Foreword

The Open Group and its subsidiaries within the meaning of Article L.233-3 of the French Commercial Code (hereinafter “Open”) processes Personal Data (as defined below) in the course of its business, including the Personal Data of persons browsing the Open websites (the “Sites”).

The purpose of this “Personal Data Protection Policy” (the “Policy”) is to inform all natural persons concerned (“You” or “Your”) about the manner in which Open collects and uses such Personal Data and the means available to You to control such use.

 

Scope of this personal data protection policy

This Policy sets out the principles and guidelines for the protection of Your Personal Data, which includes Personal Data collected on – or via – the Sites.

Open collects Personal Data online (including by e-mail) or offline; this Policy applies regardless of the method of collection or processing.

The concept of personal data (“Personal Data”) refers to any information relating to an identified or identifiable natural person. A person is “identifiable” if they can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to them.

“Non-Personal Data” refers to information that does not allow a person to be identified.

Note to visitors and users of the Sites: each Site is subject to specific Terms and Conditions of Use which are available on each Site and which form part of this Policy. Your use of the Sites and the Personal Data that You agree to communicate on the Sites are subject to the provisions of this Policy and the applicable Terms and Conditions of Use.

Data collected

Personal Data may include the following:

  • job title;
  • first name and surname;
  • postal address;
  • e-mail address;
  • telephone number(s);
  • login and password;
  • university, degree and courses taken;
  • type of organisation (company, school, university, etc.), name of organisation, size of organisation, department and job title;
  • industry and industrial sub-sectors;
  • delivery method and persons to whom purchases must be sent;
  • financial data (credit card number and expiry date, cardholder’s name and address);
  • IP address, and
  • any other Personal Data that may be relevant for the purposes set out below.

In any event, the Personal Data collected will be limited to that which is necessary for the purposes set out in Article 4 below.

Note to visitors and users of the Sites: some Site functions and features can only be used if You provide Open with certain Personal Data when You visit or use the Site. You are free to choose whether or not to provide all or some of Your Personal Data. However, if You choose not to provide it, such a decision may prevent the achievement or satisfactory achievement of the objectives described in Article 4 below, some Sites services and functionalities may not function correctly and/or You may be denied access to some Site pages. In particular, You will not be authorised to purchase software licences or other products or services via the Site.

 

Purposes of collecting personal data

As indicated above, you provide your personal data on a voluntary basis.

Personal Data is generally collected for the purposes of Open’s business, such as improving Open’s marketing and advertising efforts, better tailoring Open’s products and services to customer needs, complying with legal reporting requirements, and other similar activities.

Open collects and uses the Personal Data concerning You for the needs of its activity and in particular for the following purposes:

  • to enable You to request and obtain information about Open and Open’s products and services;
  • to enable You to make interactive and personalised use of the Sites;
  • to identify Your needs and interests and to provide You with the most suitable products and services;
  • to enable You to open and manage an account in order to obtain specialist documentation and technical support;
  • to access all the features and options offered by the Sites;
  • to enable You to communicate with other users of the Sites;
  • to enable You to take part in a competition;
  • to enable Open to manage surveys;
  • to enable Open to manage its marketing activities;
  • to enable Open to manage its commercial relationships: opportunities, sales, commercial offers, purchases, contracts, orders, invoices, etc.;
  • to offer You sales or support services;
  • to enable You to purchase software licences, products or services, download software and/or register software licences;
  • to enable You to register for seminars, webinars or events;
  • to enable Open to manage its Research and Development activities: development requests, incidents, quality issues, tests, etc.;
  • to process applications and manage recruitment sources;
  • to manage your training and/or certification on Open products and services;

subject to applicable local legislation, by providing Your e-mail address, You expressly authorise Open to use it together with other relevant Personal Data to send You sales or marketing messages.

Open may also use Your e-mail address for administrative or other non-marketing purposes (for example, to notify You of important changes to the Sites).

 

Cookies

The Sites may use cookies or other technologies likely to collect or store Personal Data. Cookies are text files stored and used to record Personal and Non-Personal Data concerning Your browsing on the Sites. Cookies may be permanent (and remain after You log off the Sites in order to be used during Your subsequent visits to the Sites) or temporary (disappear as soon as You log off the Sites).

