1.4. Data controller – Data protection officer – Supervisory authority

2.1. Categories of personal data collected directly
In the situations covered by this document (see situations described in “1.2. Situations in which this confidentiality policy applies”) – in particular when you register on the dedicated online software, via the “customer access” portal accessible at www.pradel.app or via the pradel.fr website, when you send us a contact form, or when you register for a webinar – we may collect the following personal data:

-surname; first name ;
-e-mail address (business or personal);
-telephone number (business or personal);
-where applicable, the name of the legal entity that you represent with the firm, or the name of your employer on whose behalf you operate and whom you represent with the firm;
-If applicable, the position you hold within your employer’s organisation.
-Where applicable (only for third parties involved in a case relating to an accident at work or an occupational illness) the name of the insurer, the insurance policy number, the name of the insurance company and the address of the insurance company.

2.2. categories of personal data collected indirectly
In some cases, the personal data mentioned above may also have been collected indirectly from a third party (doctor, CPAM, CARSAT).

If you are consulting this page because we are acting as counsel for a party in a dispute in which you are involved, it is possible that we may process personal data that has been communicated to us indirectly, in the context of exchanges covered by the lawyer’s professional secrecy. In such a case, the RGPD applies with regard to the obligation to provide information (article 14.5 d° of the RGPD).

If you would like more information about the processing of your personal data, please contact the Data Controller or its Data Protection Officer (DPO).

2.3 Categories of personal data collected automatically

When you connect to the www.pradel.fr websites , the host collects your IP address and your connection information (date and time of connection, browser used, pages consulted), in order to be able to trace the connection and to meet its legal obligations in this respect.

When you connect to the above-mentioned URLs and, in some cases, when you click on links in some of our e-mails, we deposit “cookies” on your user terminal (computer, tablet, smartphone), with your consent. These are small text files which, once deposited, enable us to obtain information on the way in which you interact with the site or with our e-mails, in particular the pages you have visited, the time you have spent there, the links you have clicked on, etc. This information, which is attached to your IP address, may be cross-referenced with your e-mail address, when you have also given it to us – by submitting a contact form or registering for a webinar. If you have not objected to your business e-mail address being used for commercial canvassing, this information may enable us to target it better, based on what we know about your online behaviour.

When you connect to the practice’s dedicated software on the www.pradel.app website, either directly or via the www.pradel.fr website, the server collects your IP address and your connection details (date and time of connection, browser used, pages viewed), in order to authenticate the terminal used and thus secure access to the said site and software.

We only process personal data where we have a relevant legal basis for doing so, for specific purposes and for a limited period of time. This information is specified below.

3.1. Identification data – general case
3.1.1. Data collected
Surname, first name, email address (professional or personal), telephone number (professional or personal), where applicable the name of the employer or legal entity on whose behalf you operate.

3.1.2. Purpose of processing

To enable exchanges between the firm and its clients and prospects

To process requests from online contact forms.

Enable the organisation of webinars.

Enable exchanges between the firm and its other correspondents (colleagues, doctors, experts, third parties involved, witnesses).

Enable the firm to process legal advice, declarations and litigation files entrusted to it by its clients. To enable the firm to meet its legal obligations to retain data relating to the civil identity of users of its application. (decree no. 2021-1362 of 20 October 2021, article 2).

3.1.3. Legal basis
The processing is necessary for the performance of a contract or pre-contractual measures (article 6.1 b° of the RGPD), it responds to a legitimate interest (6.1 f° of the RGPD), it responds to the satisfaction of a legal obligation of the firm (article 6.1 c° of the RGPD)

3.1.4. Retention period
6 years on an active basis from the date of collection of the data until the file is closed, then intermediate archiving for a period of 10 years.

3.2. Identification data – promotion of our network
3.2.1. Data collected

The identification data mentioned above.

Where applicable, information relating to the interaction you have had with the e-mails we have sent you.

3.2.2. Purpose of processing

To enable us to promote our network (invitations to our webinars, newsletters, news, etc.).

3.2.3. Legal basis

The processing is necessary for the performance of a contract or pre-contractual measures (article 6.1 b° of the RGPD), it meets our legitimate interest (6.1 f° of the RGPD).

3.2.4. Retention period
3 years from your last contact with the firm

3.3 Information collected via cookies
3.3.1. Data collected
IP addresses of visitors to the www.pradel.frwebsites

Data collected via cookies and linked to the IP addresses mentioned above: website pages consulted, time spent on each page, links clicked, etc.

The identification data mentioned above, where available to us – for example, when you have submitted a contact form or registered for a webinar, and you have consented to the use of your identification data for electronic canvassing purposes.

Information relating to the interaction you have had with the e-mails we have sent you.

3.3.2. Purposes of processing

To understand your interaction with the online content we offer (website, newsletters, information, etc.), and to adapt the electronic solicitations we send you accordingly, where you have not objected to this.

3.3.3. Legal basis

Your consent (article 6.1 a° of the RGPD).

