The purpose of this General Personal Data Protection Policy is to inform you about how Numeum processes your Personal Data.

  1. PROCESSING RESPONSIBLE

Personal Data is processed by Numeum, a professional association of Digital Services Companies (ESN), Software Publishers, Platforms and Technology Consulting Companies in France governed by the Labor Code, Siret 384 719 001 00024, whose registered office is located, 22-28 rue Joubert, 75009 Paris, represented by Véronique Torner, President of Numeum - Mail. : contact@numeum.fr.

  1. SCOPE OF APPLICATION

This General Personal Data Protection Policy applies to all Processing of Personal Data, implemented by Numeum as part of its missions and activities.

  1. DEFINITIONS

The terms used in this General Policy for the Protection of Personal Data and beginning with a capital letter, whether used in the singular or plural, will have the meaning given to them below.

Member: Numeum member organization, its representative and its employees.

Intermediate archiving: temporarily storing, on a separate computer medium with limited access, files that include Personal Data which, are no longer in current use, for administrative or legal purposes.

Personal account: space reserved for Members accessible on the Site and on Ensemble.

Recipient: the natural or legal person, public authority, service or any other organization that receives communication of Personal Data, whether or not it is a third party. Only the categories of recipient are specified in this General Personal Data Protection Policy.

Personal data/Personal data: any information relating to a natural person likely to be identified, directly or indirectly (e.g.: a name, a photograph, an e-mail address including a surname or first name, a business card, etc.). No distinction is made between confidential, public, professional or non-professional information. Paper files are also concerned.

Ensemble: online space, edited by Jamespot, for information, collaboration and exchanges dedicated to Members and, where applicable, Partners, to share topics or projects concerning Numeum.

Partner(s): means any company, other than a Subcontractor, selected by Numeum, with which it has entered into a partnership (member services, joint events, etc.).

Permanent means the General Delegate, Numeum employees and/or any person hired (directly or indirectly) by Numeum, including temps and interns.

Processing controller: the natural or legal person, public authority, department or other body which, alone or jointly with others, determines the purposes and means of the processing, in this case Numeum.

RGPD: acronym for Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data. This regulation is the reference text for the protection of Personal Data.

Site: the Numeum website www.numeum.fr.

Service(s): refers to any service offered to Members and, where applicable, Non-Members of Numeum and in particular Numeum's expertise (answers to questions, publications, conferences, etc.), networking (events, meetings,etc.) and Numeum's spokesperson activities with public authorities.

Sub-processor: any company that may be required to process Personal Data on behalf of Numeum in accordance with instructions given by Numeum.

Processing: any operation or set of operations carried out or not using automated processes and applied to data or sets of Personal Data (collection, consultation, extraction, dissemination, modification, etc.).

Violation of Personal Data: a breach of security resulting in the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of or access to Personal Data transmitted, stored or otherwise processed.

  1. PERSONAL DATA COLLECTED

Numeum collects Personal Data relating in particular to your identity, your professional situation and your browsing on the Site.

The mandatory nature of the information you are required to provide is indicated to you at the time the Personal Data is collected, for example by an asterisk on the corresponding forms. In addition, at the time of these operations, you are informed of the collection and processing of Personal Data concerning you by means of an information notice or a link to this General Personal Data Protection Policy.

If you do not wish to provide the information requested, you may not be able to access certain Services (in particular registrations for events organized by Numeum) and Numeum may be unable to respond to your request.

  1. FINALITY OF PROCESSING

Personal data is collected for specified, explicit and legitimate purposes. Numeum ensures that personal data is processed in a manner that is adequate, relevant and limited to what is necessary with regard to the purposes for which it is processed.

