Consent: any free, specific, informed and unequivocal expression of will by which the Data Subject accepts, by a statement or by a clear positive act, that Personal Data concerning him or her may be Processed.

Data Protection Officer (DPO): the designated person in charge of the protection of Personal Data.

Addressee: natural or legal person or any other body that receives communication of Personal Data.

Personal Data/Personal Data/Data: any information relating to a Data Subject, in particular by reference to an identifier such as a name, an identification number, an identity card number, a salary, health records, bank account information, driving or consumption habits, Location Data, an online identifier, etc. The term "Personal Data" includes Sensitive Personal Data.

Sensitive Personal Data/Sensitive Personal Data: means Personal Data revealing or relying on:

  • racial or ethnic origin, political, religious or philosophical opinions
  • membership of a trade union organization
  • physical or mental health
  • sexual orientation or sex life
  • Genetic and biometric data
  • Data relating to criminal convictions, offences or related security measures.

Applicable legislation: set of regulations relating to the protection of Personal Data and applicable to the Processing of Personal Data, namely European Regulation No. 2016/679 on the protection of Personal Data (GDPR), the amended Data Protection Act, and any other regulations relating thereto.

Data Subject/Person: natural person to whom the Personal Data relates and who may be identifiedor identifiable, directly or indirectly, through such Personal Data. This includes past and present customers, prospects, and collaborators.

Data Controller: a natural or legal person who, individually or jointly, decides what Personal Data is collected, why and how it is collected and processed.

GDPR: abbreviation of European Regulation No. 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data.

Subcontractor: any natural or legal person or other body that processes Personal Data on behalf of the Controller and at its direction (e.g. service providers or suppliers).

Third: any natural or legal person, public authority, agency or other body other than the Data Subject, the Controller, the Processor and the persons who, under the direct authority of the Controller or Processor, are authorised or authorised to process the Data.

Treatment: any operation or set of operations performed or not by automated means and applied to Personal Data such as collection, access, recording, copying, Transfer, retention, storage, cross-referencing, modification, structuring, making available, communication, recording, destruction, whether automatically, semi-automatically or otherwise. This list is not exhaustive.

Data Transfer: any communication, copy or movement of Data through a network, or any communication, copy or movement of such Data from one medium to another, regardless of such medium, of Personal Data to a country outside the European Union or to an international organization that is or is intended to be used toarea the subject of Processing after this Transfer.