Privacy policy

POLICY ON PROTECTION OF PERSONAL DATA OF THE COMPANY ARKOSE SAS

(updated 12 September 2025)

The company ARKOSE&CO SAS, a société par actions simplifiée with share capital of €1,055,712.75, registered with the Registre du Commerce et des Sociétés of PARIS under number 793 196 536, having its registered office at 37, rue des Grands Champs - 75020 PARIS (FRANCE),

carries out the Processing of Personal Data in the course of its activities and has established this Personal Data protection Policy which applies to it (the “Policy”).

Hereinafter, ARKOSE&CO SAS is also referred to as the “Company”.

Terms beginning with a capital letter in the Policy are defined in Article 15 below.

  • The Policy describes the manner in which the Company collects, uses and Processes your Personal Data, in its capacity as Data Controller, in accordance with the applicable regulations.
  • The Policy applies worldwide.
  • The Policy applies to the Personal Data that we collect from our customers, from our suppliers, from our service providers and from our Data Processors in the context of the performance of all types of contracts. It also applies to the Personal Data of users of our Website, of persons who wish to apply for our job offers, of our employees and, more generally, of any other persons whom we are legitimately led to contact in the course of our activities.
  • The Company may be required to modify or update the Policy according to its activities and to take into account changes in the laws in force. We therefore encourage you to read it carefully and to consult this page regularly in order to verify any changes that we may possibly make to it.
  • In the event of disagreement on certain aspects of the Policy, you have legal rights which are indicated in Articles 10, 12 and 13 below.
  • The Company attaches importance to respecting your private life and undertakes to protect and preserve your rights relating to the confidentiality of your Personal Data.

1. SOURCES OF PERSONAL DATA COLLECTED

We collect Personal Data concerning you from the following sources :

  • The Personal Data that you provide to us when you are a customer of the Company and wish to order our services or our products (purchase of annual subscriptions, sessions, workshops or classes, etc.) ;
  • The Personal Data that you provide to us when you are a supplier, service provider or Data Processor of the Company, in the context of our commercial relationship (for example when you contact us by e-mail or telephone, or by any other means, or when you give us your business card) ;
  • The Personal Data that you communicate to us when you apply for a job offer or submit a speculative application, or when you are an employee or corporate officer of the Company ;
  • The Personal Data provided by third parties (for example a rating agency or a legal information website such as Infogreffe) ;

  • The Personal Data originating from our Website when you browse our Website or when you use the functions and resources available on or accessible via our Website.

    Note to visitors and users of our Website :

    The use of our Website as well as the Personal Data that are communicated by its users are subject to the provisions of the Policy as well as to its terms of use.

    Certain features and functions of our Website may be used only if certain Personal Data are provided. The user is free to provide, or not to provide, all or part of the requested Personal Data. However, if the user decides not to provide them in full, certain services and/or certain functions of our Website may not work or may work only in part.

    These provisions apply to :

    The Website www.arkose.com, of which the Company is owner and publisher; and

    . The application / the Website Arkose+/ plus.arkose.com of which the Company is owner and publisher.

2. RECIPIENTS OF PERSONAL DATA

The recipients of Personal Data are, as applicable :

(i) The authorised internal departments of the Company ;

(ii) The authorised suppliers, service providers and Data Processors of the Company, in the context of file management and the provision/delivery of services and/or products.

3. PERSONAL DATA CONCERNED

The Personal Data that we may collect varies depending on the purpose of the Processing. They are mainly intended to enable the identification of individuals in the context of their relationship with the Company, whether such relationship is ongoing or relates to prospecting.

In any event, the Personal Data collected shall be limited to the data necessary for the purposes set out in Article 5 below.