Personal Data is processed for the following purposes:

  • Management of membership of Numeum
    • .
  • Processing your Numeum membership application, including online via the Numeum Site;
  • Processing the payment of your membership fee, including online via the Site;
  • Constitution and storage of your member file (information entered when you apply for membership and exchanges carried out to confirm your membership).
  • Management of personal Member Accounts on the Site and on Ensemble.
    • Members' access to Site content;
    • Members' access to Ensemble.
  • Member relationship management.
    • Sending information messages relating to Numeum's activities;
    • Response to solicitations addressed to Numeum Permanents;
    • Sending personalized correspondence based on the Member's areas of interest and collecting statistics.
  • Managing Member benefits.
    • Providing benefits related to the program dedicated to startups;
    • Insurance program (if necessary, send the contact details of Numeum's member company representative to the insurance broker in charge of the program);
    • Partnership with S4S Payroll Management (where applicable, sending the contact details of the Numeum member company representative to the Partner).
    • Partnership with AYMING on innovation financing (if applicable, send contact details of Numeum member company representative to Partner).
    • Partnership with the Program Protection Agency (sending the contact details of the representative of Numeum's member company to the Partner, if applicable).
    • Partnership with ASF Consulting (where applicable, sending the contact details of the legal representative of Numeum's member company to the Partner).
    • Partnership with Swile (where applicable, sending the contact details of the legal representative of Numeum's member company to the Partner).
    • Partnership with Rate and Go (if necessary, send the contact details of the legal representative of the Numeum member company to the Partner).
    • Partnership with Business France / Team France Export (if necessary, send the contact details of the legal representative of Numeum's member company to the Partner).
    • Partnership with Legal Place (if necessary, send the contact details of the legal representative of Numeum's member company to the Partner).
    • "Temporary" partnerships during certain events via the collection of consent from members wishing to benefit.
    • Processing of questions sent by members via the Numeum website.
  • Commission management
    • Sending out invitations and information;
    • Registering your application and participation;
    • Organization of work...
  • Management of events and themed face-to-face conferences.
    • Sending invitations;
    • Registering your registration request and participation.
  • Web conference management
    • Sending invitations;
    • Registering your registration request and participation.
  • Managing and monitoring mandates exercised to represent Numeum.
    • Management of mandates for members of Numeum bodies (Board of Directors, COMEX, presidents of business colleges, commissions, Statutory Committee members, regional delegates, president, etc.
      • ).
    • Management of mandates held in organizations outside Numeum (Syntec Federation, MEDEF, etc.).
  • Management and monitoring of Numeum's statutory bodies.
    • Organization and management of meetings;
    • Organization of general meetings;
    • Organization of elections/appointments, etc.
  • Conducting satisfaction surveys, polls and studies for Members
    .
  • Managing collective mediations initiated by Numeum
    .
  • The provision of WiFi access on Numeum premises
    .
  • The implementation of prospecting actions
    .
  • Contract management
    • Passing, managing and executing contracts between Numeum and its service providers and/or Partners.
  • Browsing and audience measurement on the Site (Cookies)
    • Deposit of tracers and collection of browsing data (to find out more, click here).
  1. LAWFUL BASICS AND CONSERVATION PERIODS

In the table below you will find the legal bases and retention periods applied to the Processing carried out by Numeum.

The legal bases include:

  • The legitimate interests pursued by Numeum namely:
    • the provision of Services and benefits derived from Numeum membership;
    • representation and promotion of the profession to the ecosystem in particular;
    • the study of the means necessary to improve the Services and benefits rendered;
    • promoting the professions represented by Numeum;
    • the determination of an ethic of professional and moral behavior and concern for its respect by Members;
    • informing the ecosystem about Numeum's activities.
  • The performance of a contract;
  • The consent of the data subject;
  • Compliance with legal obligations.

Personal Data is kept in an active base for the time necessary for the purposes described above. On expiry of these periods, Personal Data may be kept in archive form (i.e. separate from the active base) for the duration of the applicable legal prescription or for the duration necessary to comply with a legal obligation.

The legal bases for processing are detailed by purpose in the table below "Retention periods for Personal Data".

FINALITY

LEGAL BASIS

HOLDING TIME ON ACTIVE BASIS

INTERMEDIATE ARCHIVING

COMMENTS

Numeum membership management

Legitimate interests

1 year maximum from the end of the relationship with Numeum

Automatic deletion of the membership form from the Site back-office 6 months maximum after its date of entry by the potential Member

5 years

In the active base, the member file is accessible only to authorized Permanents.

