answering any request or questions You may submit thanks to Our Website, and, more generally ensuring customer and prospect relationship management You may need through Our Website;
- (b) managing any potential or actual dispute with You or third parties;
- (c) managing Your access to the “NatCat Protection Platform”;
- (d) managing Your subscription to Our newsletter and further sending You Our newsletter;
- (e) complying with any legal or regulatory obligations We are subject to.
For purposes (a) and (b) above, please note that the legal basis We rely upon for lawfully processing Your Personal Data is Our legitimate interest consisting in ensuring the proper management of Our relationships with Our customers and prospects as well as the defence of Our interests.
We process Personal Data as part of purpose (c) above based on the necessity for the performance of a contract to which You are party.
With respect to purpose (d), We will only process Your Personal Data based on Your consent when You subscribe to Our newsletter. Please note in this respect that You are entitled to withdraw Your consent at any time, without affecting the lawfulness of the processing based on Your consent before its withdrawal.
In addition, We rely on Our need to comply with legal obligations We are subject to when We process Your Personal Data for purpose (e) as specified above.
4.Do We share Your Personal Data?
As part of Our processing activities, We communicate Your Personal Data to the following categories of recipients:
- other entities of the AXA group;
- Our suppliers, service providers, agents and contractors assisting Us in meeting the purposes identified herein (e.g. IT service providers hosting Your Personal Data on Our behalf, Our legal counsels, etc.); and
- competent courts, public authorities, government bodies and law enforcement forces (in particular, where We must respond to legal or regulatory requests).
In any event, and disregarding the recipient at stake, We communicate Your Personal Data on a strict need-to-know basis and only to the extent necessary for meeting the processing purposes identified in this Policy.
5.Do We transfer Your Personal Data outside the EEA?
For the purpose of the processing activities detailed herein, We transfer Your Personal Data outside the European Economic Area (“EEA”), including to countries which are not regarded by the European Commission as ensuring an adequate level of data protection.
In this respect, We have implemented appropriate safeguards to ensure that the level of protection applied to Your Personal Data is not altered by such transfers. Such safeguards consist in: (i) the execution of standard contractual clauses based on the models issued by the European Commission; and (ii) the implementation of Binding Corporate Rules (where We transfer Your Personal Data to entities of the AXA group).
You can obtain copies of these appropriate safeguards by sending an email to Our Data Protection Officer (“DPO”), whose contact details are specified below in Section 11 (How can You contact Us?) below.
6.How do We keep Your Personal Data secure?
To keep Your Personal Data secure, We have implemented technical and organizational measures designed to protect Your Personal Data against the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Your Personal Data.
We review such measures on a regular basis to check that they remain adequate and relevant to secure Your Personal Data.
7.For how long will Your Personal Data be retained?
In the course of Our processing activities, We retain Your Personal Data for a period not exceeding what is necessary in light of the processing purpose at stake.
Concretely, this means that the data retention periods We implement vary, depending upon the concerned processing purpose, as follows: