Personal data protection policy
Banque Richelieu France



Please read this personal data protection policy of Banque Richelieu France carefully.



General

By subscribing to and using the products and services (hereinafter, the “Services”) offered by Banque Richelieu France, as well as browsing all websites provided and operated by Banque Richelieu France (hereinafter, the “Website”) you hereby accept all the terms and conditions of this Personal data protection policy (hereinafter, the “Policy”).

Introduction

Banque Richelieu France attaches the utmost importance to the protection of your personal data (hereinafter, “personal data” or “data”). This Policy is aimed at informing you about the way our institution collects, uses, handles and submits your personal data when you use our Services, our Website, and our mobile application. The handling of your data conforms to applicable legislation on personal data protection, and in particular European Regulation no. 679/2016 on personal data protection and handling (“GDPR”) and to Act no. 78-17 of 6 January 1978, as amended, on information technology, files and liberties (hereinafter, the “Regulations”). These Regulations only apply to personal data which may directly or indirectly help identify an individual. These data may be collected, saved, stored, adapted, transferred, handled and/or used by the Bank in accordance with the following provisions. For the purpose of this document, the terms “we/us”, “our” or the “Bank” refer to Banque Richelieu France.



Which officer handles them?

The officer in charge of handling your personal data is Banque Richelieu France, with registered office at 1-3-5, rue Paul Cézanne – 75008 Paris. Banque Richelieu France shall determine the purpose and handling of your personal data.



Who are the people covered by this document?

This document is intended for any individual who is directly or directly linked with the Bank, including, but not limited to :

  • Customer
  • Prospect
  • Visitors/Users of our Website
  • Candidates
  • Peolple who contract the Bank
  • Guarantors
  • Authorised Representative
  • Legal representatives, corporate officers and other people authorised by an entity that is a customer of the Bank
  • Beneficial owners, with financial rights and shares in an entity that is a customer of the Bank

Bank employees are not covered by this Policy, having been included in a Human Resources data protection policy

The Policy is not intended for minors. We understand the importance of protecting data related to minors, especially in a virtual environment, and thus we make a point of not collecting or keeping any data related to minors.

In all these cases, we may use your personal data. If this applies to you, please read this document.


Which are the personal data collected within the browsing of the website?

During the browsing of our website, Banque Richelieu France must collect and handle some of your personal data. The data which we gather may include, on the basis of your use of our website, the following categories :


Categories of data
Type of data
Identification, personal and contact information
Full name, address, place and date of birth, country of residence, telephone number, email address.
Professional life
CV, education level, professional training, honours and professional status, languages, hobbies and interests.
Browsing and cookies
Technical log, IP address, data collected using cookies.

There is no obligation to answer the questions asked by the Bank. However, failure to communicate these data may result in the impossibility for Banque Richelieu France to process your request or for you to be able to use the tool or service.

We can also collect and use personal data if they are provided by your employer, your company or another company to which you are related within the framework of an agreement or relationship between our institution and your employer or said company.



Which data are collected outside the Website?

The Bank, especially during the subscription to one of its Services, shall handle different types of personal data, and in particular those included in the following categories:


Categories of data
Type of data
Identification, personal and contact information
Full name, address, place and date of birth, country of residence, tax status, marital status, matrimonial regime, education and professional status, telephone number, email address, languages, hobbies and interests.
Banking and financial information, transaction data
Account number, portfolio number, customer number, investment profile, transaction-related data, value of assets.
Videos and telephone recordings
The premises of the Bank to which you have access are protected by cameras. Any data thus collected are treated by the Bank for safety purposes only.

Electronic and telephone communications may be recorded by the Bank or on its behalf.
Public
Data published or transmitted by a public institution may be handled by a Bank.
Professional life
CV, education, professional training, honours.
Other
Any other Personal Data reasonably linked to the Bank’s affairs.

If we collect or receive your personal data within our services, we may receive information from third parties and counterparties during transactions, or from regulatory authorities, etc. This information may include your name, location, employment details and other information relevant to the services we provide to our customers.