3.A Personal Data relating to clients and prospects :

We collect the following categories of Personal Data relating to our clients and prospects :

  • Personal information :

To create a client account :*

  • Last name

  • First name

    • Title/gender

    • Date of birth

    • Company (name)

  • E-mail address

  • Telephone number

  • Postcode

  • Level of sports practice

To make a booking / subscribe in the lofts :

  • Last name

  • First name

  • Address

  • Telephone number

  • E-mail address

  • Means of payment and bank details

  • In the event of a request by you for suspension or early termination of your subscription on medical grounds in accordance with our general terms and conditions of sale, a medical certificate indicating a contraindication to sports practice may be requested from you

  • For minors aged 12 and above with free access to the climbing lofts, without supervision, parental authorisation is required :

  • Last name and first name of parent/guardian

  • Specify whether: father/mother/legal guardian

  • Last name and first name of the child

  • Address

  • Telephone number

  • Copy of parent/guardian ID to be attached

    . To book a restaurant :

  • Last name

  • First name

  • E-mail address

  • Telephone number

    ***. For professional clients (purchase of services in the lofts) :***

  • First name

  • Last name

  • Company name

  • Position

  • Postal address

  • Billing address if different

  • Order notes (possible comments)

  • E-mail address

  • Telephone number

  • Information relating to quotes and orders (order records and their amount) ;

  • Information relating to means and methods of payment (payment date, payment records, amount paid) ;

  • Information relating to client needs or constraints, collected in the context of client satisfaction surveys, which we may then use to ensure that our marketing communications towards you are relevant and timely ;

  • Additional Personal Data that our clients have chosen to provide to us, insofar as they are necessary for the achievement of the purposes set out in Article 5 below.

3.B Personal Data relating to suppliers, service providers and Data Processors :

We collect the following categories of Personal Data relating to our suppliers, service providers and Data Processors :

  • Personal information collected : last name, first name(s), position, title and contact details (postal address, secretarial contact details if applicable, telephone number, e-mail address) of our contacts within the supplier, service provider or Data Processor company, in order to ensure proper management of our commercial relations and of our files ;
  • Additional data that our contacts within the supplier, service provider or Data Processor company have chosen to provide to us, insofar as they are necessary for the achievement of the purposes set out in Article 5 below.

3.C Personal Data relating to candidates applying for our job offers :

We collect the following categories of Personal Data relating to candidates applying for job offers :

  • Personal information : last name, first name(s), photograph ;
  • Demographic information : gender, date of birth/age, place of birth, nationality ;
  • Professional information : occupation, professional situation, business address ;
  • Contact details : postal address, telephone number, e-mail address ;
  • Career-related information : qualifications, diplomas, CV, presentation and motivations.

3.D Personal Data relating to our employees and corporate officers :

We collect all information necessary for the proper management of our personnel, in particular their identity, civil status, personal contact details, career-related information, diplomas, bank details, social security number, administrative information, all in compliance with applicable legal and regulatory provisions.

3.E Personal Data relating to users of our Website (access and use) :

We collect the following Personal Data :

. To create a client account :

  • Last name

  • First name

  • Title/gender

  • Date of birth

  • Company

  • E-mail address

  • Telephone number

  • Postcode

  • Level of sports practice

    . To subscribe to the Newsletter :

  • Choice to subscribe or not to the newsletter when creating a client account

    . To contact us :

  • Last name

  • First name

  • E-mail address

  • Telephone number

    . To use the application / the Arkose+ website, we collect the following Personal Data :

  • Name or pseudonym

  • Gender

  • Date of birth

  • E-mail address

If you contact us through our Website, we will collect all information you provide to us, insofar as it is necessary for the achievement of the purposes set out in Article 5 below.

3.F Personal Data relating to users of our Website (audience measurement and browsing statistics) :

We collect the following categories of Personal Data from users of our Website in order to improve the use of our Website and to manage the services that we provide. This information includes :

  • Dates, times and locations of connection to our Website ;
  • Pages visited.

4. PROTECTION OF MINORS’ PERSONAL DATA

As indicated above in Articles 3.A, 3.E and 3.F, ARKOSE may collect Personal Data concerning minors. Such minors must have the required parental authorisation, which may be requested from them at any time. Failure to provide such authorisation immediately may result in the suspension or immediate termination of their relationship with ARKOSE&CO, at the discretion of ARKOSE&CO.

With respect to the Arkose+ application/website: the user is deemed to have obtained parental authorisation prior to registration. Such authorisation must be produced at the first request of the Company.

5. PURPOSES OF PERSONAL DATA PROCESSING AND LEGAL BASES

  1. Legal bases

    In order to Process your Personal Data in accordance with the purposes set out above, we rely on one or more legal bases :

  • The Processing may be necessary for the performance of the contract that you have entered into with us or to take steps prior to entering into the contract ;

  • The Processing may be necessary for compliance with a legal obligation ;

  • The Processing may be based on your prior consent to the Processing (this legal basis is used only for optional Processing, and not for Processing that is necessary or mandatory) ;

  • We have a legitimate interest in carrying out the Processing of Personal Data for the purposes listed under b) followed by an asterisk *()**.

