General Data Protection Regulation (Regulation EU n°2016/679 of the European Parliament and of the Council of 27 April 2016) (“GDPR”),
Law N° 2018-493 on 20 Juin 2018 regarding the private data protection
COMPLIANCE WITH GDPR
This personal data processing policy is addressed to ARCHIMED customers and prospects, potential business relations and internet users of www.archimed.group
As responsible for processing personal data, ARCHIMED provides information through this policy on:
the categories of data collected,
the processing of personal data,
the reasons for which it is carried out,
as well as on the rights and the means of contact and appeal.
a. Type of personal data
Within the strict framework of its fund management activity and with the aim of fulfilling the commitments regarding to the LCB-FT, ARCHIMED processes the following data:
Identification data, name, address, telephone number, email address, professional contact details
Personal information, for example date of birth
Professional information, e.g. employment and work history, title
Economic and financial information: income, financial and tax situation, bank details, etc.
The recording of conversations and communications, regardless of their medium (e-mails, faxes, telephone conversations, etc.).
This data is collected from partners, suppliers, business relations, customers, or prospects through the following channels:
Physical contact or by email or telephone,
Sharing of documents in the context of calls for proposals
Sharing of information within the framework of services
Participation in an event organized by ARCHIMED or by any professional body,
ARCHIMED does not process any sensitive data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs or relating to trade union membership, genetic data or data relating to sexual orientation, unless an obligation law obliges him to do so.
b. Use of personal data
ARCHIMED relies on the data register to identify the processing operations reserved solely for its regulatory / LABFT obligations and for the fund management activity:
Investor management (subscription, KYC)
Management of potential targets (Due Diligence)
Management of portfolio companies
Management of candidate, payroll and employee processes.
c. Data retention period
The retention periods, precisely defined and listed in the processing register, ensure that they do not exceed the time strictly necessary for the proper execution of the processing. To determine each duration, the following criteria were taken into account:
The different purposes for which this data is collected
Compliance with legal obligations
d. Access to personal data
Personal data is processed by the employees assigned to the processing operations below. They may also be transferred to subcontractors under contract with ARCHIMED. These contracts include a GDPR compliance clause.
They may also be transferred to authorities whose right of access to personal data is recognized by law.
e. Security of personal data
Access to data is regulated and controlled. Everyone is authenticated with his account and a second authentication method. The machines are protected by a disk encryption mechanism.
Backups are exclusively made in the Europe zone.
A GDPR compliance clause has been included in contracts with service providers who process personal data for ARCHIMED.
This personal data confidentiality policy may change, in particular due to legislative and regulatory developments.
g. Rights of modification and deletion of personal data
In accordance with Law No. 2018-493 of June 20, 2018 relating to the protection of personal data and Regulation No. 2016/679 known as the “General Data Protection Regulation” (RGPD) of April 27, 2016, each customer, contact or employee of ARCHIMED has a right of access, rectification, opposition, limitation, erasure and portability of personal data.
This right is to be asserted, unless there is a legal obligation to the contrary,
Either by writing to: ARCHIMED Silex² 20F, 9 rue des Cuirassiers, 69003 Lyon, France
Either by sending an email to: firstname.lastname@example.org
Approved by Sandrine Laporte