We are committed to ensuring your privacy and the protection of your personal data.
This Data Policy informs you of the conditions under which we (i.e., Schelcher Prince Gestion, as part of the Crédit Mutuel Arkéa group) collect, process, retain, archive and erase our prospects’ and clients’ personal data and of your rights with respect to such data.
What is personal data?
Personal data is any information by means of which an individual can be directly or indirectly identified (e.g., name, address, registration number, phone number, photo, date of birth, IP address, fingerprint, etc.).
Which types of personal data do Schelcher Prince Gestion process?
Within the scope of our contractual or business relationship with you, we mainly process the following types of personal data:
What are the purposes of and grounds for collecting your personal data?
We process personal data for the following purposes and on the following grounds:
Purposes | Grounds |
To manage your investment mandates and, in general, our investment relationship: pricing, securities, investment product, sending of management reports, estate management. To execute your mandated transactions: transfers, financial instruments transactions. |
This data is processed on the basis of an agreement to which you are party or for the performance of pre-contractual measures taken at your request. |
To improve the handling of interactions with clients To monitor our premises for safety purposes To manage IT incidents To combat fraud To manage Schelcher Prince Gestion’s business activity To handle litigation and pre-litigation To handle customer complaints |
This data is processed on the basis of a legitimate interest pursued by Schelcher Prince Gestion (for example ensuring the safety of its premises and infrastructure or improving its services) and does not adversely affect your basic rights and freedoms. |
For marketing purposes, i.e., moderation of online communities, direct marketing, sponsoring, games organisation, statistical analysis with a view to offering you customised products and services, satisfaction surveys, client portfolio management, newsletters. | This data is processed on the basis of a legitimate interest pursued by Schelcher Prince Gestion (improving its results) or on the basis of your consent, and does not adversely affect your basic rights and freedoms. |
To respond to requests from administrative and court authorities To combat money laundering and terrorism financing To combat market abuse and insider trading To make statutory declarations (FICOBA, FACTA, TRACFIN, etc.) To implement a best execution policy To record transactions negotiated by market operators with clients in order to justify transactions To list clients classified as non-professional who will be offered a structured EMTN private placement To manage operational risks |
This data is processed on the basis of a legal or regulatory obligation by which Schelcher Prince Gestion is bound. |
Direct marketing
We can only contact you by email for direct marketing purposes on condition that we have obtained your prior consent unless otherwise authorised by law. You may, however, exercise your right to object by emailing us at : clientservices@spgestion.fr
Who receives the personal data processed by Schelcher Prince Gestion?
We are bound by a professional secrecy obligation in relation to the personal data provided to us. However, by transmitting your personal information to us, you authorise us to share banking secrecy with respect to such data, in light of the aforementioned purposes, for the benefit of other Crédit Mutuel Arkéa group companies, their service providers and processors and any legally empowered administrative and court authorities (European Union countries or non-EU members).
Thus, in the case of a fund transfer pursuant to Regulation EC/1781 of 15 November 2006, some of your personal data may be transmitted to the bank or beneficiary of the transfer located in an EU or non-EU country. In order to transfer funds we may, for technical reasons, need to transfer data outside the EU, in particular to the US, with regard to transactions using the SWIFT secure network. The holder may obtain all and any information about said transfer by consulting the ‘Information Notice’ on the French Banking Federation’s website (www.fbf.fr).
We are not responsible for personal data that you may have authorised a third party to process, but that you have not shared with it such as account aggregation applications or social media. It is your responsibility to refer to the data protection policies of any third parties concerned to check the conditions under which they process data and/or to exercise your rights with respect to such processing.
What security measures does Schelcher Prince Gestion put in place?
Pursuant to financial-market regulations we are required to ensure high levels of security and confidentiality with respect to your personal data. As such, we consider all of your data to be confidential data covered by professional secrecy obligations. These data may be transmitted, used or stored in accordance with the secure framework described below.
In accordance with the type of personal data and the risks posed by the processing thereof, we take the technical (data encryption), physical (building access control) and organisational (dedicated teams trained in data safety) measures needed to ensure that these data are secure and are not deformed, damaged, rendered unavailable or accessed by third parties. To guarantee this level of security, additional security measures may be necessary, such as audit traces or trails.
We raise our employees’ awareness about the protection of personal data and ensure that they comply with the regulations in force as well as with our firm’s ethics.
We choose processors and service providers that provide significant guarantees regarding the implementation of appropriate technical and organisational measures so that your data is processed in a way that meets the requirements of the applicable data protection regulations.
Our clients and other parties working with us (e.g., on security surveillance) may also effectively contribute to maintaining our personal data security levels by complying with the rules that we advise them to follow and informing us of any anomaly they may encounter.