    1. Purposes of Personal Data Processing

    We Process your Personal Data for the following purposes :

  • To enable our contacts to request and obtain information about the Company, its services and its products*;

  • To prepare and submit commercial offers, to participate in calls for tenders or requests for proposals*;

  • To enable the monitoring of the commercial and contractual relationship with our clients (sending quotes, sending invoices, fulfilling orders, technical assistance and support, management of possible disputes, etc.)*;

  • To carry out calls for tenders or requests for proposals and to enable the monitoring of the commercial and contractual relationship with suppliers, service providers and Data Processors*;

  • To comply with our contractual obligations;

  • To conduct client satisfaction surveys*;

  • To carry out promotional operations for our services to existing clients or prospects*;

  • To conduct quality audits*;

  • To manage unsolicited applications or applications submitted in response to job offers*;

  • To manage, from a human resources perspective, our employees and corporate officers;

  • To ensure the physical security of our premises (including visitor logs to the premises and CCTV recordings) and the electronic security of our systems and the Website (including records of identifiers and access information)*;

  • To improve our Website as well as our products and services (identify problems; anticipate improvements; create new ones)*;

  • For accounting, financial, legal and audit management;

  • In the context of legal proceedings (establishment, exercise or defence of legal claims);

  • For the purposes of analyses or market studies and analyses of online and offline media (which we may carry out ourselves or through other companies)*;

  • To comply with our legal obligations.

6. SENSITIVE PERSONAL DATA

We do not seek to collect or Process Sensitive Personal Data in the normal course of our activities. Nevertheless, this may occur within the scope of the following exceptions only :

  • Compliance with a legal obligation : where Processing is required or permitted by applicable law (for example, to comply with our various reporting obligations);
  • The detection and prevention of criminal offences (including fraud prevention);
  • Explicit consent : where, in accordance with applicable law, we have obtained your prior and express consent to Process your Sensitive Personal Data (this legal basis is used only for optional Processing, and not for Processing that is necessary or mandatory).

If you provide us with Sensitive Personal Data concerning third parties, you must specifically inform us of this.

7. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES

We may disclose your Personal Data to the following third parties :

  • Competent judicial or administrative authorities, upon their request, or for the purpose of reporting actual or suspected security breaches, in accordance with applicable law;
  • The Company’s accountants, statutory auditors, lawyers, auditors and other external professional advisers, subject to confidentiality obligations;
  • Our service providers, suppliers or Data Processors (such as payment services, transport companies, IT service providers, etc.);
  • Any potential acquirer, in the event that we sell or transfer all or part of our assets or business (including in the event of reorganisation, dissolution or liquidation).

Where one of our Data Processors participates in the Processing of your Personal Data, such as the Publisher of the management software GESTIXI, it will be subject to contractual obligations requiring it : (i) to Process Personal Data solely in accordance with our prior written instructions, (ii) to use measures to protect the confidentiality and security of Personal Data, as well as (iii) any other additional obligation imposed by applicable regulations.

8. LIMITATION AND RETENTION PERIOD OF PERSONAL DATA

8.1 We take all appropriate measures to ensure that the volume of Personal Data that we Process is limited to the Personal Data reasonably necessary for the purposes set out in the Policy.

8.2 We take all appropriate measures to ensure that your Personal Data is retained for no longer than is necessary in view of the purposes set out in the Policy.

The criteria used to determine the retention periods for Personal Data are as follows :

