Acts as an independent data controller in the context of the processing of your personal data (i.e., it determines the purposes and means of the processing of your information): GIE AXA, a European Economic Interest Grouping, organized under French law, with its registered office at 23 Avenue Matignon, 75008 Paris, registered with the Registry of Commerce and Companies of Paris under the number 333 491 066.
The data controller is referred to in this notice as "AXA" or "the Data Controller" or "We" or “Us”.
The Data Controller may update this Privacy Notice from time to time in response to changing legal, technical, or business developments. When the Data Controller updates this privacy notice, the Data Controller will take appropriate measures to inform you, consistent with the significance of the changes the Data Controller makes. The Data Controller will obtain your consent to any material privacy notice changes if and where this is required by applicable data protection laws. This Privacy Notice was last updated on July 20, 2022.
In accordance with the French "Informatique et Libertés" law n° 78-17 of 6 January 1978 and the GDPR, you have the right to:
Based on the legal basis for the processing of your personal data, you have also the right to:
Where the processing of your data is based on Our legitimate interests:
In any case, you have the right to object to the marketing of your personal data. Please note that AXA Group does not market your personal data.
If you have any questions, complaints, or comments regarding this information notice or to exercise your rights listed above, please contact the DPO. The contact details are as follows:
The Data Controller may ask you for additional information to confirm your identity and/or to assist AXA to locate the data you are seeking.
You have the right to raise concerns about how your personal data is being processed with a competent supervisory authority, in particular in the Member State of your habitual residence, place of work or place where you think an alleged infringement to your rights occurred. In France, the data protection authority is the Commission Nationale de l'Informatique et des Libertés, or “CNIL” whose postal address is 3 place de Fontenoy - TSA 80715 – 75334 Paris CEDEX 07. Its website is accessible here: https://www.cnil.fr/
The Data Controller uses appropriate technical and organizational measures designed to protect the personal information about you. The measures the Data Controller uses are designed to provide a level of security appropriate to the risk of the processing activity of your personal information, in line with AXA standards.
Whether or not you are required to provide your personal data to AXA will be indicated to you at the time of collection (for example, by an asterisk on the collection form). If you choose not to provide your personal data when requested, you may not be able to receive newsletters and/or send Us information requests or queries.
For what purposes and in what way is your personal data processed?
Your personal data is processed for the different purposes listed in the table below. You will also find in the table below, for each purpose, the relevant information relating to the processing of your personal data.
What are cookies?
A cookie is a small data file (text file) that a website, when viewed by you, asks your browser to store on your device to remember information about you, such as your language preferences or login information. For more information, you can consult the CNIL website here.
Most of the personal data We process is collected directly from you, whenever you fill out a form on axa-research.org. Where your personal data is not obtained directly from you, the personal data We process comes from the cookies deposited on your device if you have accepted their deposit.
The Data Controller communicates your personal data only to identified and authorized recipients. The identified recipients mentioned above are:
Acting as processors of AXA (i.e., these recipients only act on Our instructions):
Acting as independent data controllers (i.e., these recipients determine the purposes and means of processing:
These recipients are located within the European Union (EU).