If we notice an incident that impacts personal data, we make sure – based on regulatory obligations – to inform the CNIL (French data protection authority) and the persons concerned as soon possible.
How long do we store your personal data?
We have put specific rules in place regarding the storage periods for personal data.
To determine these periods, we take account of the various purposes for which the data are collected, the persons concerned by the collection, and compliance with legal, regulatory or professional obligations. These periods do not exceed what is strictly necessary to effectively process your data.
Aim pursued | Storage period |
Managing our business relationship | |
Managing our relationship and the functioning of your investment mandate | Your data are kept for as long as our business relationship lasts and then archived for five years |
Meeting our legal obligations | |
Combating money laundering and terrorism financing | Your data are kept for as long as our business relationship lasts and then archived for five years |
Combating market abuse | Your data are kept for as long as necessary to remove suspicion or report transactions to the AMF, and then archived for three years |
Securing our premises | |
Monitoring our sales outlets and administrative buildings | Your data are kept for a maximum of 30 days |
For marketing purposes | |
Direct marketing | Your data are kept for 3 years |
Analysing your data in order to customise our business relationship | Data about prospects are kept for three years and those about clients for as long as the business relationship lasts |
What are your rights?
You have specific rights with respect to your data, such as a right to access, rectify, object to, restrict and erase them, as well as a right to data portability. You are also entitled to give instructions about the storage, erasure and communication of your personal data following your death. Lastly, you are entitled to file a complaint with the CNIL.
How do you exercise your rights?
By post to: |
By email to: clientservices@spgestion.fr | |
Right of access |
x | x |
Right to rectification |
x | x |
Right to object (in particular to direct marketing) |
x | x |
Right to erasure (right to be forgotten) |
x | x |
Right to portability |
x | x |
Right to restriction (1) |
x | x |
Right to leave instructions regarding what becomes of the data upon your death |
x | x |
(1) Please specify which processed data is concerned and the reason behind your request.
Within the context of your right to data portability, we will return your declarative data to you, i.e., any data collected directly from you or indirectly from third parties with which Schelcher Prince Gestion has a contractual relationship. We will not return data connected with the functioning of products and services, personal data derived from publicly available information or personal data deduced or determined by Schelcher Price Gestion.
With respect to the data processed, you may exercise your right to object on the basis of a legitimate interest or a task carried out in the public interest, and by explaining the specific reasons behind your request. It should be noted that you may exercise your right to object to direct marketing at any time without having to justify your request.
A request regarding your right to be forgotten may, in certain situations, not come to fruition. If for example you still have a contract with one of our entities and the storage of data is necessary for the performance of said contract or if we are obliged by regulations to store your data beyond the term of the contractual relationship.
Crédit Mutuel Arkéa has designated a Data Protection Officer (DPO), whose main task is to inform and advise the controller (i.e., the CEO of Schelcher Prince Gestion) about all data protection issues. S/he enforces the application of data protection regulations within Schelcher Prince Gestion and handles communication with the French data protection authority (CNIL), with respect to personal data management issues.
You can contact our DPO at the following email or postal addresses:
Cookies
Definition
Cookies are small text files sent from websites that you visit. They are recorded on your device (smartphone, tablet, PC, etc.) and enable data to be temporarily or permanently stored. In particular, they inform the website that you are visiting about the date of your last visit and your display preferences (e.g., number of articles per page, etc.).
Use
With a view to enhancing your online experience, improving our services and facilitating navigation, we install three types of cookies on your devices:
Session cookies, also known as comfort cookies, the sole aim of which is to maintain your session context. These notably avoid you having to authenticate yourself numerous times during a single visit. Data collected in this context disappear automatically approximately half an hour after you finish browsing.
Persistent cookies, otherwise known as analytical cookies. These have an expiration date of 13 months and are used mainly to produce anonymised statistics to improve the presentation of our information and the usability of our services.
Third-party cookies aimed at assessing the performance of our advertising campaigns or liable to send you targeted advertising with respect to the advertising spaces of third-party websites. The maximum storage period for these cookies is 13 months.
Management
You can prevent cookies (or their equivalent) from being saved by selecting the relevant option in your browser (or any other media interface used, i.e., smartphone, tablet, etc.). The aforementioned persistent and third-party cookies are installed if you have browsed elsewhere than the ‘find out more’ link on the cookies banner.
Audience measurement
Federal Finance Gestion provides you with digital media equipped with the Google Analytics audience measurement tool. The data generated by this tool and its cookies are stored by Google on servers located in Europe and the US.
We have configured Google Analytics with the ‘Anonymize IP’ option on this website, which ensures that your IP address is always processed anonymously. Click here to find out more about Google’s confidentiality regulations.
In the interests of transparency, we also wish to inform you of a way to object to tracking by Google analytics. To find out more, please click here to consult Google’s website.
Date de publication : 20 septembre 2019