  • We will retain your Personal Data in a format that allows you to be identified for as long as your Personal Data is necessary to fulfil the lawful purposes, for which we have a legitimate basis, described in Article 5 of the Policy.
  • In the context of our relationships with our suppliers, service providers or Data Processors: we will retain your Personal Data for the applicable limitation period (i.e. the period during which a person may lodge a complaint with us, or bring legal action against us, concerning their Personal Data or in connection with which their Personal Data is relevant). In any case, no later than five (5) years after our last contact or the end of the relationship concerned, the Personal Data will be permanently deleted or we will anonymise them.
  • In the context of our relationships with our clients or of any other nature: no later than three (3) years after our last contact or the end of the relationship concerned, the Personal Data will be permanently deleted or we will anonymise them.
  • Specifically with regard to the Arkose+ application/website: when the user deletes their user account or the application, this automatically entails the deletion of all information or content that may have been provided therein, with the exception of their Personal Data, which is retained for a further six (6) months.
  • Specifically in the event of a dispute: Personal Data collected for the management of a pre-litigation is retained until the settlement of the dispute by amicable agreement, or, failing that, until the limitation period of the corresponding legal action, before deletion. Personal Data collected for the management of litigation is retained until the exhaustion of all possible appeals against the decision rendered, before deletion.

8.3 Upon expiry of these retention periods, the Personal Data is securely deleted or archived.

9. TRANSFER OF PERSONAL DATA OUTSIDE THE EUROPEAN UNION

We will not transfer Personal Data outside the European Union.

10. YOUR RIGHTS REGARDING YOUR PERSONAL DATA

Depending on the type of Processing, within the framework established by the GDPR, you have a number of rights regarding the Processing of your Personal Data, which may include :

10.A Right to object in relation to Processing based on the legal grounds of legitimate interest or public interest :

You may, at any time, object to our Processing of your Personal Data. Your objection request will be handled diligently and we will cease the Processing to which you object. Nevertheless, we reserve the right not to cease the Processing in question if :

  • We can demonstrate that we have compelling and legitimate grounds for Processing your Personal Data which override your personal interests ;
  • We Process your Personal Data for the establishment, exercise, or defence of legal claims.

10.B Right to withdraw consent :

If we have obtained your consent to the Processing of your Personal Data for certain Processing other than those for which no consent is required, you may withdraw this consent at any time and we will cease the specific Processing to which you had consented, unless we consider that there is another reason justifying the continuation of our Processing of your Personal Data for this purpose, in which case we will inform you of this situation.

Please note that such withdrawal does not affect the lawfulness of any Processing carried out before the date on which we received notification of said withdrawal, nor does it prevent the Processing of your Personal Data on the basis of other available legal grounds.

10.C Right of access :

You have the right to request access to or copies of your Personal Data, together with information concerning the nature of the Processing and the persons who may access such Personal Data.

When we provide you with access to the Personal Data that we hold about you, we will not charge you for such access unless your request is manifestly unfounded or excessive. If you request further copies of such information, we may charge you reasonable administrative fees where permitted by law. If the law allows us, we may refuse your request. If we do so, we will always provide justification for such refusal.

10.D Right to erasure :

You have the right to request that we erase your Personal Data under certain circumstances.

In principle, the Personal Data in question must meet one of the following criteria :

  • Your Personal Data is no longer necessary for the purposes for which we initially collected and/or Processed it;
  • You have withdrawn your consent to the Processing of your Personal Data and there is no other valid reason for us to continue Processing it;
  • Your Personal Data has been unlawfully Processed;
  • In the case where we Process your Personal Data on the basis that we consider it necessary for our legitimate interests, if you object and we are not able to demonstrate that there is a compelling and legitimate reason to continue the Processing.

We would be entitled to refuse to comply with your request for one of the following reasons :

  • To exercise the right of freedom of expression and information ;
  • To comply with legal obligations ;
  • For public health reasons in the public interest ;
  • For archiving, research or statistical purposes ;
  • To establish or defend legal claims.

Where we respond to a valid request for the erasure of Personal Data, we will take all appropriate practical measures to delete the relevant Personal Data.

10.E Right to restriction of Processing :

You have the right to request that we restrict the Processing of your Personal Data under certain circumstances. This means that we will only continue to store your Personal Data and that we will only be able to carry out further Processing activities in one of the following cases : (i) resolution of one of the circumstances listed below ; (ii) your consent ; or (iii) further Processing is necessary for the establishment, exercise or defence of legal claims, for the protection of the rights of another person, or for important reasons of public interest of the European Union or a Member State.

The cases in which you are entitled to request that we restrict the Processing of your Personal Data are as follows:

  • Where you contest the accuracy of the Personal Data we Process about you. In such case, we will restrict the Processing of your Personal Data to verifying its accuracy;
  • Where you object to our Processing of your Personal Data for our legitimate interests. You may request that the Personal Data be restricted while we verify our grounds for Processing your Personal Data;
  • Where your Personal Data has been unlawfully Processed by us, but you prefer that we restrict its Processing rather than erase it;
  • Where we no longer need to Process your Personal Data but you request it in order to establish, exercise or defend legal claims.