3.3.4. Retention period
How long cookies are kept: 13 months after they are placed on your terminal (if you have not cleaned your browser);

Data retention period: 3 years from the date of your last contact with the firm

3.4. Insurance data
3.4.1. Data collected
Name of the insurer, insurance policy number, company name of the insurance company, address of the insurance company (only for third parties who may be held liable).

3.4.2. Purpose of processing
To enable the firm to process the declaratory and contentious files entrusted to it by its clients.

3.4.3. Legal basis
The processing is necessary for the performance of a contract or pre-contractual measures (article 6.1 b° of the RGPD), it meets our legitimate interest (6.1 f° of the RGPD).

3.4.4. Retention period
6 years on an active basis from the date of collection of the data until the file is closed, then intermediate archiving for a period of 10 years.

3.5. Connection data
3.5.1. Data collected
For connections to the www.pradel.fr and www.pradel.app :
Login identifier, IP address used, date and time of connection, date and time of disconnection, browser used, pages viewed.

3.5.2. Purposes of processing
To authenticate the terminal used, to enable secure access to the Internet portal (“client access”) of the dedicated software.

3.5.3. Legal basis
The processing serves a legitimate interest (6.1 f° of the RGPD).
The processing is necessary to fulfil a legal obligation of the Data Controller (article 6.1 c° of the RGPD).

3.5.4. Retention period
1 year on an active basis from the date of collection of the information (decree no. 2021-1362 of 20 October 2021, articles 3 and 5), then 3 years on an intermediate archiving basis.

4.1. Authorised personnel
The use of the aforementioned personal data is strictly limited to our work as lawyers and to the defence of the interests for which the data has been entrusted to us. It is accessible only to duly authorised staff of the firm, who are bound by professional secrecy.

4.2 Direct correspondents of the firm
In the context of the firm’s activity as a lawyer, the personal data entrusted to it may be communicated to the courts, public authorities and competent social protection bodies, as well as to the other parties involved and their advisers when such transmission is necessary.

4.3. Sub-contractors
Personal data is also entrusted to our subcontractors, within the framework of the contracts that bind us to them. These sub-contractors are responsible for
– the design, development and maintenance of the firm’s dedicated software and other IT tools ;
– the design, creation and maintenance of the firm’s IT networks (internet, intranet);
– hosting the firm’s IT data;

We may also use other subcontractors as part of our electronic canvassing activity: software for webinars, CRM tools, service providers enabling us to organise electronic canvassing campaigns.

In accordance with the provisions of Articles 15 to 22 of Regulation No. 2016/679/EU of the European Parliament and of the Council of 27 April 2016 on the General Data Protection Regulation (GDPR), you have a number of rights regarding personal data.

In order to exercise these rights, we invite you to contact the Data Controller or its DPO at the above addresses (see “2. Identity of the Data Controller and DPO”).

Certain personal data is necessary to defend the interests of our customers in legal proceedings. This must be taken into account when exercising the right to erasure, or “right to be forgotten” (17.3 e° of the RGPD), the right to object (article 21 of the RGPD) or the right of access (article 15.4 of the RGPD).

5.1. Right of access and communication of data
You have the right to access your personal data that is being processed.

To help you do this, the Commission Nationale de l’Informatique et des Libertés (CNIL ) provides a model letter.

5.2. Right of rectification
You have the right to obtain the rectification and/or updating of your personal data if this data is inaccurate, incomplete, ambiguous or out of date.

To help you do this, the Commission Nationale de l’Informatique et des Libertés (CNIL ) provides a model letter.

5.3. Right of deletion or right to be forgotten
You have the right to ask for your personal data to be deleted.

To help you do this, the Commission Nationale de l’Informatique et des Libertés (CNIL ) provides a model letter.

The personal data we hold is often necessary to exercise or defend a legal right. We must act in accordance with our legal obligations and ethical principles. This must be taken into account when exercising your right to be forgotten (17.3 e° of the RGPD).

5.4. Right to limit processing
You are entitled to obtain a restriction on the processing of your personal data in the following situations:

You challenge the accuracy of your personal data for the period of time necessary for us to verify its accuracy; and/or

If your personal data has been processed unlawfully and you request that its use be restricted rather than erased; and/or

We no longer need the personal data for the purposes of processing, but it is still necessary for you to establish, exercise or defend legal claims; and/or

If you exercise your right to object while we check whether the legitimate reasons we are pursuing prevail.

Where the processing of your personal data is subject to restriction, the Data Controller may, with the exception of storage, process your personal data only with your consent, or for the establishment, exercise or defence of legal claims, or for the protection of the rights of another natural or legal person, or on important grounds of public interest of the Union or of a Member State.

5.5. Right to object to processing
You have the right to object, on legitimate grounds relating to your particular situation, to the processing of personal data, unless the Data Controller demonstrates that such processing is justified by overriding legitimate grounds which take precedence over your own.

The need to protect the interests of a customer is likely to constitute such a compelling legitimate interest.

5.6. Right to data portability
You have the right to obtain the personal data you have provided to us in a structured, commonly used and machine-readable format, so that you can re-use it for your own purposes by transmitting it yourself to another data controller.

This right may be exercised in particular in the case of the succession of lawyers.

