Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, otherwise known as the General Data Protection Regulation (hereinafter referred to as the GDPR) defines the legal framework applicable to the processing of personal data.
The GDPR shores up the rights and obligations of data controllers, processors, data subjects and data recipients.
In the course of its activities, ADD & Associés is required to process the personal data of its clients and prospective clients.
To better understand this policy, it is recalled that:
- “Data controller”: refers to ADD & Associés;
- “Subcontractor”: refers to any natural or legal person who processes personal data on behalf of ADD & Associés;
- “Data subjects”: refer to the heirs and/or future heirs working with ADD & Associés;
- “Recipients”: refer to natural or legal persons who receive personal data from ADD & Associés. Data recipients may therefore be employees of ADD & Associés as well as external organizations (partners, banks, IT service providers, etc.).
Article 12 of the GDPR requires that data subjects be informed of their rights in a concise, transparent, comprehensible, and easily accessible manner.