Personal Data Protection Policy

Home / Personal Data Protection Policy

Personal Data Protection Policy

The protection of your personal data is an essential element of the relationship of trust that we establish with our employees, suppliers, customers and users of our services and websites.

This relationship is based on a principle of transparency aiming at respecting your privacy, pursuant to the regulation in force in France and Europe, and in particular pursuant to the French data protection and civil liberties law and the General Data Protection Regulation (GDPR).

This policy informs you about the categories of personal data that we process, the way in which we use data, the categories of recipients to which we communicate it, as well as your rights.

This policy describes the way in which Huron Graffenstaden, its offices and subsidiaries collect and use your personal information in order to provide you with their services.

This policy applies to all of the following: service users, applications, websites, functionalities or other services.

Which data do we collect?

Huron Graffenstaden may collect personal data either directly from you or indirectly through third parties.

Pursuant to the minimisation principle, we only collect data which is necessary for the purposes for which it is processed.

Collected personal data includes:

  • surname, first name, job title, postal address, e-mail address, telephone and fax numbers, connection data, browsing data, geolocalisation data, consulted products, history of orders, accounting and financial data (means, history of payments), delivery incidents, claims and disputes.

Other information may stem from other sources, in particular regarding the sending of comments, statements or notes; bank information providers; marketing services providers; recruitment offices.
Huron Graffenstaden may associate information collected through these sources to other information it already possesses.

The compulsory or optional nature of data collected through our websites is signalled to you with an asterisk or with the obligation to fill in the corresponding field. Certain data is collected automatically as a result of your actions, while other information may be transmitted by partners.

We collect information you provide us with, in particular when:

  • You ask for information or quotes;
  • You place an order;
  • You browse websites and consult products;
  • You fill in forms through our websites and e-mails;
  • You contact our customer service;
  • You write a comment;
  • You apply for a job or you respond to an ongoing recruitment.

What is data used for?

Your personal data is collected and processed only on the base of the legal grounds laid down in the Regulation:

1. Within the framework of the execution of a contract or a mission to carry out administrative procedures;

  • Identification and authentication of the customer, of the person intervening;
  • Communications with the customer, the person intervening (technical and commercial assistance within the framework of the management of orders and customer relations: processing of the order, shipping, invoices, monitoring of the relation, management of claims and after-sales service);
  • Management of customer accounts, person intervening;
  • Management of pre-litigations, litigations and unpaid amounts;
  • Management of rights and requests to exercise rights;
  • Provision and functioning of services;
  • Hosting of customers’ data, of the person intervening;
  • Carrying out of administrative formalities provided for in the mission.

2. For legitimate interest purposes or, where applicable, on the basis of your consent:

  • Preventing fraud;
  • Enriching and enhancing the customer/prospect database;
  • Organising and carrying out enquiries, marketing campaigns, market analyses, promotional events;
  • Improving our knowledge of the relation by carrying out audience measurements through our websites;
  • Improving and personalising services and products proposed;
  • Developing products and services proposed;
  • Business development;
  • Carrying out of statistical studies, analyses and audience measurements;
  • Personalising communication e-mails we send to you;
  • Measuring and analysing the degrees of openness of our e-mailing campaigns in order to best adapt them to your needs;
  • Provision of localised contents and personalised recommendations based on usage analysis.

3. The documents you may receive:

  • Mail, e-mails, fax, phone calls and service documents: the use of these means is necessary for the proper execution of orders and services that you request from us;
  • Mail, e-mails, phone calls: if you have not opposed to them, you may be contacted through these means to carry out the elements listed at paragraph 2 of chapter “What is data used for?”.

Retention period
We only retain your data for the period which is necessary to carry out the aforementioned purposes or to allow us to respond to our legal obligations. Contract data is retained with no time limit pursuant to the purposes of recording data history and analysing our activity.

To which recipients?

Your personal data may be processed by the authorised staff of the group, partners, providers or administrations with which Huron Graffenstaden is in contact.
Resorting to these partners, providers or administrations may be necessary for the proper execution of the contract between you and Huron Graffenstaden. If these recipients are required to process your data outside the European Union, the transfer of data will be carried out pursuant to the framework laid down by the General Data Protection Regulation (GDPR).

