Personal data protection policy
Filhet-Allard makes personal data protection a priority as an integral part of building trust-based relations with partners, clients, policyholders and beneficiaries. We are committed to the ethical and responsible use of personal data, in accordance with the latest rules in effect under the French Data Protection Act and the General Data Protection Regulation of 27 April 2016 (Informatique et Liberté et le Règlement Général sur la Protection des Données n°2016-679).
About us
Filhet-Allard & Cie is required to collect and process personal data in the course of providing services as an insurance broker, both independently and jointly alongside insurance companies through delegated authority arrangements.
Filhet-Allard & Cie
Rue Miguel Cervantès
33735 Bordeaux Cedex 9, France
Types of personal data we collect
We gather the following personal data to deliver our services and meet relevant legal and regulatory requirements:
- Personal details (including name, address, email, telephone number, date of birth, relationship with the insured party, marital status and number of children).
- Financial information (including bank details, corporate bank, income and tax assessments).
- Employment information (employment situation, name of employer, status and job title).
- Insurance details.
- Information on any compensation claims underway, along with relevant identification documents, which may include medical data and social security number.
- Data required to combat fraud, money laundering and the financing of terrorism.
Why we collect this information
We collect this personal information for the purposes set out below.
The following list also shows the lawful basis stated in each case.
Lawful basis | Purpose |
| Contractual necessity |
|
| Legal obligations |
|
| Legitimate interests |
|
| Consent |
|
Filhet-Allard & Cie will ensure the privacy of any personal information provided and will not share this information with any third parties for commercial purposes.
In the event that your data is to be used for any reasons other than those listed above, Filhet-Allard & Cie will update its data protection policy to clearly state the new purpose and, where applicable, will request the consent of relevant parties to process their personal information for this new purpose.
Who receives the personal information we collect
Filhet-Allard & Cie will only share personal data with a limited number of recipients on a need-to-know basis:
- Individuals responsible for managing the contract for its full duration ;
- Institutional bodies, insurance companies, other brokers, business partners, and healthcare and third-party payment systems and professionals ;
- Group affiliates, solely for the purposes of providing specific services, as well as a select group of providers (subcontractors), who are bound under contract to comply with our privacy and security policy ;
- Oversight, administrative and legal bodies.
Filhet-Allard & Cie will not share or sell client data in any shape or form to third parties for their own marketing purposes.
Given the international reach of Filhet-Allard & Cie, personal information gathered for the aforementioned purposes may be shared between EEA Member States and non-EEA countries. In such cases, Filhet-Allard & Cie will ensure any data is suitably protected.
How we protect your personal information
Personal data protection and information security are key priorities for Filhet-Allard. Our cybersecurity strategy is expressly designed to effectively cope with the wide array of threats we are liable to face. The goal is to safeguard our information assets and especially the third-party data we process.
This strategy is built on several key principles :
- The DPO and security teams work together to devise measures that strike a balance between protection and compliance.
- We incorporate security into our initiatives at the earliest possible stage through a dedicated methodology based on privacy by design and security by default.
- Our goal is to ensure “ adequate security ”, which means implementing advanced security protocols based on an in-depth risk assessment and safeguard strategy when the need arises. A key aspect of this approach involves processing sensitive data in accordance with the GDPR. Standard security protocols are implemented when no particular threats are identified.
- In addition to implementing suitable security protocols, we use a specific set of in-depth detection measures to identify any attacks as soon as possible and adapt our cybersecurity system accordingly.
- The Filhet-Allard security team regularly adapts safeguards to swiftly react to any new threats (new exploits, new types of attack, etc.).
We also have a comprehensive training and awareness-raising strategy to better shield our IT system. All of this has helped our employees hone their instincts and grow more attuned to these issues, making them increasingly adept at flagging any potential vulnerabilities. We aim to ensure our employees are our first line of defence.
How long we hold onto your personal information
Data may only be kept for a limited time, depending on the purposes for which the information is being processed, along with our legal obligations and recommendations from the French Data Protection Authority (CNIL).
Filhet-Allard & Cie will retain data needed for the purposes of the contract and related services for the full duration of the contract and, in the event of termination, until the expiry of the statutory limitation or in compliance with rules governing retention of accounting records.
Your rights
In accordance with the French data protection law of 6 January 1978 and the General Data Protection Regulation (GDPR), you have the right to access, rectify, erase or object to the processing or sharing of your personal information, in addition to determining the manner in which you wish these rights to be exercised after your death.
You may exercise your rights on proof of identity or submit any questions regarding this policy by contacting the Filhet-Allard & Cie data protection officer by email or post at the following address :
Filhet-Allard & Cie – Service Conformité
Rue Miguel Cervantès
33735 Bordeaux Cedex 9, France
email: dpo@filhetallard.com
In accordance with relevant regulations, we will reply to any requests within 30 to 60 calendar days.
Any complaints should be submitted to the French Data Protection Authority in writing (CNIL – 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07) or on the website at www.cnil.fr.
Cookie policy
We strive to provide transparent information about the way in which cookies are saved, used and stored on your device (computer, smartphone, tablet, etc.) when you visit the filhetallard.com website, along with related options as to how cookies are managed.
What are cookies?
Cookies are small text files enabling a range of functionality that are stored on your device when you use a browser to visit our website.
Why we use cookies
Our website (www.filhetallard.com) uses cookies needed to enable basic site features and others required for analytics, which allows us to gather data needed for site administration.
“Operational” cookies
These cookies are used to ensure the site runs smoothly. They allow us to provide key functionality.
In accordance with French Data Protection Law No. 2020-051 of 17 September 2020, this type of cookie does not require consent. They may be sent automatically and cannot be disabled.
“Analytics” cookies
These cookies allow us to analyse site use and compile visitor metrics. We gather anonymous statistics to help run the site and improve performance, which may include tracking visitor metrics page by page, including data activity and time spent on each page.
These cookies cannot be saved to your device without your consent. You can change your preferences at any time simply by selecting “ Manage cookies ” at the bottom of each website page.
How long do we keep cookies?
Cookies may not be kept on your device any longer than 13 months after they were first stored.
Data collected via cookies may be kept for up to 25 months.
Partners
We use Google Analytics to compile audience metrics and Commanders Act to configure and save your cookie preferences.
We use Talentsoft for the “Careers” section.
How to configure cookie settings for the “Careers” section
We are determined to provide you the best experience on our site while upholding your rights when it comes to the way cookies are stored.
For technical reasons, the “Careers” section is managed separately by our partner, Talentsoft.
When you first view our job openings, you will automatically be asked to consent to the use of cookies.
However, the link allowing you to subsequently change your cookie settings is currently unavailable.
As a workaround, please follow these steps to re-display the cookie consent window:
Open your browser History.
Select “Clear Browsing Data”.
Next, clear “Cookies and other site data”.
How to configure cookie settings in your browser
Different browsers manage cookies in different ways.
You can change your cookie preferences in your browser settings:
Microsoft Internet Explorer
- Select “Tools” then “Internet Options”
- Open the Privacy tab
- Use the cursor to choose your level of privacy
Mozilla Firefox
- Choose “Settings” from the “Tools” menu
- Open the Privacy & Security tab
- Select your level of Tracking Protection under Browser Privacy
Google Chrome
- Open the Chrome menu in your browser toolbar
- Select “Settings”
- Open the “Security and Privacy” tab
and select Cookies and other site data” - Choose your preferred setting
Safari
- Open the Safari menu
- Select “Preferences”
- Choose “Privacy” and select the relevant option
