Personal Data Management 

I . Glossary

1. Donnée à caractère personnel
2. Droits des personnes concernées
3. Réglementation sur la Protection des données personnelles
4. RGPD
5. Responsable de traitement
6. Principes relatifs au traitement des données

II . Confidentiality and Privacy Policy 

Which categories of personal data are processed by MONEXT? 

What are the purposes and grounds justifying the collection of your personal data? 

Who are the recipients of the personal data processed by MONEXT? 

Which security measures are implemented by MONEXT? 

How long is your personal data stored? 

III . Rights of data subjects 

What are your rights? 

How to exercise your rights 

How to contact the Data Protection Officer 

Données personnelles

A travers ce document, nous souhaitons vous informer de manière claire et transparente sur les conditions dans lesquelles nous collectons, traitons, conservons, archivons et supprimons vos données personnelles.
 Vous y trouverez également un rappel des droits dont vous disposez sur vos données ainsi que toutes les informations utiles pour les exercer.

I - Glossary

Personal data: Personal data means any information that identifies a natural person, whether directly or indirectly (e.g. name, address, registration number, telephone number, photograph, date of birth, IP address, fingerprint, etc.). 

Data subject: A natural person who can be identified, either directly or indirectly, by personal data. 

Rights of data subjects: Data subjects enjoy the right to access, modify, oppose, limit and delete their data, and are entitled to the portability of their personal data (Article 12 of the GDPR). 

Personal data protection regulations: Refers to the legal framework on personal data protection, including the GDPR, the French Data Protection Law No. 78-17 dated 6 January 1978, amended, and any new law or decrees adopted for its application.  

GDPR (EU Regulation 2016/679): The General Data Protection Regulation is the benchmark European regulation for personal data protection. It entered into force on 25 May 2018. This regulation obliges all companies to take all the necessary measures to protect data subjects’ personal data. 

Data controller: A data controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing (Article 4.7 of the GDPR). 

Principles related to data processing: MONEXT undertakes to respect privacy and to protect personal data that is processed lawfully, fairly and in a transparent manner in relation to the data subject, collected for specified, explicit and legitimate purposes, adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed to ensure appropriate security of personal data (Article 6 of the GDPR). 

II – Confidentiality and Privacy Policy 

In accordance with Data Protection Regulations, processing defined in this Confidentiality and Privacy Policy is supported by a specific legal basis. 
This Policy informs you of the conditions in which we (MONEXT, the data controller) collect, process, store, archive and delete the personal data of our prospective clients, clients and partners. It also provides information on your rights concerning your data. 

Which categories of personal data are processed by MONEXT? 

As part of our contractual or sales relationship, the following categories of personal data are processed primarily: 

- Declarative personal data: i.e. data that we may collect directly from you or data collected indirectly from third parties with whom we have a contractual relationship, 

- Personal data obtained from public information (the public pages of social networks for example) in compliance with the regulations, 

- Data related to newsletter subscriptions: the data collected are: first and last name, email address and company in the sign-up form (this data is mandatory), 

- Data related to sales contact forms: the data collected are: first and last name, email address and company in the sign-up form (this data is mandatory). 

What are the purposes and grounds justifying the collection of your personal data? 

We process personal data for the purposes and grounds listed hereafter: 

1- To improve interactions with clients or prospective clients, manage client complaints and requests, and to facilitate subscriptions to one of our services. 
Such processing is based on a legitimate interest pursued by MONEXT without prejudice to your fundamental rights and freedoms. 
 
2- To conduct marketing initiatives: managing social network communities, commercial prospecting, organising games, contributing to conducting satisfaction surveys, publishing newsletters.  
Such processing is based on a legitimate interest pursued by MONEXT (sales development) or on the basis of your consent, without prejudice to your fundamental rights and freedoms. 

Who are the recipients of the personal data processed by MONEXT? 

Your personal data is passed onto the sales and marketing teams, or to the appropriate MONEXT contact who is able to respond to your request to exercise your rights. 
We may not be held liable for the processing of your personal data for which you may have given your consent to third parties and which is not shared between this third party and MONEXT, such as for example data on social networks. Please refer to the data protection policies of these third parties to check the conditions of processing conducted or to exercise your rights with regard to these acts of processing. 

Which security measures are implemented by MONEXT? 

Collected data is stored on a database governed by MONEXT’s security policy. 
We raise employee awareness with regard to personal data protection and ensure that they comply with the regulations in force and our company’s code of conduct. 
We select sub-contractors or service providers which provide a high level of guarantees with regard to the implementation of appropriate technical and organisational measures so that the processing of your data meets the requirements of the applicable personal data protection regulations. 

How long is your personal data stored? 

We have defined specific rules with regard to the timeframes in which personal data can be stored. 
To define these timeframes, we consider the various purposes for which this data is collected, the data subjects concerned by the collection, compliance with legal and regulatory obligations and professional practices with which we undertake to comply. This does not exceed what is strictly necessary for the proper completion of the processing act. 
Data collected via our website is stored for 18 months. 

III – Rights of data subjects

What are your rights? 

You enjoy the right to access, modify, oppose, limit and delete your data, and are entitled to the portability of your personal data. You also enjoy the right to define the instructions concerning the storage, deletion and transfer of your personal data after your death. You also have the right to appeal to the French Data Protection Authority (CNIL). 

How to exercise your rights 

VIn accordance with personal data protection regulations, you can exercise your rights by emailing:  

• communication@monext.com

or by writing to: 

• Le M, 80 chemin de la faisanderie – Communications Department - 13290 Aix en Provence Cedex 

As part of the exercise of your right to data portability, we will return declarative data to you, i.e. data that we may collect directly from you. 

Lastly, if you do not wish to receive sales prospecting by telephone, you can register free of charge on a list that blocks cold calling via the website www.bloctel.gouv.fr. It should be noted that it is prohibited for a professional to prospect a consumer registered on this list by telephone, except in the event of pre-existing contractual relationships. 

How to contact the Data Protection Officer 

MONEXT, via the Arkéa Group, has appointed a DPO. The DPO monitors compliance with personal data protection regulations within the Group and its subsidiaries such as MONEXT. The DPO is also the contact person of the French Data Protection Authority (CNIL), our supervisory body, for any questions concerning personal data management. 

 You can contact our DPO at the following addresses: 

• protectiondesdonnees@arkea.com  
• M. le Délégué à la Protection des Données- Arkéa Group-29808 Brest Cedex 9 

To guarantee an optimum level of safeguarding and compliance with the use of your personal data, the information published concerning this website will be reviewed regularly and more specifically when new functionalities are added. 

Publication date: 2025/06/24