The main processing bases are the following:

  • The contract: the processing of personal data is necessary for the execution of the contract to which you have given your consent;
  • Recruitment and employment: the processing of personal data is necessary for the execution of the contact or the contract to which you have given your consent;
  • Consent: you accept the processing of your personal data, yet you may withdraw your consent at any time by using the unsubscription link at the foot of our newsletters or by sending a letter to our Data Protection Officer;
  • Legitimate interest: our commercial interest in processing your data is justified, balanced and is not intended to affect your privacy. With some exceptions, you may, at any time, oppose the processing based on legitimate interest by signalling it. You may send an e-mail or a letter to our Data Protection Officer;
  • The law: the processing of your personal data is made compulsory by a law.

Social networks and “Plug-Ins”
Huron Graffenstaden communicates through various social networks. These social networks must respect the framework laid down by the General Data Protection Regulation (GDPR).

Our websites integrate “plug-ins” or social modules. In particular, these are interactions with social networks such as Facebook, Twitter, Google+, Youtube and Linkedin. They allow you to “like” and/or share information coming from our websites and social networks. If you use these “plug-ins”, your actions may be recorded and published on your accounts on social networks depending on your account settings. If you don’t want social networks to publish and use your actions through the “plug-ins” of our websites, you have to disconnect from your social network accounts.

Audience measurements may be carried out by an intermediary of online tools, such as Google Analytics. The exchanges of personal data with Google are limited to a strict legal minimum within the framework of the audience measurement and analysis.
They require temporary cookies. You may deactivate the use of cookies through your settings.

Is your data safe?

We have established technical and organisational measures to allow the protection of your data in a suitable way in accordance with its nature, the extent of processing and its accessibility. For example, it may be a question of data encryptions, management of access rights or secured flows. The respect of the safety and protection of your personal data is imposed upon all of our employees, as well as our providers or partners.

What are your rights?

You may request access to your personal data at any given time, as well as its modification, cancellation (as far as this does not prevent the proper execution of the contract or the respect of legal obligations of Huron Graffenstaden), as well as the limitation of one or more particular processings of data related to you, under the conditions envisaged by the General Data Protection Regulation (GDPR).

You also have the right to modify or withdraw, at any time, the consent that you have given us for the processing of your personal data.

Furthermore, you have the right to oppose the processing of your personal data and the right to its portability, under the conditions established by the General Data Protection Regulation (GDPR).

You have the right to give instructions to Huron Graffenstaden to communicate your personal data to a third party that you have previously designated.

Your personal data may be retained or cancelled after your death pursuant to the General Data Protection Regulation (GDPR).

Updating of transmitted data
The information that you provide us with must be exact and updated: therefore, any significant change related to you must be communicated to us as soon as possible.

Terms of exercise

You may exercise your rights at any time by sending:

  • a letter to
    156 Route de Lyon
  • or an e-mail to

You will have to provide your surname and first name, as well as a copy of an identity document. If you are not satisfied with our exchanges, you have the possibility to address France’s data protection authority, the Commission Nationale de l’Informatique et des Libertés (CNIL) at the following address:
CNIL – 3 place de Fontenoy – TSA 80715 – 75334 Paris cedex 07

Modification of the Personal Data Protection Policy

We may modify this Personal Data Protection Policy at any time.

We encourage you to check this declaration frequently in order to be informed about our Personal Data Protection Policy.

You acknowledge and accept that it is your responsibility to be acquainted with our Personal Data Protection Policy.

Want to find out more?

To find out more about our Personal Data Protection Policy, you may contact the Data Protection Officer in the following way:

  • a letter to
    156 Route de Lyon
  • or an e-mail to

Text ref. : 2018 05 25 V1 GB – HURON GDPR, Personal Data Protection Policy.docx

Contact Us

We're not around right now. But you can send us an email and we'll get back to you, asap.

Not readable? Change text. captcha txt

Start typing and press Enter to search