Data Protection Charter
How is your personal data collected, stored, and processed?

Preface
This Charter applies to all personal data processed by the entities of the Lunalogic group in France, acting as data controllers in the context of the services provided to professional clients and businesses in compliance with the legal obligations resulting from the provisions of the General Data Protection Regulation of April 27, 2016, which came into effect on June 25, 2018.
It explains what data we may collect about you, how we use this data, who we may share it with, and what measures we take to ensure its confidentiality and security.
This Charter covers all processing of personal data for which Lunalogic France (Lunalogic Group, Lunalogic SAS, Lunalogic Data Sciences) is the controller.
Some of the links present on our websites may redirect you to websites not belonging to Lunalogic. These websites have their own privacy policies or data protection charters that may differ from ours: it is your responsibility to familiarize yourself with them.
All individuals whose data you provide to us must be informed, in particular through this Charter, about how we may collect and process their data. These individuals must particularly be informed of their rights.
When we use the terms "Lunalogic," "we," or "our," this includes all Lunalogic entities in France and other companies in the Lunalogic group. The Lunalogic group refers to all companies directly or indirectly owned and/or controlled by Lunalogic Group.

What data do we collect?
The data we collect or hold about you may come from various sources. Some have been collected directly from you, while others may have been collected in compliance with applicable regulations, in the past, or by other companies in the Lunalogic group.
We may also collect information about you when you interact with us, for example, when you attend one of our events (conferences, job fairs, recruitment forums for Grand Schools).
Some may even come from publicly accessible sources (e.g., recruitment sites, press).
The data you provide us may concern, for example:
• information regarding your identity such as your name, gender, date and place of birth, the information present on your identity documents;
• your contact details such as your email address, phone numbers;
• information you provide us by filling out forms or communicating with us, whether by phone, in person, by email, or by any other means of online communication.

The data we collect or generate may include, in particular:
• information related to our business relationship;
• any information contained in client documentation or in the forms you may complete as a prospect;
• data related to our internal investigations, including checks related to due diligence before entering into a relationship or throughout our business relationship, checks related to the application of social and tax rules, checks related to data security rules concerning access controls and backup of records;
• records of all correspondence and communications between us, including: emails, instant messaging, or any other type of exchanges and communications.

How do we use your data?
We will only use your personal data if you have consented to it or if this use is based on one of the legal grounds provided by law:
• The protection of our legitimate interests;
• The execution of a contract concluded or an engagement under which you are and/or we are engaged;
• Compliance with a legal or regulatory obligation;
• Preservation of the public interest, such as the prevention or detection of fraud or a financial offense. We collect and process information about you for various reasons, including:
• To provide you with services and validate any order or instruction you request or authorize;
• to meet all our legal, regulatory, or tax obligations, ensuring LUNALOGIC's compliance with applicable laws and regulations;
• to prevent or detect any risk of fraud or financial offense;
• to assert our rights.

Monitoring and Recording of Our Exchanges
We may record and store conversations you have with us, including letters, emails, live chats, video conversations, and any other type of messaging;
We may also evaluate, analyze, and improve our services, train our employees, manage risks, or prevent and detect fraud and other financial offenses based on this data.
As part of the events we organize (conferences, seminars, training, meetings), we may collect images, photos, or videos of you.
Who may we share them with?
We may transfer and disclose your data to:
• other companies in the Lunalogic Group, subcontractors, agents, partners, or service providers who work for us or other entities in the LUNALOGIC Group (including their employees, administrators, and management);
• any company (new or potential) in the Lunalogic group (for example, if we undergo restructuring or acquire other companies or merge with other companies) or any company acquiring all or part of a company in the Lunalogic group;
• auditors, regulators;
• the French government, judicial or administrative authorities/jurisdictions.

International Data Transfers
The personal information collected by the Lunalogic group, during the relationship according to the agreed purposes, may, during various operations, be transferred to a country within or outside the European Union. In the context of a transfer to a non-EU country, the protection and security of this information is ensured in accordance with Article 45 of the aforementioned General Data Protection Regulation of April 27, 2016.

How long do we retain them?
The data is retained and processed for the time necessary to achieve the pursued purposes and for a maximum duration corresponding to the duration of the contractual or business relationship, plus the time required for the liquidation and consolidation of rights, prescription periods, and exhaustion of appeals. To meet its legal obligations, or to respond to requests from regulators and administrative authorities, as well as for statistical research purposes, the data is archived under the conditions provided by law.
In accordance with applicable legislation, when we no longer need them, we will securely destroy them according to our internal policy.

Your rights
You can, at any time, under the conditions provided by law, access information concerning you, object for legitimate reasons to their processing, have them rectified, request their deletion, limit their processing, their portability, or communicate instructions on their fate in case of death.

You can also, at any time and without justification, object to the use of your data. When the processing is based on consent, you may withdraw your consent by writing a simple letter to Lunalogic.
What do we expect from you?
You must ensure that the information you have provided to us is relevant and up to date. You must also inform us, without delay, of any significant change in your situation. If you provide us with information about a third party, you must ensure that they have authorized you to do so.

How do we ensure the security of your data?
We implement technical and organizational measures to protect your data, including the establishment of physical security procedures. We impose on our staff and all third parties working for the Lunalogic group strict standards of security and information protection, including contractual obligations under which they commit to protecting all data and applying strict measures regarding data transfer.

Learn more about your data
If you wish to learn more about the provisions of this Data Protection Charter, contact our Data Protection Officer, or exercise your rights, you can write to us at the following address: LUNALOGIC – Data Protection Officer
59 rue de Richelieu 75002 Paris
This Data Protection Charter may be amended.