Policy on personal data protection of GM Consultant
Why do we have a policy on personal data protection and what are our duties?
Founded in 1999, GM Consultant is an independent loss adjusting and consulting company specialized in operational risks and complex claims management.
GM Consultant is mindful of the importance of protecting your personal data. This policy applies to the personal data of natural persons, which is collected when you visit our website as well as during our loss adjusting missions.
GM Consultant Group is highly aware of its obligations in relation to the processing, storage and security of personal data, and its compliance with the laws applicable to the confidentiality and protection of data.
As a data controller, we may at times collect personal data. Such data will be subject to automatic processing. We shall observe the following principles:
- We will collect your data in a legal, fair and transparent manner
- We will only collect your data for a specific purpose and not process such data in any way that is incompatible with that purpose
- We will only use data that is necessary for the purpose of the processing
- We undertake to ensure that your data is accurate, complete and regularly updated.
- We will inform you as soon as possible of the use made of your data
GM Consultant may also collect your data in our role as a service provider to our partners. In such a case, we act as a data processor under the terms of the Data, Files and Civil Liberties Act, and we will observe the above-mentioned principles.
Who is the data controller?
SIRET number: 478 390 149 Trade and Companies Registry of SALON-DE-PROVENCE
10 rue Rouget de l’Isle
92415 COURBEVOIE CEDEX
Phone: +33 (0)1 47 58 04 82
Fax: +33 (0)1 47 58 09 68
How do we use your personal data?
We collect personal data for the following purposes:
- The management and performance of loss adjusting and consulting services
- The management and monitoring of claims
- Activities relating to customer management
- The accessibility of our website
- The recruitment of new employees
We must also inform you that telephone calls may be recorded. You can object to the processing of your data by stating so at the start of the exchange.
Who receives your personal data?
The data collected is strictly for the use of GM Consultant and its subsidiaries for the purposes stated above.
Your data may be transferred to various employees and intermediaries who are acting on your case file. Such data may also be transferred to the employees of our subsidiaries.
In order to guarantee the protection of your personal data, we alert our employees and partners to the Data, Files and Civil Liberties Act as part of their assignments.
Is your personal data transferred outside the European Union?
GM Consultant is based throughout France, as well as in Europe, Asia, Africa and the United States. We may therefore need to disclose your personal data to employees based outside Europe (outside the European Economic Area). We may also have to communicate your personal data abroad for other reasons, for example, in the event we receive a legal or regulatory enquiry by a foreign police force.
GM Consultant takes the necessary measures to ensure that any transfer of information abroad is carefully managed, thereby protecting your data and interests.
What security measures do we take?
GM Consultant commits to ensure the integrity, security and confidentiality of the personal data entrusted to us. We use maximum protection standards for all your personal data so that it is not distorted, corrupted or accessible to unauthorised third parties. We use physical and logical security methods that comply with best practices. All your data is safeguarded in this way.
How long is your personal data stored for?
We store your data for a limited time insofar as such data is required to perform the operations for which it is collected, or for a time stipulated by law or by CNIL (French Data Protection Agency) rules.
How can you gain access to your personal data?
GM Consultant will ensure your rights are respected. You have, at any time, the following rights:
- Right to object: you can request, at any time, the cessation of the processing of your data when it is not or no longer necessary for the purpose for which it was collected.
- Right of access to your data: you can access, at any time, your data in order to confirm that it has been processed or otherwise.
- Right to rectification: you can request that your data be rectified when it is inaccurate or incomplete.
- Right to erasure: once the period for storing your data lapses, you can request the data’s erasure.
- Right to restrict the processing: when your data is not or no longer necessary, you can request that its use be restricted.
- Right to data portability: you can receive a copy of your personal data in a structured format.
- The option of setting out your wishes regarding the future of your data after death: you can establish instructions in relation to the storage, erasure and disclosure of your data after your death.
You can exercise your rights by writing to the following address:
For the attention of the Data Protection Officer (DPO)
201 Route de la Seds
13127 Vitrolles, FRANCE
Your request must be in writing and bear your signature. The request should be accompanied by a copy of your identity card which will be stored for the period it takes to carry out your request. We will respond to your request within one month of its receipt. Where we act as a service provider (data processor), you should address your request directly to the data controller.