Menu
DPOPTION is a company specializing in the implementation of “DPO” services and offers its clients support services enabling them to comply with the rules on the Protection of Personal Data.
DPOption places the utmost importance on the protection of personal data throughout all of its activities, and thus complies with all laws and regulations in this area.
All of the terms mentioned below in capital letters correspond to those defined in the European Regulation relating to the protection of Personal Data, which came into force on May 25, 2018.
The purpose of this Privacy Notice is to describe all processing activities carried out by DPOption from the management of the website dpoption.fr
Purpose of the Processing |
Personal data processed by DPOPTION |
Legal Basis for Processing |
Managing initial contact requests from DPOPTION users | Name, first name, user company, email address, telephone number | Legitimate interest of DPOPTION |
Management of requests for execution of services offered by DPOPTION | Name, first name, user company, email address, telephone number | Execution of the pre-contractual phase & execution of the contract. |
Management of requests relating to recruitment within DPOPTION | Name, first name, postal and telephone contact details, information relating to professional situation | Legitimate interest of DPOPTION |
Sending of communications concerning offers and services proposed by DPOPTION | Name, first name, user company, email address, telephone number | Legitimate interest of DPOPTION |
Management of requests for white papers developed by DPOPTION | Name, first name, user company, email address, telephone number | Legitimate interest of DPOPTION |
Analysis of responses regarding requests for individual rights | Name, first name, company of the user, email address, postal address and of the user/company to which the user belongs | Legal obligation of DPOPTION |
Management of activity and traffic on the website | IP address, user connection information | Legitimate interest of DPOPTION |
management and newsletter sending | Name, first name, user company, email address, telephone number | Consent |
Management and processing of responses to compliance questionnaires | User’s name, first name, company, email address, telephone number | Consent |
Management and sending of customer satisfaction questionnaires | Name, first name, user company, email address, telephone number | DPOption’s Legitimate Interest |
DPOption may store your Personal Data (and thus transmit them to Subcontractors) for the purposes of hosting and managing its database relating to the use of the dpoption.fr site, or for the management of its IT resources dedicated to its daily activity.
In this case, DPOption undertakes to verify their compliance with the rules for the protection of Personal Data, and to set up a dedicated contractual framework, under the conditions required by the aforementioned rules.
DPOption may also submit certain information to authorized persons and entities internally (employees, management, company agents) and externally, in particular to third parties authorized under legal, administrative or judicial prerogatives.
Apart from these cases, DPOption does not transmit any Personal Data without having obtained your prior consent and in accordance with the applicable regulations.
In all of the above cases, DPOption does not carry out any Personal Data Transfer operation outside the European Union. However, in the event of such an operation being carried out, DPOption will apply the regulatory framework necessary and adapted to the situation of said Transfer, ensuring:
From a transmission of Personal Data within a country offering an adequate level of protection or,
From the signing of the Standard Contractual Clauses (SCCs) proposed by the European Commission or,
Any other guarantee that will be considered appropriate within the meaning of Article 46 of the GDPR.
Regarding possible transfers to service providers located in the United States, an adequacy decision was adopted on July 10, 2023, ensuring a level of protection equivalent to that of the European Union. However, this adequacy decision is only valid for transfers to organizations taking steps to comply with the new framework and appearing on a list managed and published by the US Department of Commerce . Thus, in the event of a change to such an operation, DPOPTION will ensure that the organization appears on the list available on the following link:
https://www.dataprivacyframework.gov/s/participant-search .
For any other transfer to the United States, DPOPTION will manage it through the classic mechanisms mentioned above.
Purpose of the Processing | Duration of storage of personal data |
Managing initial contact requests from DPOPTION users | Retention for 3 years from the last contact with the user |
Management of requests for execution of services offered by DPOPTION | Retention for 3 years from the last contact with the user in the case of “prospect” status Retention for the duration of the relationship followed by a period of 5 years in the case of “customer” status |
Management of requests relating to recruitment within DPOPTION | Retention for 2 years after a negative outcome to the recruitment process. Retention for the duration of the professional relationship followed by a period of 5 years after the end of the employment contract |
Sending of communications concerning offers and services proposed by DPOPTION | Retention until objection by the person concerned or for 3 years from the last contact with the person concerned |
Management of requests to download white papers produced by DPOPTION | Retention until objection by the person concerned or for 3 years from the last contact with the person concerned |
Responses and processing of individual rights requests | Retention for a period of 10 years from the closing of the individual rights application |
Management of activity and traffic on the website | Information relating to user connections kept for a maximum of 13 months |
Subscription management and newsletter sending | Data retention until the data subject unsubscribes (via the unsubscribe link included in communications) |
Management and processing of responses to compliance questionnaires | Retention for 1 year from their collection or the last contact from the prospect. |
Management and sending of customer satisfaction questionnaires | Data retention 1 year after the end of the contractual relationship or since the last contact with the customer |
DPOption undertakes, as part of an obligation of means, to implement all actions to guarantee the security of your Personal Data.
To this end, DPOption’s commitments relate to the application of all technical and organizational measures within the meaning of Article 32 of the GDPR, which will ensure the confidentiality, integrity and availability of Personal Data, and thus a sufficient level of protection of the latter.
The DPOption team is also aware of and trained in the protection of Personal Data, including the consideration and application of said measures.
You have the possibility to request, at any time, the exercise of your individual rights, and in particular to request:
All of these rights can be exercised via email at the following address: contact@dpoption.fr
DPOption may, in certain cases necessary for your identification, make the implementation and processing of your request conditional on the transmission of valid proof of identity.
DPOption undertakes to process any request concerning the exercise of your individual rights within 30 days of receipt; this period may be extended by an additional sixty (60) days in the event of complexity in the investigation of the request in particular. DPOption undertakes in this case to keep you informed and follow up on said requests.
You may also exercise your right to withdraw consent regarding processing relating to offers and services promoted by DPOption, under the same conditions as the rights listed above.
The Customer also has the option of filing a complaint with the National Commission for Information Technology and Civil Liberties (CNIL) online on the CNIL website, in the section dedicated to complaints.
This Privacy Notice is subject to regular review and updating, taking into account any changes that may occur in the processing of Personal Data carried out by DPOption within the framework of the dpoption.fr website.
Current version as of 12/18/2024