If we have disclosed your Personal Data to third parties, we will inform them of the restricted Processing unless this proves impossible or involves disproportionate effort. Of course, we will inform you before lifting any restriction on the Processing of your Personal Data.

10.F Right to rectification :

You also have the right to request that we rectify inaccurate or incomplete Personal Data that we hold about you. If we have disclosed this Personal Data to third parties, we will inform them of the rectification unless this proves impossible or involves disproportionate effort. Where appropriate, we will also inform you of the third parties to whom we have disclosed such inaccurate or incomplete Personal Data. If we consider it reasonable not to comply with your request, we will provide you with the reasons for such decision.

10.G Right to obtain and to portability of Personal Data that we process on the basis of your consent or in the performance of a contract :

If you so wish, you have the right to obtain and transfer your Personal Data from one Data Controller to another. Specifically, this means that you have the right to transfer the Personal Data to another online platform. In order for you to do so, we will provide you with your Personal Data in a commonly used format. This right to portability applies to the following Personal Data: (i) Personal Data that we Process automatically (i.e. without human intervention) and (ii) Personal Data that you provide.

10.H Right to lodge a complaint with a Data Protection Authority :

You also have the right to lodge a complaint with a Data Protection Authority, and in particular with the Data Protection Authority of the European Union Member State in which you reside or work, or in which the alleged violation occurred. This in no way affects the rights you have under applicable laws and regulations. To exercise one or more of these rights, to ask us a question regarding these rights or any other clause of this Policy, or to inquire about our Processing of your Personal Data, please use the contact details provided in Article 13 of our Policy. Please note that :

  • We may request proof of your identity before complying with your requests;
  • Where your request requires the establishment of facts or the carrying out of additional analyses (for example, to determine the lawfulness of the Processing), we will review your request as promptly and reasonably as possible before making our decision.

11. SECURITY OF PERSONAL DATA

We are committed to taking all necessary measures to protect the Personal Data we hold against any misuse, loss, alteration, disclosure, destruction, unauthorised access and any other form of unlawful or unauthorised Processing, in accordance with applicable law. To this end, we have in place a range of appropriate technical and organisational measures. These may include measures to address suspected Personal Data breaches.

Because the Internet is an open system, the transmission of information over this network is not completely secure. Although we implement all reasonable measures to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to us over the Internet; such transmission is at your own risk and you are responsible for ensuring that any Personal Data you send us is transmitted securely.

If you suspect misuse, loss or unauthorised access to your Personal Data, please inform us immediately in accordance with the procedures set out in Article 13 below.

Access to Personal Data is limited to employees, corporate officers, suppliers, service providers and Data Processors of the Company who need to know such information in the course of their mission. All persons who have access to your Personal Data are bound by a duty of confidentiality and are subject to disciplinary measures and/or other sanctions should they fail to comply with this duty.

12. DISPUTE RESOLUTION

Although the Company has taken all appropriate measures to protect your Personal Data, no transmission or storage technology is completely infallible.

However, the Company is committed to ensuring the protection of your Personal Data. If you have reason to believe that the security of your Personal Data has been compromised or that it has been subject to unlawful or improper use, you are invited to contact the Company at the following address :

  • By post at the following address :

    . ARKOSE&CO SAS : 37, rue des Grands Champs - 75020 PARIS (FRANCE)

  • By email at the following address :

    . vosdonnees@arkose.com

The Company will investigate complaints regarding the use and disclosure of your Personal Data and will attempt to resolve them in accordance with the principles set out in the Policy.

Unauthorised access to or misuse of Personal Data may constitute a violation of applicable law.

If Individuals consider, after having contacted the Company, that their “Informatique et Libertés” rights are not being respected, they may lodge a complaint in France with the CNIL :

COMMISSION NATIONALE DE L’INFORMATIQUE ET DES LIBERTÉS (CNIL)

3, place de Fontenoy \ TSA 80715 \ 75334 PARIS CEDEX 07

13. CONTACT

For any questions regarding the Policy, to stop receiving commercial information from the Company, or to exercise your rights regarding your Personal Data, you may send an email to the following address :

. vosdonnees@arkose.com

14. COOKIE POLICY

When you visit our website, we may store cookies on your device, or read cookies already present on your device, provided that we have always obtained your prior express consent.

