Information We Collect

When you work with us, we need certain information to provide proper financial guidance. Here's what we collect and why:

We only collect what's necessary. If you're just browsing our website, we collect minimal technical data. The detailed financial information comes into play when you become a client.

How We Use Your Information

Your data serves specific purposes in our relationship:

• Creating personalized retirement strategies based on your financial situation and goals
• Analyzing your current pension arrangements and identifying optimization opportunities
• Communicating with you about your accounts, appointments, and important regulatory changes
• Maintaining accurate records as required by French financial services regulations
• Processing payments and managing our business relationship
• Sending relevant information about retirement planning topics you've expressed interest in
• Improving our services based on aggregated, anonymized client feedback and outcomes

We don't use your information for automated decision-making that significantly affects you. Our recommendations always involve human expertise and your personal consultation.

Legal Basis for Processing

Under GDPR, we need legitimate reasons to process your data. Here's our legal footing:

Contract Performance

Most of our data processing happens because we need it to deliver the services you've hired us for. When you sign up for retirement planning consultation, we can't fulfill that contract without processing your financial information.

Legal Obligations

French law requires us to keep certain records. Financial services firms must maintain documentation for regulatory compliance, anti-money laundering checks, and tax reporting purposes. We're not keeping this data just because we want to – we have to.

Legitimate Interests

Sometimes we process data based on legitimate business interests, like improving our services or preventing fraud. We only do this when it doesn't override your rights and freedoms.

Your Consent

For marketing communications or non-essential data processing, we ask for your explicit consent. You can withdraw this anytime without affecting the core services we provide.

Data Sharing and Disclosure

We don't sell your information. Period. But running a financial services practice means working with some trusted partners:

Service Providers

We use specialized software for financial planning calculations, secure document storage, and client management. These providers process data on our behalf under strict contractual obligations.

Financial Institutions

When implementing your retirement strategy, we may need to share relevant information with pension providers, investment platforms, or insurance companies. This only happens with your knowledge and typically your direct authorization.

Professional Advisors

Occasionally we consult with legal advisors, accountants, or industry specialists on complex cases. Information shared is limited to what's necessary and bound by professional confidentiality.

Regulatory Authorities

We're required to disclose information to French financial regulators, tax authorities, or law enforcement when legally obligated. This isn't optional for us.

International Data Transfers

We primarily work with France-based and European Union service providers. Your data generally stays within the EU where strong privacy protections apply.

In rare cases, we might use services with servers outside the EU. When this happens, we ensure adequate safeguards through standard contractual clauses approved by the European Commission or by verifying the provider participates in recognized data protection frameworks.

You can request details about specific international transfers that affect your data by contacting us directly.

Data Security Measures

Financial information requires serious protection. Here's what we do:

• All data transmission uses TLS encryption – the same technology banks use for online services
• Client files are stored on encrypted servers with restricted access controls
• Our team receives regular training on data security and privacy best practices
• We use multi-factor authentication for accessing client management systems
• Physical documents are kept in locked facilities with limited access
• Regular security audits and vulnerability assessments of our systems
• Immediate breach response protocols if something does go wrong

No system is perfectly secure, but we invest significantly in protecting your information and staying current with evolving security standards.

How Long We Keep Your Data

We don't keep information longer than necessary, but "necessary" depends on several factors:

Active Client Relationships

While you're a client, we maintain complete records to serve you effectively and track your retirement planning progress over time.

After Service Ends

French financial regulations require us to retain client files for at least six years after our relationship ends. This protects both you and us if questions arise about past advice or transactions.

Tax and Legal Requirements

Some records must be kept longer for tax purposes or potential legal claims. We follow the longest applicable retention period when multiple rules apply.

Marketing Data

If you've consented to receive our updates but aren't a client, we'll keep your contact information until you unsubscribe or after three years of inactivity – whichever comes first.

Once retention periods expire, we securely delete or anonymize your information so it can no longer identify you.

Your Rights Under GDPR

European data protection law gives you substantial control over your personal information. Here's what you can do:

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this in a commonly used electronic format within one month. There's no charge for reasonable requests.

Correct Inaccuracies

If information we hold is wrong or incomplete, you can ask us to fix it. We'll update our records and notify any third parties who received the incorrect data if appropriate.

Request Deletion

You can ask us to delete your data in certain situations – like if you withdraw consent or if we no longer have a valid reason to keep it. We'll comply unless legal obligations require retention.

Restrict Processing

You can ask us to temporarily stop using your data while we investigate a complaint or if you've objected to processing based on legitimate interests.

Data Portability

For information you've provided under contract or consent, you can request a copy in machine-readable format to transfer to another service provider.

Object to Processing

You can object to processing based on legitimate interests or for marketing purposes. We'll stop unless we have compelling grounds that override your interests.

Withdraw Consent

Where we process data based on consent, you can withdraw it anytime. This doesn't affect processing that already happened.

Cookies and Website Tracking

Our website uses cookies – small files stored on your device that help the site function and let us understand how people use it.

Essential Cookies

These are necessary for the website to work properly. They handle things like security, session management, and form submissions. You can't disable these while using the site effectively.

Analytics Cookies

We use analytics to understand which pages people visit and how they navigate our site. This helps us improve content and user experience. The data is aggregated and doesn't personally identify you.

Your Cookie Choices

You can control cookie settings through your browser preferences. Blocking certain cookies might affect website functionality. We don't use advertising cookies or third-party tracking for marketing purposes.

Changes to This Policy

We review and update this privacy policy periodically to reflect changes in our practices or legal requirements. When we make significant changes, we'll notify active clients directly and update the date at the top of this document.

Continuing to use our services after changes take effect means you accept the updated policy. If you disagree with changes, contact us to discuss your concerns.

Complaints and Regulatory Contact

If you're not satisfied with how we handle your data or respond to your rights requests, you can file a complaint with the French data protection authority:

Commission Nationale de l'Informatique et des Libertés (CNIL)
3 Place de Fontenoy
TSA 80715
75334 Paris Cedex 07, France

You can also contact CNIL through their website or by phone. Filing a complaint with the regulator doesn't prevent you from seeking other legal remedies.