Which data do we not collect?

Except in very specific cases or unless otherwise provided by the Regulations, the Bank shall never handle data related to your racial or ethnic background, philosophical convictions, religion, union membership, sex life or sexual orientation and genetic data.



What is the purpose of the implemented handling?

The purpose of the handling is in keeping with the set goal, and the needs in question for the officer in charge.

The personal data you submit via the Website are collected and handled by Banque Richelieu France mostly in order to meet the requests stated via all collection supports, tools and services made available via the Website, requests for information, appointments, reminders or invitations to events.

The data relevant to you and submitted to the Bank by you or a third party, by means of a form or document prepared by the Bank, an order or request or in any other form and whatever the support of this communication, are handled by the Bank to be used for operations in your favour and to serve any of the purposes listed below :

  • Informing the Customer and the update of their data,
  • Performance of the Account agreement,
  • Management of the account and banking and financial relationship,
  • Management of banking, financial or insurance products/services provided by the Bank,
  • Granting and managing loans,
  • Preparing statistics,
  • Risk assessment and management,
  • Prevention, search and detection of unpaid debts and fraud,
  • Collection,
  • Consultancy,
  • Assessment of the adjustment and suitable nature of the investment service rendered,
  • Management of transactions aimed at the interested party regards the products and services marketed by the Bank,
  • Storage and filing,
  • Any statutory and regulatory obligation.


What are the legal bases for collection and use of personal data?

The collected data are handled, if you have consented or if it is grounded on at least one of the following legal bases :

Any handling under a statutory or regulatory obligation to which Banque Richelieu France is subject, and especially the following purposes :

  • The fight against money laundering and the financing of terrorism,
  • Cooperation in terms of automatic information exchange under the “CRS” regulation,
  • Tax identification and reporting under the American “FATCA” regulation against tax evasion,
  • In terms of the Bank’s obligations to controlling, administrative or court authorities, authorised official bodies, and French or foreign market authorities.

The Bank handles your data within the framework of the execution of pre-contractual and contractual measures with you or your employer, or a company to which you are linked, and especially for the following purposes:

  • Relationship management,
  • Account management,
  • Granting and managing loans,
  • Providing or accepting products and services,
  • The need for handling in order to conclude a contract with you.

We handle your personal data in furtherance of the lawful interests pursued by the Bank or a third party which are necessary, for instance:

  • For the Bank to be able to conduct its everyday activities and provide its services,
  • Statistics,
  • The implementation of any change in the corporate structure or shareholders of the Bank,
  • A video surveillance system for safety and security purposes (people and property).

In addition, if any information which is not strictly necessary for the aforementioned purposes is collected, it shall require your prior consent. You may withdraw your consent at any time, if necessary.



With whom do we share your personal data?

Personal data collected by Banque Richelieu France may be communicated, for the fulfilment of the aforementioned purposes, to :

  • Any entity within the Bank’s group (as per Article L.233-3 of the Commercial Code), to the extent of the data needed to perform the sub-contracted services or tasks, or for their use for the purposes of the survey and management of files, as well as for commercial solicitation and/or other statistical operations
  • Third parties, especially partners, brokers and insurers, as well as sub-contractors and/or service providers, with which Banque Richelieu collaborates and whose input is necessary or useful for the aforementioned purposes,
  • Any lawfully authorised official bodies and administrative or court authorities, upon their request, to the extent needed for us to conform to any applicable statute and regulation,
  • Potential buyers or investors in our company, in whole or in part, and their advisers and financial officers, if there is a legitimate interest in our doing so,
  • Any addressee requesting the data needed to identify the person in question and contact them, particularly in the context of a health crisis, and as long as this data submission is aimed at safeguarding the vital interests of the person in question or of any other individual, to the extent of whatever data are strictly necessary to serve this purpose.


Which third party countries receive your personal data?