Websites to which this cookie policy applies

This cookie policy applies to the following website/application, which are operated and controlled by the Company :

. www.arkose.com

Arkose+ / plus.arkose.com

What is a cookie ?

A "cookie" is a small file of information stored on your computer's hard drive that records your navigation on a website so that, during your next visit to the website, it can present you with personalised options based on the information stored regarding your previous visit. Cookies can also be used to analyse traffic and for advertising and marketing purposes. Almost all websites use them, and they do not damage your system.

There are different types of cookies, which can be distinguished according to their origin, purpose, and lifespan. The main characteristics of cookies are as follows :

  • Session cookies : These are cookies stored on your computer only during your web session and are automatically deleted when you close your browser – they generally store a session identifier allowing you to visit our website without having to log in on each page ;
  • Persistent cookies : A persistent cookie is stored as a file on your computer and remains there when you close your browser. The cookie can be read by the website that created it when you visit the site again. We use persistent cookies for Google Analytics and for personalisation (see below) ;
  • Strictly necessary cookies : These cookies are essential for you to effectively use our website and therefore cannot be disabled. Without these cookies, the services you use on our website cannot be provided. These cookies do not collect information about you that could be used for commercial purposes or to remember pages you visited on the Internet ;
  • Performance cookies : These cookies allow us to monitor and improve the performance of our website. For example, they allow us to count visits, identify sources of traffic, and see which parts of our sites are most visited ;
  • Functionality cookies : These cookies allow our website to remember choices you make (username, language, country, etc.) and to provide enhanced functionality. For example, we can provide information or updates regarding the services you use. These cookies can also be used to remember modifications you have made to text size, font, and other elements of web pages that you can customise. They may also be used to provide services you requested, such as watching a video or posting comments on a blog ;
  • Personalisation cookies : These cookies allow us to communicate information about services or offers that may interest you.

Why do we use cookies ?

We use cookies for the following purpose :

  • To track your use of our website. This allows us to understand how you use our website and monitor trends observed among individuals or larger groups. It allows us to develop and improve our website and services in response to the wishes and needs of our visitors.

How long do the cookies we use last ?

The cookies we use on our website do not exceed twelve (12) months in duration.

Some cookies are placed by third parties who are responsible for them.

How can you control cookies ?

Most Internet browsers are configured to automatically accept cookies. Depending on the type of browser used, you can configure it (i) to receive a warning before cookies are set, allowing you to accept or refuse these cookies, or (ii) so that cookies are always refused. To know how to configure this, click the "help" button (or equivalent) of your browser. Disabling cookies may affect your browsing experience on our website.

If you use different devices to access our website, you must ensure that each browser on each device is configured according to your cookie preferences.

You can find more information at : http://www.allaboutcookies.org/manage-cookies/.

Additionally, you can opt-out of cookies from certain companies by visiting the following websites : http://www.aboutads.info/choices/#completed et http://www.youronlinechoices.com/.

Please note that the Company is neither affiliated with nor responsible for third-party websites.

15. DEFINITIONS

For the purposes of the Policy and in accordance with French law n° 78-17 of 6 January 1978 as amended, relating to data processing, files, and civil liberties, and the GDPR, the following definitions apply :

  • Data Protection Authority” means an independent public authority legally responsible for supervising compliance with applicable data protection laws.
  • Personal Data” means any information relating to an identified or identifiable natural person, in particular by reference to an identifier such as a name, identification number, location data, online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
  • Sensitive Personal Data” means Personal Data relating to racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, as well as genetic data, data concerning health or data concerning sex life or criminal convictions and offences, or related security measures, as well as any other information that may be considered sensitive under applicable law.
  • Data Controller” means the entity which determines the purposes and means of Processing Personal Data. In many jurisdictions, the Data Controller has primary responsibility for complying with applicable data protection laws.
  • GDPR” means Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data.
  • Data Processor” means any natural or legal person who Processes Personal Data on behalf of the Data Controller, other than employees of the Data Controller.
  • Processing” or “Process” means any operation performed on Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.