Personal data protection policy

Concerned about the respect of your private life, Act 2 Law Firm (the “Firm”) is, because of its activities and its obligations resulting from the regulations, aware of the protection of the personal data of its contacts established within the framework of files and mission treated by the Firm, of services, of applications, of professional exchanges and of connections to our website in particular.

The purpose of this policy is to provide you with concise and relevant information concerning the processing of personal data carried out for the implementation of the Firm’s website

Definition of personal data

The term “Personal Data” refers to any information relating to an identified or identifiable individual. It can be a person who could be identified directly or indirectly thanks to his physical, physiological, economic, cultural or social identity.

Some of these data may be considered sensitive and are subject to regulatory compliance by the Firm.

Collection of Personal Data

Personal Data are those that you provide via forms and/or requests for information from the Firm, or those that are collected via documents received or gathered by the Firm, whether in dematerialized or paper format.

The Firm only collects data that is necessary for its activities and implements measures to protect Personal Data upon receipt. The Firm only collects data and information that is relevant, adequate and limited to what is necessary for the purposes for which it is processed.

Purposes of processing personal data

Your data is processed to the strict limit of what is necessary.

Depending on the case, Personal Data may be used for one of the following purposes:

– processing of files and consulting missions;

– communicating with you in the context of our business relations with our clients, suppliers and legal partners;

– to request, obtain or receive information about the firm;

– Participate in our communication activities, legal information and event organization;

– participate in satisfaction surveys, analyses and statistics in order to improve our services and knowledge of our clients and prospects;

– manage job applications.

Processing of personal data

The Personal Data are processed by the Firm in the cases authorized by the regulations and in particular under the following conditions

– within the framework of the Notary Office activity of the Firm;

– when you have given your free, specific, informed and unambiguous consent to the processing of Personal Data;

– when it is necessary for the preparation and execution of a contract or an assignment;

– to comply with the regulations to which the Firm is subject by virtue of its activity as a Notary’s Office but also by virtue of related obligations (such as the fight against fraud, money laundering and terrorism);

– when the legitimate interests of the firm may be such as to justify processing by it (such as IT security measures, changes to our IT infrastructure or changes in service providers).

For minors, this consent must be given or authorized by the holder of parental responsibility.

Recipients of personal data

As the Personal Data is confidential, only authorized members of the Firm or persons duly authorized by the Firm may access it, without prejudice to its possible transmission to the bodies in charge of a control or inspection mission in accordance with the Regulations, as well as to its communication to all authorized third parties.

Your data may be transmitted to our partners if this is necessary for the processing of the file, or to our service providers who are bound by an obligation of confidentiality.

Protection of personal data

The Firm takes care to protect and secure Personal Data in order to ensure their confidentiality and thus prevent them from being distorted, damaged, destroyed or disclosed to unauthorized third parties by implementing technical and organizational measures for as long as necessary to achieve the purposes pursued in accordance with the regulations.

However, no data transmission or storage is ever completely secure. As a result, we cannot guarantee the infallible security of the information transmitted or stored on the hosting servers.

When the disclosure of Personal Data to third parties is necessary and/or authorized, and unless the Firm’s obligations result from the regulations, the latter ensures that these third parties guarantee the same level of protection for the data concerned as that offered to them by the Firm and requires contractual guarantees so that, in particular, the data is processed exclusively for the purposes pursued, with the required level of confidentiality and security.

In accordance with the regulations, in the event of a proven breach of Personal Data likely to generate a high risk for the rights and freedoms of the persons concerned, the Firm undertakes to communicate this breach to the competent supervisory authority and, when required by the said regulations, to the persons concerned.

Transfer of data outside the European Union

Personal data is not transferred to any country outside the European Union.

The data necessary for the elaboration of statistics and audience measurements may be processed outside the European Union, in accordance with the data management policy established by the manager of each publisher.

Duration of retention of personal data

The Personal Data are kept for the time necessary for the completion of the files/missions and relations, in compliance with the secure archiving rules specific to the profession and within the framework of the obligations resulting from the regulations applicable to the profession.

The retention periods are:

– Personal Data of clients/prospects/business partners: for the duration of the relationship and the processing of the files and, at the latest, thirty (30) years after the last contact with the latter or the computerized archiving of his file;

– Personal data of connection to our website: one (1) year after the last connection;

– Personal Data of candidates: duration necessary for the processing of the application and, in the event of a negative outcome, one (1) year after the last contact (unless the candidate agrees to a longer duration).

Rights of the holders of personal data

You have the right to request access to your personal data and the correction of inaccurate data.

1. Right of access and communication of Personal Data

You have the right to access the Personal Data concerning you.

However, due to the obligation of security and confidentiality in the processing of personal data that is incumbent on the firm, you are informed that your request will be processed provided that you can prove your identity, in particular by producing a valid identity document.

2. Right to rectify and delete Personal Data

You may request the rectification, updating or deletion of Personal Data concerning you that may be inaccurate, erroneous, incomplete or obsolete.

In addition, you may define general and specific directives concerning the fate of your Personal Data after your death. If necessary, the heirs of a deceased person may request that the death of their relative be taken into account and/or that the necessary updates be made.

Finally, subject to the exceptions provided for by the regulations (in particular, retention necessary to comply with a legal obligation, legitimate interest of the Firm in retaining the data), you have the right to ask the Firm to delete your Personal Data, as soon as possible, when one of the following reasons applies:

– your Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed;

– you wish to withdraw your consent on which the processing of your Personal Data was based and there is no other basis for such processing;

– you consider and can establish that your Personal Data has been processed unlawfully;

– your Personal Data must be erased by virtue of a legal obligation.

3. Right to withdraw consent to the processing of Personal Data

For any processing of your Personal Data on the basis of your consent, this consent can be withdrawn at any time. However, and in accordance with the regulations, the withdrawal of your consent is only valid for the future and therefore does not call into question the lawfulness of the processing carried out before this withdrawal.

4. Right to object to the processing of your data

The exercise of this right is only possible in one of the following two situations:

– when the exercise of this right is based on legitimate grounds; or

– when the exercise of this right aims to prevent the data collected from being used for commercial prospecting purposes.

5. Exercising your rights – Contact us

You can exercise your rights :

– by sending an e-mail to the firm:

– by sending an e-mail to the Data Protection Officer; or

– by sending a letter to the firm.

Your request will be processed as soon as possible, provided you can prove your identity by attaching a copy of your official identity document to your e-mail or letter.

In accordance with the regulations, you can access the data concerning you. If necessary, you can ask for the correction or deletion of this data, obtain the limitation of the processing of this data or oppose it for reasons related to your particular situation. You can also define directives concerning the conservation, deletion and communication of your personal data after your death.

If you believe, after having contacted us, that your rights have not been respected, you may lodge a complaint with a competent supervisory authority, the CNIL for France.

Policy on cookies

When you connect to the firm’s website, information relating to your browsing may be recorded in files called “cookies”.

When you browse the website, tracking tools may generate and deposit one or more cookies on your terminal. They can facilitate your navigation (e.g.: memorizing your identifier), establish statistics and audience measurements in order to improve the website.

The information collected through cookies does not in any way identify you by name. It is used exclusively for our own needs in order to improve the interactivity and performance of our sites.

None of this information is communicated to third parties except when the Firm has obtained your prior consent or when the disclosure of this information is required by law, by order of a court or any administrative or judicial authority empowered to deal with it.

For more information about cookie management tools, please visit the CNIL website:

Managing cookies

You can accept, refuse or express your preferences in terms of cookies directly via the information and consent to the deposit of cookies banner that is displayed on your first visit to the site.

The latter can also be accessed from a specific “Cookie Management” section available at the bottom of each page of this site. You can thus return, at any time, to the choices you made previously.

Refusing to deposit social cookies will prevent any interaction with social networks. Similarly, refusing the deposit of targeting cookies (advertising) will not allow the viewing of certain multimedia content. You can also manage cookies (deactivation, blocking, deletion) from your browser or your terminal in the “Options” / “Preferences” menu. The procedure to follow is generally described in the “Help” section of your browser.