5.7. Right to withdraw your consent
Where processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of the processing based on consent carried out prior to the withdrawal of consent. To do so, simply contact us at the above address.

5.8. Right to lodge a complaint with the competent supervisory authority
You have the right to lodge a complaint about the way in which we handle or process your data with the competent national supervisory authority (see above, 3. Competent supervisory authority).

5.9. Time limits for processing rights and notification
We undertake to respond to your requests within a reasonable time, which may not exceed 1 month from receipt of your request, and to notify you of any action taken by our services in accordance with your requests.

6.1. What are cookies and trackers?

Cookies are small text files that are automatically placed on your terminal (computer, tablet, smartphone) when you visit websites. They are stored by your browser.

More generally, a tracker isany technical process that reads or writes information on the user’s terminal, i.e. the equipment the user uses to connect (smartphone, tablet, computer, etc.). Fingerprinting, which consists of combining IP addresses, technical characteristics of the terminal and the browser to identify a single visitor, is a form of tracking, although it does not necessarily involve depositing cookies.

6.2. What are the main categories of cookies and trackers? Do they all require your consent?

A distinction is usually made between “system” cookies or trackers and “analytical” cookies or trackers.

System” or “essential” cookies or trackers are those that are essential for websites to function properly. They facilitate access, help you to navigate smoothly and access all the functions you require. Without them, websites would not function properly and your browsing would not be as smooth. For example, they make it possible to identify the browser used in order to optimise the display of the site.

Due to their nature, the placement of this type of cookie or tracker does not require your consent.

Analytical” cookies or trackers refer to cookies that are not strictly necessary for the operation of the sites, but which enable certain analyses to be made of the use of the sites, in particular their traffic. This is the case for audience measurement cookies, those linked to targeted advertising operations and social network cookies generated by social network sharing buttons.

Unlike “system” cookies, “analytical” cookies can, in principle, only be placed on your terminal with your consent.

However, there are certain exceptions to this requirement to obtain consent. This is the case in particular for cookies whose function is to collect user consent, or for cookies or tracers which are only used to measure the audience for the site or application, to meet various needs (measuring performance, detecting browsing problems, optimising technical performance or ergonomics, estimating the power of the servers required, analysing the content consulted, etc.), are strictly necessary for the operation and day-to-day administration of the site or application.

For further information on cookies in general, please visit the websites allaboutcookies.org and youronlinechoices.com

6.3. What categories of cookies and trackers do we use? What information do we collect via cookies and trackers?

When you browse the www.pradel.fr websites, we may place analytical “cookies”, subject to your consent. These enable us to obtain certain generic information relating to your browsing of the site and the way in which you interact with it: the pages you have visited, the time you have spent there, the links you have clicked on, etc. This information, which is attached to your computer, is used to monitor your use of the site. This information, which is attached to your IP address, may be cross-referenced with your e-mail address, when you have also given it to us – by submitting a contact form or registering for a webinar. If you have not objected to your business e-mail address being used for commercial canvassing, this information may enable us to target it better, based on what we know about your online behaviour.

When you connect to the www.ouibi.fr, www.pradel.fr and www.pradel.app websites, we record your IP address, your connection times, the type of computer equipment from which you are connecting, the browser you are using, the site from which you are connecting and the pages of the site you have visited.

6.4. For what purposes do we collect data via cookies or tracers?

The cookies that we deposit enable us to understand your interaction with the online content that we offer (website, newsletters, information, etc.), and to adapt, as a result, the electronic solicitations that we may send you, when you have not objected.

The connection data that we store enables us to keep track of the devices that have connected to our sites and to meet our legal obligations.

6.5. How long are cookies or tracers stored on your terminal?

All the cookies we place on your terminal are limited to a maximum of 13 months.

However, you can shorten this period by cleaning your browser (see below).

6.6. What should you do if you wish to object to cookies and tracers being stored on your terminal?

With the exception of “system” cookies and the identification of connections to the site, the placement of cookies on your terminal is subject to your consent, which you express by clicking on “I consent” in the pop-up window dedicated to cookies.

If you do not give your consent, no “analytical” cookies will be placed on your terminal.

Although this can in no way be assimilated with expressing your consent, your browser settings can allow you to oppose, in a general way, the deposit of any type of cookie (and therefore also potentially “system” cookies),

Your browser settings allow you to refuse to accept any form of cookie on your terminal, including “system” cookies. Please note, however, that deactivating this category of cookie may affect the proper functioning of the site.

Your browser settings also allow you to withdraw your consent to the storage of “analytical” cookies on your terminal at any time by cleaning your browser.

Even after you have given your consent, you still have the right to withdraw it at any time.

To exercise your choice, you can consult the following pages, depending on the browser you are using:

– for Internet Explorer

– for Safari

– for Chrome

– for Firefox

– for Opera

This configuration is different for mobiles and tablets:

– for iOS

– for Android

– for Blackberry

– for Windows Phone

6.7. For more information on cookies and trackers

If you would like more information on cookies or trackers and how to control them, you can consult the CNIL website, which provides a comprehensive guide.

You can also visit the youronlinechoices.com website, where you will find simple instructions on how to manage cookies depending on the browser you are using.