PENTALOG PRIVACY POLICY

Updated on December 16^th, 2020

GENERALITIES

PENTALOG FRANCE is a French simplified joint-stock company (SAS) headquartered at Château des Hauts, 1 rue des Hauts, 45380 La Chapelle-Saint-Mesmin (France), and the mother company of PENTALOG GROUP, a globally enabled digital skills and services platform. 

This Privacy Policy applies to all websites (the “Website”) of PENTALOG (“PENTALOG”), unless an affiliate or a website of PENTALOG GROUP publishes its own privacy policy. 

In the interests of full transparency, PENTALOG provides a list of its affiliates to whom this policy applies and the relevant Data Protection Authorities (Article 15). 

1. Introduction  

Since its creation, PENTALOG has put privacy at the heart of its business. 

PENTALOG is therefore committed to the protection of and respect for the fundamental rights guaranteed by the laws and regulations in force, in particular the General Data Protection Regulation (“GDPR”) in force since May 25th 2018 in the European Union (“EU”). 

For non-EU based users, PENTALOG is subject to the regulations in force within the European Union regarding the protection of personal data and considers that currently the GDPR is the strongest data protection regulation in the world and so the protection of personal data provided by PENTALOG is following the strongest legal requirements in existence.  

PENTALOG’s Privacy Policy (the “Policy” or the “Privacy Policy”) is intended to inform you, in a transparent manner, of practices regarding the collection, use and sharing of information you may need to provide on the Website of the affiliates of PENGALOG GROUP, accessible on www.pentalog.com, unless an affiliate publishes its own privacy policy. 

This Policy (and all documents to which it refers such as the Cookies Charter) describes how PENTALOG processes the personal data collected or provided by you. PENTALOG recommends you read this document carefully to familiarise yourself with and understand its practices regarding the processing of your personal data. 

The terms used in this Policy have the meaning of the definitions set out in the GDPR and in not any other local data protection legislation. 

2. Data collected by PENTALOG 

PENTALOG may collect and process data relating to its Website’s users (the “Users”) whether they are: 

• Candidates for positions within PENTALOG; 

• Prospective clients or contacts; 

• Clients or Suppliers; 

• Users that do not belong to any of the precited categories 

• Users cookies (please refer to our Cookies Charter) 

The detail on the type of data collected by PENTALOG is available at the dedicated chapter to the categories of data subject concerned.  Thus: 

• To view the chapter of our Privacy Policy for our Candidates, please click here. 

• To view the chapter of our Privacy Policy for our Clients & Suppliers, please click here. 

• To view the Privacy Policy for the Visitors (different from the above categories) of our website, please click here. 

3. How does PENTALOG use the data collected?  

PENTALOG uses the data collected for the purposes of: 

3.1 Assessing applicants for positions offered by PENTALOG; 

3.2 Notifying applicants of job offers that may interest them; 

3.3 Due diligence: preparatory step for the signing of an employment contract; 

3.4 Due diligence: in order to confirm applicants’ identities; 

3.5 Sending targeted offers and marketing communications; 

3.6 Communicating with prospective clients; 

3.7 Providing a price list; 

3.8 Due diligence: preparatory step for the signing of a contract with a client or supplier; 

3.9 Communicating with interested parties;  

3.10 Sending newsletters or advertising events that may interest recipients. 

4. Who receives the data collected by PENTALOG and why is the data passed is shared with to them? 

4.1. Some information that you share with PENTALOG might be shared with other companies of PENTALOG GROUP, in accordance with this Policy, for the purpose of making best use of its services. 

4.2. PENTALOG works in close collaboration with companies in the PENTALOG GROUP and third-party companies who may have access to your personal data. This is particularly the case:  

• for technical services; 

• to confirm your identity; 

• for suppliers; 

• for internal administrative and accounting matters; 

• for recruitment when using its affiliate SkillValue to assess applications. 

4.3. PENTALOG only shares data with the third parties mentioned in article 4.3 in the following cases:  

• When PENTALOG uses suppliers to improve and optimise its Website and services; 

• When using communication tools (social networks, chat tools from our Website) and email clients to communicate with you; 

• When PENTALOG is (1) legally required to comply with a request from the legal authorities, (2) an emergency poses a risk to an individual’s physical safety, (3) when PENTALOG needs to implement a contract or prepare for the implementation of a contract (4) to guarantee the rights of PENTALOG; 

• In the event of the sale or purchase of a company or assets, PENTALOG reserves the right to share its users’ personal data with the potential seller or buyer of this company or these assets. 

• If PENTALOG or all or part of its assets are acquired by a third party, the data in its possession shall, where required, be passed on to the new owner. 

• Under the regulations in force and with its users’ consent, PENTALOG may, where necessary, aggregate data and send it to companies in the PENTALOG Group, including all or part of its users’ personal data and the cookies collected. This information shall be used strictly for the purposes described above.  

• By allowing PENTALOG to access personal data via social networks, their privacy policy and terms of use become effective for users. PENTALOG has no control over the collection or processing of data collected by these networks. 

5. How does PENTALOG use and moderate comments? 

PENTALOG reads comments posted on its blog and ensures that comments do not contain inappropriate content. Users are required only to post appropriate content related to the subject on our blog. 

6. Emails sent by PENTALOG  

6.1. PENTALOG may only use your data provided on the Website in accordance with the GDPR, in other words: with your consent where required, in particular to (1) send targeted marketing content, (2) send a newsletter, (3) send a price list, and (4) send an event invitation. 

6.2. In accordance with its legitimate interests, PENTALOG may send you emails if you are likely to be interested in its services or if you have shown an interest in its services. 