Open uses cookies to:

  • improve your user experience, in particular by:
    • enabling a service to recognise Your device, so You will not have to provide the same information several times in order to perform the same task;
    • recognising the user name and password that You have already provided so that You do not have to provide them again on every web page that requests them;

 

  • analyse traffic and data on the Sites in order to:
    • measure the number of users of the services, making them easier to use and ensuring that they are able to respond quickly to Your requests;
    • help Open to understand how users interact with services in order to improve them.

Open may also use the services of third-party service providers (such as Adobe Analytics, Google Analytics, LinkedIn, etc.) to perform services on its behalf and in particular to:

  • analyse Your browsing habits and measure the audience for the Sites;
  • analyse Your areas of interest and offer You targeted marketing or advertising;
  • allow you to share the content of the Sites with other people on social networks or to let these other people know what You are looking at or what You think (e.g. the “Like” button on Facebook).

In this case, invisible pixels and cookies supplied by these third-party service providers may be used and stored. When the information generated by these cookies is transmitted, the cookie settings ensure that the IP address is rendered anonymous before geolocation and storage. Our service providers will use this information to evaluate Your use of the Sites, to compile reports on the activity of the Sites for Open, and to offer You better services and advertising targeted to Your needs. They will not associate your IP address with any of their other data.

When You browse the Sites, cookies are activated by default and data may be read or stored locally on your device. You will be notified the first time You receive a cookie, so that You can decide whether or not to accept it. By continuing to use the Sites, You expressly agree to Open’s use of such cookies.

You can also configure Your browser to systematically refuse cookies (including cookies used for audience measurement purposes). However, if this is the case, some Site functionalities and features may not function correctly and You may not be able to access some parts or services of the Sites.

If you wish to modify or delete your information, please send your request to dpo@open-groupe.com

 

Conditions for processing and storing personal data

The “processing” of Personal Data includes in particular the use, storage, recording, transfer, adaptation, analysis, modification, declaration, sharing and destruction of Personal Data in accordance with what is necessary in view of the circumstances or legal requirements.

All Personal Data collected is kept for a limited period depending on the purpose of the processing and only for as long as required by the applicable legislation.

 

Links to websites not controlled by Open

The Sites may provide links to third-party websites that may be of interest to You.

Open has no control over the content of third-party sites or the practices of these third parties with regard to the protection of any personal data they may collect. Consequently, Open accepts no liability regarding the processing of Your personal data by these third parties. It is Your responsibility to find out about the personal data protection policies of these third parties.

 

Transfer of personal data

If You access the Sites from a country outside the European Union whose laws on data collection, use and transfer differ from those of the European Union, we draw Your attention to the fact that by continuing to use the Sites, which are governed by French law, the corresponding Terms and Conditions of Use and this Policy, You are transferring Your Personal Data to the European Union and You consent to this transfer.

Your personal data may be disclosed within Open for the purposes set out in Article 4 of this Policy.

Open may transfer Your Personal Data outside the European Union, provided that it ensures, before transferring it, that the entities outside the European Union offer an adequate level of protection, in accordance with the European legislation in force.

If Open becomes aware that a third party to whom Open has disclosed Personal Data for the purposes set out in Article 4 above is using or disclosing Personal Data in a way that does not comply with this Policy or that is in breach of the applicable legislation, Open will take all reasonable steps to prevent or stop such use or disclosure.

You also have the right to authorise Open to use Your Personal Data for purposes other than those for which it was originally collected. You may object to this use by writing to the following address: dpo@open-groupe.com

Open may also transfer Your Personal Data to third parties if Open believes that such a transfer is necessary for technical reasons (for example, for third party hosting services) or to protect its legal interests (for example, in the event of a sale of assets to a third party company, a change of control or the full or partial wind-up of Open).

In addition, Open may share Your Personal Data with the reseller on which You depend or assign it to the territory in which You are located for the purposes of Open’s business. Open may also share your Personal Data with business partners where Open and the business partner jointly sponsor an event or participate in a joint marketing promotion in which You engage.

Open may disclose Your Personal Data if required to do so by law or if Open believes in good faith that such disclosure is reasonably necessary to comply with a legal process (for example, a warrant, summons or other court order) or to protect the rights, assets or personal safety of The Open Group, our customers or the public.

Where permitted by applicable law, Open may also share Your Personal Data with third parties in order to provide You with targeted marketing or advertising offers.

Such transfers may take place via the Internet or by any other method deemed appropriate by Open in accordance with applicable legislation and the Open Group’s internal security policies.

