Aware of the importance of ensuring data confidentiality and privacy, MIA Assurance is committed, in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, to implementing adequate measures to ensure the protection, confidentiality and security of the personal data collected.
The purpose of this data protection policy is to inform you of our commitments to ensure that your personal data is respected and of your rights with regard to the processing of such data.
This policy may change in light of legal and regulatory developments.
This policy applies to all processing of personal data by MIA Assurance relating to persons submitting the Contact form on the website, hereinafter referred to as the “Data Holders”, of one or more of the companies listed above.
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter referred to as “data subject”); an “identifiable natural person” is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity.
“processing” means any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
“Controller” means the natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of the processing; where the purposes and means of such processing are determined by Union law or by the law of a Member State, the controller may be designated or the specific criteria for such designation may be laid down in Union law or in the law of a Member State.
“consent” of the data subject means any freely given, specific, informed and unambiguous indication of his or her wishes by which the data subject signifies his or her agreement to personal data relating to him or her being processed by means of a declaration or a clear positive act
“processor” means the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“recipient” means the natural or legal person, public authority, agency or any other body to whom personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the context of a particular enquiry in accordance with Union law or the law of a Member State shall not be regarded as recipients; the processing of such data by the public authorities in question shall be in accordance with the applicable data protection rules depending on the purposes of the processing.
“supervisory authority” means the independent public authority responsible for monitoring the application of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
MIA Assurance only collects personal data voluntarily transmitted in the Contact form of the website by the Data Holders that are strictly necessary for the purpose of the processing implemented. In particular, data relating to the identity (last name, first name, email and telephone number) of the data holder are processed.
In the interests of transparency and fairness, the processing of the Data Holders’ personal data is based on his or her consent, when he or she clicks on the SEND button and acknowledge that he or she has read and accepted the terms of this policy.
The processing operations carried out are carried out for explicit, legitimate and specific purposes.
The personal data of candidates for a position at MIA Assurance are processed for the management of applications in the context of the eventual recruitment of the Data Controller.
The personal data of MIA Assurance’s prospects are processed for the management of the relationship with the Data Controller.
These purposes, determined by the Data Controller, are included in the MIA Assurance personal data processing register.
In accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, we inform you about:
• The identity of the controller
• The contact information to exercise your rights
• The purposes of the processing for which the personal data are intended and the legal basis for the processing
• The recipients or categories of recipients of the personal data
• The period of time for which the personal data will be kept or, where this is not possible, the criteria used to determine this period
• All the rights of individuals with regard to the processing of their personal data.
MIA Assurance only communicates the personal data of Data Holders to authorised and specified recipients.
The recipients of the personal data covered by this policy are the internal departments in charge of achieving the purposes defined above, as well as, where applicable, the authorised personnel of partner companies or subcontractors who are contractually bound to respect, at least at the same level as MIA Assurance, the requirements in terms of personal data processing.
MIA Assurance keeps the personal data of applicants and prospective applicants for the period necessary to achieve the purposes defined above and for thirty years after the data has been collected.
MIA Assurance implements a set of security measures to ensure the availability, integrity and confidentiality of the personal data of the Data Holders.
You have the option of accepting or rejecting cookies by adjusting your Internet browser settings. However, please note that by refusing cookies, certain features, pages and areas of the website may no longer be accessible, for which we cannot be held responsible.
Data Subjects have the right to obtain from the data controller confirmation as to whether or not their personal data is being processed and, if so, access to such personal data and the information listed in paragraph 7 of this policy.
Data Holders may also exercise their rights by requesting from the data controller:
The rectification or erasure of their personal data, or a restriction of the processing of their personal data, or the right to object on legitimate grounds to such processing. The consequences of exercising these rights are then the responsibility of the applicant
The withdrawal of their consent, within the limits of :
Respect for the legitimate exercise of the controller’s interests
When a legal obligation requires the processing by the controller
The portability of their data
These rights can be exercised at the contact point listed below.
In addition, Data Holders may lodge a complaint with the national supervisory authority, the Commission Nationale de l’Informatique et des Libertés (CNIL).
For all requests for information concerning this policy or any exercise of rights, you may send an email to firstname.lastname@example.org