Any personal data thus transmitted to serve the agreed-on purposes may, for various operations, be transferred to a member state of the European Economic Area or a country whose legislation has been acknowledged as adequate by the European Commission in accordance with the provisions of Article 25 of European Directive 95/46, such as Switzerland. These data transfers take place in the conditions and under proper guarantees to ensure the protection of your personal data.



How do we protect your personal data?

Any useful precautions are taken to ensure the security and confidentiality of your personal data, especially to prevent their loss, alteration, destruction or use by unauthorised third parties. In addition, we ask those third parties, as listed above, to implement technical and organisational security measures appropriate to said personal data.



What are your rights?

In accordance with statutory and regulatory provisions, you may exercise, at no expense to you and at reasonable intervals, the following rights :

  • Right to access and receive your personal data :
    You have the right to request which are your personal data we hold. You can also access data affecting you.
  • Right to rectify your personal data :
    You may ask us to rectify your personal data at any time, if you find that they are incomplete or erroneous.
  • Right to delete your personal data :
    You may also ask the Bank to delete your personal data, based on any reasonable technical means available to the Bank. However, the Bank may refuse to proceed with this transaction if the handling of your data becomes even more necessary, particularly to meet its statutory, contractual or testing obligations.
  • Right to limit the handling of your personal data.
    In certain specific cases, you can ask for the limitation of the handling of your personal data.
  • Right to object to the handling of your personal data.
    You can object to the handling of your personal data in certain specific cases. In these cases, the Bank shall not handle your personal data, unless it can show that there are lawful urgent reasons for the handling which prevail upon your interests. You also have an absolute right to object to the handling of your personal data for the purpose of any direct business solicitation.
  • Right to withdraw your consent to the handling of your personal data.
    You may withdraw your consent to the handling by the Bank of your personal data.
  • Right to the portability of your personal data :
    You have the right to have your personal data provided to us transmitted directly to a processing officer, to the extent that is technically possible for the Bank. The aforementioned rights may be enforced to the Bank’s data protection delegate at the following address: “Banque Richelieu France, Data Protection Delegate (DPD) – 1-3-5, rue Paul Cézanne – 75008 Paris” or by email to the following address: “protectiondesdonnees.fr@kblrichelieu.com”. The Bank undertakes to respond in the terms set forth under applicable regulations. The user may, in the event of a dispute, refer to the National Commission for Information Technology and Civil Liberties (CNIL). In order to refer a matter of the CNIL, a letter must be sent to the President of the CNIL, National Commission for Information Technology and Civil Liberties – 3, Place de Fontenoy – TSA 20715 – 75334 PARIS CEDEX 07.


How long do we keep personal data?

The time during which the Bank keeps personal data varies and is determined on the basis of different criteria, including :

  • The purpose of the Bank’s use: The Bank must keep the data during the period needed to serve the purpose linked with handling; and
  • Statutory obligations: the legislation or regulation may set a minimum period during which the Bank must keep the personal data.


Modification of our Personal data protection policy

The Bank reserves the right to modify this Policy in order to consider any changes introduced to the various applicable regulations and practices. Any changes introduced to our Policy shall be published directly on our Website. In order to ensure that you have the latest version at all times, please check online.



Personal data collection by automated means

The use of cookies is widespread on the Internet. A cookie is a small text file, containing information, saved in the hard drive of your device (e.g. computer, tablet or mobile phone) when you visit a website, through your browser software. It is transmitted by the server of a website to your browser. The cookie file helps its issuer identify the device where it has been saved during the validity or storage period of the cookie in question.

In order to improve the presentation of the website and to provide access to secure sections, a cookie will be placed in your computer. The sole purpose of this cookie is to store information on the identification of the user and the browsing on the user’s computer within this site. Users acknowledge they have been apprised of this practice and authorised by Banque Richelieu France to apply it.

They may refuse cookies by means of the settings in your browser software. However, disabling cookies may restrict access to customised services for Banque Richelieu France customers.