6.3. Pursuant to the legislation in force, you may decide to stop receiving emails from PENTALOG, at any time, by withdrawing your consent. To do so, you must unsubscribe via the link included at the bottom of every marketing email or by emailing PENTALOG with the details of the request at the following address: contact@pentalog.com.  

6.4. For personal data collected indirectly by PENTALOG, the right of information as defined by the GDPR shall be respected at all times by PENTALOG from the first communication with the data subjects.  They may decide, at any time, to exercise the rights set out in article 6.3.  

On social networks (for example, Facebook and Twitter) you can oppose the processing of your data at any time by configuring your account settings relating to advertising; 

On third-party websites: you can refer to the Cookie Policy to find out how to withdraw your consent. 

7. Where and how data is shared by PENTALOG 

7.1 For EU or European Economic Area (EEA) Users, PENTALOG stores your personal data within the European Union. For non-EU users, PENTALOG may use data centers out of EU or the EEA.  

7.2 However, in the course of using the Website, some of your data may be transferred to other countries whose local personal data protection laws differ from those in the user’s country of residence.  

7.3 This happens, in particular, when data is transferred via third-party application software. PENTALOG uses this third-party application software to operate its services, communicate with you, and pass on information in preparation for the signing of a technical services contract. 

7.4 This is also the case for PENTALOG GROUP affiliates located outside the EU or the EEA to which PENTALOG may transfer some data as part of the provision of services in these countries or certain administrative and accounting tasks. 

7.5 When such transfer occurs, PENTALOG shall ensure that the transfer is done in accordance with this Policy and guaranteed an adequate level of personal data protection of your personal data through the use of the Standard Contractual Clauses of the European Commission among other. 

  7.6 In the interests of full transparency towards its users, PENTALOG undertakes to provide on request the list of countries in which users’ personal data is stored in the European Union or the EEA, and the list of countries to which data is occasionally passed on.  

8. Security measures  

PENTALOG takes all the necessary technical and organisational measures in accordance with the GDPR to guarantee the best possible level of security, ensuring comprehensive protection of the personal data collected 

These security measures will oblige for example PENTALOG to verify the requested identity of an individual in case of exercise of the rights provided in the article 9. 

If you believe your personal data has been interfered with in any way, please contact PENTALOG immediately in accordance with article 13. 

9. Your rights over your personal data 

9.1 If you are an EU or a EEA based Users, you are under the provisions of the articles 12 and seq. of the GDPR: 

You have the right to access your personal data processed and held by PENTALOG.  

When such a request is made by a user, PENTALOG may, before responding, confirm the user’s identity by asking them to provide more information. 

In the case of requests which, due to their number or repetitive or systematic nature, are manifestly unreasonable, excessive or unfounded, PENTALOG may either refuse to pursue the request by demonstrating its manifestly excessive or unfounded nature, or request the payment of reasonable fees that consider the administrative costs incurred in providing the information, sending correspondence or adopting the measures requested. 

For non-EU based users, PENTALOG will guarantee the same level of rights on your personal data when provided by the local applicable regulation on personal data.  

9.2 Pursuant the articles 12 and seq. of the GDPR, PENTALOG shall respond to you as soon as possible and, in any case, within one month of receipt of the user’s request, or within two months considering the complexity and number of requests.  

In this case, PENTALOG shall inform you of the reasons for extending the deadline of one month from receipt of the request. 

9.3 You may correct, change or remove any incorrect information under the articles 12 and Seq. of the GDPR. 

It is your responsibility to provide PENTALOG with full, accurate and up-to-date information. You may withdraw your consent at any time.  

Any request to change or remove data must be made by contacting PENTALOG directly in accordance with article 13, below.  

9.4 PENTALOG may store some of your personal data if required by the legislation of an EU Member State in which it operates or EU legislation. This shall also be the case when PENTALOG has a legitimate interest in doing so under the terms of the applicable law or the GDPR. (This also applies to non-EU based users according to local applicable legislation). 

9.5 Under the applicable law, when this is the case, in particular in France pursuant to the Data Protection Act, you may give instructions relating to the storage, deletion and disclosure of your data after your death.

10. Cookies  

Pursuant to article 1 of the presents on the data that PENTALOG is collecting and pursuant to its Cookies charter, PENTALOG uses cookies to customise and optimise browsing and time spent online. Refer to the Cookie Charter for more information. 

11. Links to other websites from PENTALOG’s Website 

The Website may contain some links to the Websites of companies in PENTALOG GROUP or third-party companies such as social network or media. PENTALOG hereby informs you that some PENTALOG GROUP’s affiliates have own very strict and transparent privacy policy, which can be viewed on their websites or will be available shortly. As for third-party companies, it is your responsibility to familiarise themselves with their privacy policies before submitting your personal data. PENTALOG may not be held liable for use of this data by these third-party websites and shall not, under any circumstances, be responsible for the privacy policy of these third-party websites.  

12. Changes to the Privacy Policy 

PENTALOG reserves the right to change its Privacy Policy at any time.  

PENTALOG shall visibly publish any substantial changes on its Website and they shall take effect from the date of publication. In this case, PENTALOG shall contact you via email if necessary. PENTALOG is committed to full transparency regarding the use of your data, subsequent uses and the third parties to whom PENTALOG intends to disclose it.  

13. Contact PENTALOG 

Users of the Website can contact PENTALOG with any queries relating to this Policy or any requests relating to their personal data.  

PENTALOG can be contacted via its website, at the email address contact@pentalog.com or, to exercise the rights guaranteed by the applicable laws and the GDPR, by sending this form to the address given above and reproduced in the form’s header. 

14. PENTALOG affiliates and relevant Regulatory Bodies 

As described above, this Policy applies to the companies below. PENTALOG provides a list of the relevant regulatory bodies based on the information available as of December 16th 2020: