Website Privacy Policy

1. Introduction

This privacy policy (hereinafter: the "Website Privacy Policy”) applies to the processing of personal data by Figures SAS ("Figures") when you visit its website at the following address https://figures.hr (the "Website").
Personal data protection is of paramount importance to Figures. This Website Privacy Policy informs you about the conditions under which your personal data is processed in accordance with the laws and regulations that apply to data protection, and in particular Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR).  

2. The identity and address of the Data Controller

The data controller of personal data on the Website under the conditions described in this Website Privacy Policy is Figures SAS, located at 5, Boulevard des Bouvets, 92000 Nanterre, France.
If you have any questions regarding the processing of your personal data by Figures, you can contact us by e-mail at the following address: [email protected]

3. Nature of data processing, Data subjects

The data subjects of our processing of the aforementioned categories of data are the users. who access our Website.
When you visit our Website, we collect personal data concerning your access to our server on which our Website is hosted.
These data include:
- the name of the website visited;
- the date and time of access;
- the browser type and version;
- the user's operating system;
- the referrer URL (the page previously visited);
- and the IP Address.

When you subscribe to our newsletter, we collect your e-mail address.
When you contact us through the "contact us" function on the website, we collect the following data: 
- your first and last name; 
- your e-mail address;
- and the content of your message.

4 - Purposes and legal basis of data processing

The purpose of the processing of your personal data is to provide access to our Website and its content. When you contact us through the “contact us” function or when you subscribe to our newsletter, the purpose of the processing of your personal data is to manage and respond to your request. 
The legal basis is our legitimate interest in presenting our range of services on the Internet and responding to your requests for information (legitimate interest within the meaning of Article 6(1)(f) of the GDPR).

5. Processors

We may use the services of the following categories of processor to process your personal data when you visit our Website:
- Providers of Website hosting services;
- and Providers of Website user behaviour analysis services.

These processors are carefully selected and provide adequate contractual undertakings that ensure their compliance with personal data protection requirements in accordance with Article 28 of the GDPR.

List of our processors: https://figures.hr/other/sub-processors

6. International transfer(s)

Figures does not transfer your personal data outside the EU/EEA and does not engage processors outside the EU/EEA for the processing conducted when you visit our Website.

7. Security and data storage

Figures takes all appropriate technical and organisational security measures to protect the data processed from the risk of manipulation, loss, destruction and access by unauthorised persons.

For security purposes (e.g. for clarification in cases of fraud or abuse), personal data collected during your visit to our Website are stored for a maximum period of 13 months and are then erased. Data that must be retained for evidentiary purposes are excluded from such erasure until the relevant incident has been definitively clarified.

8. Recipients

The recipients of your personal data are limited to authorised members of Figures' staff and, where applicable, its processors. They have access to your personal data solely on a need-to-know basis. If required by law, your personal data may also be communicated to governmental and judicial authorities. Lastly, we may share your personal data with any third party who may act as our successor or assign, and to whom we have transferred all or a significant part of our assets and activities.

9. Your rights with regard to our processing of your personal data personal data

In accordance with the provisions of the GDPR, as a data subject, you can exercise the following data protection rights:
- You have the right to obtain information about the personal data we process about you (Article 15 of the GDPR).
- You have the right to request the rectification of the data we hold about you if they are inaccurate or incomplete (Article 16 of the GDPR).
- You have the right to request the erasure of the data we hold about you, unless prevented by other statutory provisions (e.g. statutory requirements of storage), or if we have an overriding interest (e.g. to defend our rights and claims) (Article 17 of the GDPR).
- You have the right to ask us to restrict the processing of your data in accordance with Article 18 of the GDPR.
- You have the right to object to the processing of your data in accordance with Article 21 of the GDPR. If you object, we will no longer process your personal data, unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or if the processing is for the establishment, exercise or defence of legal claims.
- If you are resident in France, you have the right to give Figures instructions on the fate of your data after your death. 
- In addition, you have the right to lodge a complaint with a data protection supervisory authority (Article 77 of the GDPR), whose contact details are available on the following list: https://www.edpb.europa.eu/about-edpb/about-edpb/members_fr

10. Changes to our Website Privacy Policy

Figures reserves the right to modify or update this Website Privacy Policy in the future to adapt it to changes in the law or of its data processing activities. The version of the Privacy Policy available on the Website is deemed to be the most recent.