In this context, “Personal Data” means any information relating to an identified or identifiable natural person (a “Data Subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
For the purposes of this Policy, as a Data Subject and user of the Website, you shall be hereinafter referred to as ‘’You’’/“Your”.
AXA Climate, “société par actions simplifiée à associé unique” registered in the Paris Trade and Companies Register under the number 493.363.378, acts as a controller in the processing of Your Personal Data (i.e. it determines the purposes and means of the processing). AXA Climate shall herineafter be referred to as ‘’We’’/“Our”/”Us”.
We collect and process the following categories of Personal Data when You use the Website:
Please note that, in some cases, providing Your Personal Data is mandatory otherwise We cannot provide You with the services or information You request from Us. For example, if You want to send Us a request through Our contact form on the Website, You will have to provide Your name and email address so that We can answer Your request. Where providing Your Personal Data is mandatory, We will inform You accordingly. Besides, in the event You would decide to provide Us with Personal Data relating to other individuals, please ensure that such individuals have been informed about the processing of their Personal Data in accordance with this Policy and, to the extent applicable, have consented to the processing of their Personal Data.
Under the GDPR, certain categories of Personal Data are considered as particularly sensitive so that processing thereof is subject to specific rules. Such is notably the case with respect to Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, etc.
However, please note that We do not collect any special categories of Personal Data when You use Our Website.
We process Your Personal Data for the following purposes:
For purposes (a) and (b) above, please note that the legal basis We rely upon for lawfully processing Your Personal Data is Our legitimate interest consisting in ensuring the proper management of Our relationships with Our customers and prospects as well as the defence of Our interests.
We process Personal Data as part of purpose (c) above based on the necessity for the performance of a contract to which You are party.
With respect to purpose (d), We will only process Your Personal Data based on Your consent when You subscribe to Our newsletter. Please note in this respect that You are entitled to withdraw Your consent at any time, without affecting the lawfulness of the processing based on Your consent before its withdrawal.
In addition, We rely on Our need to comply with legal obligations We are subject to when We process Your Personal Data for purpose (e) as specified above.
As part of Our processing activities, We communicate Your Personal Data to the following categories of recipients:
In any event, and disregarding the recipient at stake, We communicate Your Personal Data on a strict need-to-know basis and only to the extent necessary for meeting the processing purposes identified in this Policy.
For the purpose of the processing activities detailed herein, We transfer Your Personal Data outside the European Economic Area (“EEA”), including to countries which are not regarded by the European Commission as ensuring an adequate level of data protection.
In this respect, We have implemented appropriate safeguards to ensure that the level of protection applied to Your Personal Data is not altered by such transfers. Such safeguards consist in: (i) the execution of standard contractual clauses based on the models issued by the European Commission; and (ii) the implementation of Binding Corporate Rules (where We transfer Your Personal Data to entities of the AXA group).
You can obtain copies of these appropriate safeguards by sending an email to Our Data Protection Officer (“DPO”), whose contact details are specified below in Section 11 (How can You contact Us?) below.
To keep Your Personal Data secure, We have implemented technical and organizational measures designed to protect Your Personal Data against the risk of accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Your Personal Data.
We review such measures on a regular basis to check that they remain adequate and relevant to secure Your Personal Data.
In the course of Our processing activities, We retain Your Personal Data for a period not exceeding what is necessary in light of the processing purpose at stake.
Concretely, this means that the data retention periods We implement vary, depending upon the concerned processing purpose, as follows:
Answering any request or questions You may submit thanks to Our Website, and, more generally ensuring customer and prospect relationship management You may need.
If You already are a customer of Us, We retain Your Personal Data for 5 years following the end of Our contractual relationship with You. The same applies if You are acting on behalf of one of Our customers (i.e. as an employee). If You are a prospect, Your Personal Data will be retained for a maximum period of 3 years following the last contact on Your initiative.
Managing any potential or actual dispute with You or third parties.
Your Personal Data is retained until all the relevant courses of appeal have expired.
Managing Your access to the “NatCat Protection Platform”.
We retain Your Personal Data for 6 months from the moment You are no longer entitled to access the “NatCat Protection Platform”.
Managing Your subscription to Our newsletter and further sending You Our newsletter.
Your Personal Data is retained until You unsubscribe from Our newsletter.
Complying with any legal or regulatory obligations We are subject to.
We retain Your Personal Data as long as We are subject to the legal or regulatory obligations at stake.
As a Data Subject, You benefit from various rights in accordance with the applicable data protection legislation, and notably the GDPR, as follows:
However, please note that some of the above mentioned rights are subject to particular requirements resulting from the applicable data protection legal framework. As a result, if Your particular case does not meet the legal requirements to do so, We will not be able to let You exercise the concerned right.
You can exercise Your rights by contacting Our DPO with the contact details specified in Section 11 (How can You contact Us?). As part of Our response to Your request, You may be asked to provide further information to confirm Your identity and/or to facilitate locating the Personal Data associated to Your request.
In any event, please note that You are entitled to lodge a complaint with the French Data Protection Authority (“CNIL”) in the event You consider that the processing activities We carry out with Your Personal Data are unlawful.
We will update this Policy from time to time, notably in response to new legal, technical or business developments. When We make any material change to this Policy, We take appropriate measures to inform You accordingly.
Should You have any questions or requests regarding the processing activities We carry out with Your Personal Data under this Policy, including the exercise of Your rights detailed above, please feel free to contact Us with the contact details below:
Date of the last update: 9th November 2020