General Personal Data Protection Policy
1. What is the purpose of this Privacy Notice?
BROADPEAK, S.A. (hereinafter “BROADPEAK”, “we”, “us” and “our”) attaches great importance to your privacy.
This Policy also informs you of your rights regarding your Data.
2. The identity and contact details of the Controllers
Name : Broadpeak, S.A
A company duly organized and existing under the laws of France and having its registered offices at 15 rue Claude Chappe, Zone des Champs Blancs, 35510 Cesson-Sévigné, France,
Registered at the Rennes Trade Register under the number 524 473 063
Mail : firstname.lastname@example.org
3. What Personal Data do we process, for what purposes and how?
When you will be browsing our website, some cookies and/or beacons may be implemented.
When you fill one of the Broadpeak website contact form and/or sign up for the newsletter, or download some documentation, we will ask and collect your identification and contact data, in particular:
Company / organisation
Professional email address
Center of interest with respect to the industry in relation to Broadpeak activities
The source of the personal data
Filling forms or signing up to receive the newslettter on Broadpeakwebsite and/or through physical (eg trade show event) and/or online events organized by, for or with Broadpeak.
How do we use your data – Purpose of Processing
BROADPEAK uses your Data to:
1. to manage access and browsing of the Website;
Below are the legal bases for the purposes of processing
DO WE DISCLOSE YOUR DATA?
We will need to disclose some of your Personal Data to our internal staff, including consultants and contractors in relation to our relationship.
We use some third parties such as TPF, Salesforce, Pardot, Fathom, Rocket.net, Cookieyes, WordPress, to manage your account in the different steps of relationship with Broadpeak. They process your Personal Data strictly according to our instructions and with the intended Purposes.
4. Do we transfer your Data outside the European Union?
· This international transfer of your Personal Data to our Affiliates is covered by Standard Contractual Clauses approved by the European Commission, as provided in Article 46 of the GDPR.
· The International transfer of your Personal Data to suppliers and/or Contractors outside of the EU will be made either to partner located in country being subject to adequacy decision under article 45(1) of the GDPR or by Standard Contractual Clauses approved by the European Commission, as provided in Article 46 of the GDPR.
· The international transfer of your sensitive data is covered by the consent you have given prior to the processing of your Data.
· If you want to have access to these Standard Contractual Clauses, please contact us via the contact form available at the following address
5. How long do we retain your Data?
We retain your Data for as long as necessary to fulfill the purposes described in this Policy.
In particular, your Data is retained as long as your account is not deleted or your overall registration is active and for a period of 5 years thereafter. We reserve the right to delete such information as part of our regular review of inactive accounts or registration.
6. Your rights as a Data Subject:
In accordance with applicable law, you have the following rights with respect to the use of your personal data. These rights may be subject to certain conditions, limitations and legal exceptions.
If you wish to obtain more details on how to exercise your rights or for any question relating to your personal data, and any procedure relating to the exercise of your rights, please fill in the form accessible at
the following address: email@example.com
or to the following postal address:
15 rue Claude Chappe, Zone des Champs Blancs,
35510 Cesson-Sévigné, France
In accordance with the law, requests for the exercise of rights must provide sufficient information for BROADPEAK to verify the identity of the individuals (to ensure that those making the requests are the individuals themselves or those authorized by them).
BROADPEAK will verify upon receipt of the request that the request is in compliance with applicable regulations.
In addition, if you believe that your Data is not being processed in accordance with this Policy or the applicable personal data protection regulations, you may file a complaint with the Commission Nationale Informatique et Libertés (CNIL): 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07 or www.cnil.fr
Right of Access
You have the right to obtain from BROADPEAK confirmation as to whether or not Personal Data concerning you is being processed and, where that is the case, access to a copy of the Personal Data and specific information about how BROADPEAK processes the Personal Data.
Right of Rectification (Correction)
You have the right to obtain from BROADPEAK the correction of inaccurate Personal Data concerning you and also the right to have incomplete Personal Data completed.
Right of Erasure (Deletion)
You have the right, in certain cases, to obtain the deletion of your Data. This right applies in particular when your personal data are no longer necessary for the purposes for which they were collected;
Right to Restriction
You have the right to obtain from BROADPEAK restriction of processing in particular circumstances.
Right of Objection
You have the right to object to the processing of your Personal Data in particular circumstances.
Right of Portability
In certain circumstances, you have the right to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller.
Right to Withdraw Consent
Where the legal basis of processing Personal Data is based on consent, you have the right to withdraw your consent at any time.
Right to define directives concerning the fate of your personal data post-mortem
You have the right to set guidelines for the retention, deletion and disclosure of your Data after your death.
You also have the possibility of registering on the “BLOCTEL” list of opposition to telephone solicitation on the website www.bloctel.gouv.fr.
Information security is one of our strong commitments and, in compliance with legislation in force, BROADPEAK will process the user’s details, and data at all times in strict confidentiality and observing applicable obligations of confidentiality and security.
BROADPEAK protects information in accordance with appropriate and established security standards and procedures and as required by applicable laws and regulations. We continually assess new technologies that can be used to secure information, and data. We use a secured server and implement a variety of security measures to keep your Personal Data safe when you register, enter, submit, or access your Personal Data and preventing their alternation, loss, non-authorized processing or access to them. Our employees and contractors are trained to understand and comply with these information principles. BROADPEAK will ensure that any data provided by the user or accessed by its personnel, shall be used by such personnel only in connection with its purposes hereunder, and shall not be exploited by BROADPEAK personnel commercially or otherwise to gain any benefit or cause any direct or indirect detriment to the user or to its network in any manner whatsoever except than for the purposes.
8. How do we update this policy?
In the event that this Policy changes, BROADPEAK will take appropriate steps to ensure that you are aware of the latest version of this Policy, such as by posting a notice of change or by any other appropriate means.
Controller: An organization which (alone or jointly with others) determines the purposes and means of the processing of Personal Data.
Data Transfer Agreement: An agreement containing standard data protection clauses adopted by the European Union Commission as referred to in Article 46(2)(c) of the GDPR.
Data Subject: The identified or identifiable natural person to whom the Personal Data relates.
GDPR: The European Union General Data Protection Regulation (2016/679).
Legal Basis: Processing of Personal Data is only lawful if and to the extent that at least one legal basis specified in the GDPR applies. The available legal bases which are applicable in the employment context are summarized as
· consent of the Data Subject (e.g., pictures, image),
· processing is necessary to enter into or perform a contract
· processing is necessary for compliance with a legal obligation to which the Controller is subject,
· processing is necessary in order to protect the vital interests of the Data Subject or another natural person,
· processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject which require protection of Personal Data (Legitimate Interests)
Personal Data: Any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Process/Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
Special Categories of Personal Data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation
Last update: 02/03/2023