 

Your rights

Your right to access and rectify your data

You have the right to access and rectify your personal data.
You may ask us to rectify or complete your personal data if it is inaccurate, incomplete, ambiguous or out of date.
Your right to erase your data
You may ask us to erase your personal data if one of the following reasons applies:

  • the personal data is no longer required for the purposes for which it was collected or otherwise processed;
  • you withdraw the consent previously given;
  • you object to the processing of your personal data on legitimate grounds;
  • the processing of personal data does not comply with the provisions of the applicable legislation and regulations.

However, the exercise of this right will not be possible if the retention of your personal data is required by law or in compliance with regulations and in particular, for example, for the establishment, exercise or defence of legal claims.

 

Your right to limit data processing

You may request that the processing of your personal data be restricted in the cases provided for by law and regulations.
Your right to object to data processing
You have the right to object to the processing of personal data concerning you if the processing is based on the legitimate interests of the data processor.

Your right to port your data
The right to port personal data came into effect on 25 May 2018.
The data for which this right may be exercised includes:

  • only your personal data, which excludes anonymised personal data or data that does not concern you;
  • declarative personal data and the personal operating data mentioned above;
  • personal data that does not infringe the rights and freedoms of third parties, such as data protected by trade secrets.

This right is limited to processing based on consent or a contract and to personal data that you have personally generated.

This right does not include derived or inferred data, which is personal data created by Open.
Your right to withdraw your consent.

Where the data processing we carry out is based on your consent, you may withdraw it at any time. We will then stop processing your personal data without affecting any previous operations for which you have given your consent.

Your right to appeal

You have the right to lodge a complaint with the CNIL (French Data Protection Authority), without prejudice to any other review or appeal.
Your right to define post-mortem directives
You have the option to define directives relating to the conservation, deletion and communication of your personal data after your death with a trusted third party, certified and responsible for ensuring that the wishes of the deceased are respected in accordance with the requirements of the applicable legal framework.

How to exercise your rights
All the rights listed above may be exercised at the following e-mail address: dpo@open-groupe.com or by letter accompanied by a copy of an identity document sent to Open’s DPO at the following address: 28 rue Jacques Ibert 92 Levallois-Perret.

If you have an account, you can exercise your rights of access and rectification by logging into your account.
However, with regard to exercising the right to be informed, we may not be obliged to respond if:
you already have this information;

  • the recording or communication of your personal data is expressly provided for by law;
  • communication of information proves impossible;
  • communication of information would require disproportionate efforts.

 

Security and data recipients

Open takes care to protect and secure the Personal Data that You have chosen to communicate to it, in order to ensure its confidentiality and prevent it from being distorted, damaged, destroyed or disclosed to unauthorised third parties.

Open has taken physical, electronic and organisational protection measures to prevent any loss, misuse, unauthorised access or distribution, alteration or possible destruction of this Personal Data. Among these protection measures, Open incorporates technologies specially designed to protect Personal Data during transfer. However, despite Open’s efforts to protect Your Personal Data, Open cannot guarantee the reliability of this protection due to unavoidable risks that may arise during the transmission of Personal Data.

As all Personal Data is confidential, access to it is restricted to Open employees and service providers who need it to carry out their duties. All persons with access to Your Personal Data are bound by an obligation of confidentiality and may be subject to disciplinary measures and/or other sanctions if they fail to comply with these obligations.

However, it is important that You exercise caution to prevent unauthorised access to Your Personal Data. You are responsible for maintaining the confidentiality of Your password and account information. Consequently, You must ensure that You close Your session if You share a computer.

 

Conflict resolution

Bien qu’Open ait pris des mesures raisonnables pour protéger les Données Personnelles, aucune technologie de transmission ou de stockage n’est totalement infaillible.

However, Open is committed to ensuring the protection of Personal Data. If You have reason to believe that the security of Your Personal Data has been compromised or that it has been misused, please contact Open at the following address: dpo@open-groupe.com

Open will investigate complaints about the use and disclosure of Personal Data and will attempt to resolve them in accordance with the principles set out in this Policy.

Unauthorised access to or misuse of Personal Data may constitute an offence under local law.

 

Contact

If You have any questions about this Policy, if You no longer wish to receive information from Open or if You wish to rectify, supplement, update or delete Your Personal Data, You can send an e-mail to the following address: dpo@open-groupe.com

 

Effective date and revisions to the personal data protection policy

This Policy may be updated according to Open’s needs and circumstances or if required by law. We therefore invite you to regularly check for updates.

Want a demo?