Management of personal Member Accounts on the Site and on Ensemble

Legitimate interests

Anonymization of messages published on Ensemble and deletion of accounts within a maximum of three months from the end of the relationship with Numeum

On the Site: deletion of the personal account within a maximum of one month from the member's notification to Numeum of the employee's departure from Numeum's member organization and deletion of all the member organization's personal accounts a maximum of one month after the loss of Numeum membership.

You may object to having an account on Ensemble.

You can delete your messages at any time.

Member relationship management

Legitimate interests

1 year maximum from the end of the exchange.

5 years

Only questions/answers are archived.

Managing member benefits

Legitimate interests

1 year maximum from the end of the benefit subscription.

N/A

Commission management

Legitimate interests

1 year maximum from date of meeting

5 years

Management of events and themed face-to-face conferences

Legitimate interests

1 year maximum from the date of the event or conference.

5 years

The data relating to your participation is stored on our CRM.

Web conference management

Legitimate interests

1 year maximum from the date of the web conference then definitive deletion of the tool 3 months later.

5 years

The data relating to your participation is processed via a tool provided by a service provider.

Mandate management and tracking

Contract

Duration of mandate

5 years

Management and monitoring of statutory bodies

Contract (Statutes and Numeum's internal regulations)

Deletion at the end of the General Meeting, after legal information has been sent to Numeum.

5 to 30 years

Only minutes are archived for 30 years.

Conducting satisfaction surveys, polls and studies

Legitimate interests

1 year maximum from the end date of the satisfaction survey, poll or study.

N/A

Satisfaction sheets distributed at conferences are destroyed after one month and responses are returned anonymously.

Management of collective mediations initiated by Numeum

Legitimate interests

1 year maximum from the end of the mediation.

5 years

Provision of WIFI access

Legal obligation

1 year from the date of connection.

N/A

Conducting prospecting campaigns

Legitimate interests

3 years from the last contact.

N/A

Contract management

Contract

Duration of the contractual relationship.

5 years

In the active base, contracts are accessible only to authorized Permanents.

Cookies

Consent

Refer to "cookies"

Refer to "cookies"

Refer to "cookies"

  1. AUTOMATIC INDIVIDUAL DECISION

The Processing carried out by Numeum does not involve automated decision-making.

  1. DATA CONTROLLERS OF PERSONAL DATA

The categories of Recipients of Personal Data are:

  • Staff members,
  • Service providers involved in the various processing of Personal Data as Subcontractors,
  • The Partners of Numeum.
  1. TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION

In the event of the transfer of your Personal Data to a Recipient located in a non-member state of the European Union, appropriate safeguards will be put in place, in accordance with the legal provisions in force.

  1. PERSONAL RIGHTS

In accordance with the legal provisions in force, you have:

  • a right of access to your Personal Data,
  • a right to rectification or deletion thereof,
  • the right to limit the processing of which you are the subject,
  • the right to object to the processing,
  • the right to the portability of your data (only if the legal basis for the processing is the performance of a contract with Numeum or consent and if the processing is carried out using automated processes).

These rights may be exercised subject to compliance with certain conditions and in certain cases. You can find out about your rights in detail by visiting the site of the Commission Nationale de l'Informatique et des Libertés (CNIL).

If you feel, after contacting us, that your rights are not being respected, you can submit a complaint to a supervisory authority. The supervisory authority in charge of processing carried out by Numeum is the CNIL.

If you feel that your rights have not been respected after contacting us, you may lodge a complaint with a supervisory authority.

To exercise your rights, you can contact us by indicating your contact details (surname, first name, e-mail or postal address) via juridique@numeum.fr or by post at the following address: Numeum, 148 boulevard Haussmann, 75008 Paris.

A reply will be sent to you within a maximum of one month from receipt of your request.

  1. PERSONAL DATA SECURITY

Numeum takes appropriate technical and organizational measures to prevent as far as possible any Breach of personal data.

  1. CONTACT

For any queries relating to this General Personal Data Protection Policy, please contact juridique@numeum.fr

We inform you that this General Personal Data Protection Policy may be updated by us.

Last update: March 2022