Your personal data is precious and we take the utmost care of it You are an AMPERE Gestion website user. By clicking on the following headings, you can find out how we process your personal data on our website together with your data management rights. Click on each heading and an explanation will appear.
We collect and process your personal data as you browse our website and use your online professional space.
The purposes of your navigation and the use of your online professional space are as follows:
With your consent:
- For setting up your online professional space;
- Receiving, consulting and downloading various documents, such as fund prospectuses, contractual documentation, management reports, half-yearly reports, periodic reports, net asset value reports, the statutory auditors’ annual report and other useful investment information;
- Contacting us via online forms, to receive information on the funds we manage and access our financial report, or to ask us questions.
- To measure traffic on our website and produce statistics on who is using our online services and how they are being used (for more information, please refer to the section on your browsing data and cookies).
- As part of our legitimate interests:
- To ensure the security of our website and prevent possible cyberattacks or fraudulent use of the professional spaces.
- With your consent or in the absence of opposition on your part:
- To send you commercial information about our services and those of our partners.
We collect and use the following personal data :
Data provided to create and maintain your professional space:
- Your email address, which we use to create your account and send your password, and to indicate the procedure to be followed in the event that you forget your password. We also use it to send you commercial information with your consent or in the absence of opposition on your part;
- Personal information — including your last name, first name, position and investment funds — to enable us to send the documentation that concerns you to your professional space;
- The username and password that you use to log onto your professional space in a confidential and secure manner.
The data entered in the form is used to reply to your request:
- Your last name, first name and email address.
- Your message.
Data generated while you are using our website:
- Your browsing data generated while using our website (timestamp, user IP address, technical data relating to the user’s hardware and browser, cookies) and digital platforms via share buttons and media (i.e., cookies and other tracers);
- To measure traffic on our website and produce statistics on how our online services are being used;
- Log on records for a limited period for security purposes;
Our security solutions
Given the sensitive nature of personal data, we have long-standing expertise in data security that we are constantly improving to adapt to changes. We take appropriate physical, technical and organisational measures to ensure the security and confidentiality of your personal data and safeguard against loss, accidental destruction, corruption and unauthorised access. Your personal data is hosted in France (and occasionally in certain European countries) on our servers, or on dedicated services of which we are the exclusive users. We have deployed regularly-audited procedures to ensure this level of security and our service providers are contractually bound to comply with data protection obligations.
Limited access to your data
Of the data that we collect and process, each recipient only has access to the data necessary for performing the tasks entrusted to them personally, excluding all data not necessary for such purposes. Recipients may not use your data for purposes other than those that have been specifically entrusted to them. Recipients may not use your data subsequently for their own purposes nor communicate your data to third parties without your consent or permission.
Your personal data is only used on a day-to-day basis by people authorised to process it within the strict framework of the aforementioned uses, i.e., staff authorised to manage your online professional space and send you documents, as well as the IT administrators and technical support services required to ensure the security and integrity of the website and connections to it.
External recipients providing technical services:
- CDC Habitat’s internal IT service provider (GIE Systèmes d’information et Numérique) who provides IT support and our main data hosting services.
- Our expertise and technical assistance service provider (GIE Expertises et support), a CDC Habitat Group entity in charge of database management services.
- A number of online hosting services over which we have data administration control.
In the event that we receive a request for information, transmission or access to documents from a duly authorised judicial or administrative authority.
No reselling of your data
We should stress that we do not sell or provide any of your personal data to companies involved in marketing or any other types of business. Your prior consent is explicitly required before any third parties may contact you with commercial or free offers.
De-identification of your data for statistical purposes
Some of your data is de-identified data and grouped with other data so that we can perform all of the analyses and surveys required to improve our service offering and user experience. You are therefore no longer individually identifiable, either directly or indirectly.
The data you have provided shall no longer be used once the operations for which it was collected have been performed, and at the latest at the term of your agreement with us and the period necessary to process your requests and claims. Once the purpose has been achieved, your data shall be inaccessible in our operational database and archived in an intermediate database (see below).
Ongoing use of your data by our services (on an active basis):
The data required to set up and manage your online professional space is stored until our commercial relations with you come to an end. However, your e-mail address may be kept for a longer period, for a maximum of 3 years for the purpose of sending you commercial information, unless you have objected to this. The data relating to your professional space may be deleted as soon as you wish to do this. NB: closing your online account does not delete all the data concerning our business relationship:
- Marketing data, aside from this website. Only access to online data, your login data and the data used to manage your online professional space will be deleted;
- Data used to complete online forms will be kept for the entire period required to process your request. Your e-mail address may be kept after your request has been processed, for a maximum of 3 years, for the purpose of sending you commercial information, unless you have objected to this.
- The data used to measure traffic on our website and produce statistics on how our online services are being used is kept for 25 months in a format in which you may not be identified by your IP address, consisting of an identifier (held in a cookie) and kept for a maximum of thirteen months, unless you have objected to this.
- Data logs are kept for six months.
Archiving in an intermediate database: to comply with legal and regulatory obligations, some of your data is archived in unprocessed form in an intermediate database, under appropriate security conditions, with very restricted access for certain of our employees, for a proportionate and limited period that shall not exceed the legal or regulatory duration related to each of the legal obligations covering each personal data processing operation.
Beyond this period, your data is destroyed or de-identified. You are therefore no longer individually identifiable.
Your personal data is important to you and you have certain rights.
The first is the right to receive information concerning the data we process, why and how: that is the purpose of this web page — to inform you of the use we make of your data.
You also have the following rights:
- A right of access. You may request access to some or all of your personal data that we process (e.g. data for a specific period of time or for a specific type of data).
- A right to have personal data corrected and erased. You may request that your personal data be corrected, updated or erased if it is inaccurate, incomplete or out of date.
- A right of objection. You may object to the processing of your personal data. This objection may make it impossible for us to provide you with the product or service you requested if some of this data is indispensable, or even impossible due to specific legal obligations.
- Right to “data portability” You have a right to portability for your raw data enabling you to receive your personal data in a machine-readable format for your own personal use or to request that we forward your data to another controller, if this transfer is technically possible.
- Right to digital death. You may give post-mortem instructions for how your personal data is to be treated.
You may exercise your different rights:
- Via the “Personal data” page on this website (accessible at the bottom of the page) and under “Your rights”, by completing the form.
- Be sending a message to the following address: firstname.lastname@example.org
- By contacting your usual marketing services. Don’t forget to explain your request and provide proof of ID.
Concerning the exercise of your rights, we will take all measures to ensure that you are not a victim of identity theft. Depending on the situation, we may ask you:
- to identify yourself on one of the online services;
- to provide proof of identity (the first page of ID may suffice);
- to send us a code you received as part of a dual authentication procedure (e.g., email + SMS).
The data from this identification process, as well as the data concerning your request, are kept separately in an independent and specially secured system while your request is being processed.
You may also contact the CDC Habitat Group Data Protection Officer by completing the online form, or by writing to the Data Protection Officer at 33, avenue Pierre Mendès France, 75013 Paris – France. Finally, if your rights have been infringed, you may refer the matter to the French Data Protection Authority (CNIL) at www.cnil.fr.
You can get the contact details for the Data Controller responsible for your personal data by completing the online form on the “Personal data” page on this website (accessible at the bottom of the page) under “Your rights”. Select “Contact details for the Data Controller”.
You may also contact us:
- by writing to AMPERE Gestion, 33, avenue Pierre Mendès France, 75013 Paris – France;
- or by sending an email to email@example.com.