Privacy policy

June 17, 2019


The protection of privacy is at the heart of the concerns of GROUPE LEGENDRE and its Subsidiaries (the “Subsidiaries”).

The processing of your Data is subject to compliance with the provisions of Law 78-17 of 6 January 1978 as amended (“Data Protection Act”) and European regulation No. 2016/679 of 27 April 2016 on the protection of Personal Data. Personal, known as “RGPD”, or any other legislative or regulatory act modifying them. You can obtain further information on data protection from the National Commission for Informatics and Freedoms (

This Privacy Policy concerns individuals and is intended to explain clearly and simply – as an Internet user visiting our Site how we collect, use and store your Personal Data.

To this end, this document provides the persons for whom the LEGENDRE GROUP is data controller, information relating to:


“Personal Data”: Refers with regard to Article 2 of the Data Protection Act “Any information relating to an identified natural person or who can be identified, directly or indirectly, by reference to an identification number or to one or more elements which are specific to it ”. In particular, Personal Data includes Data allowing the identification of Users.

“Subsidiaries”: Refers to the subsidiaries which are located within the scope of their parent company, namely the LEGENDRE GROUP.

“LEGENDRE GROUP”: Simplified joint-stock company with a capital of 10,065,600 euros, whose registered office is located at 5, rue Louis-Jacques Daguerre – 35136 SAINT-JACQUES-DE-LA-LANDE and registered with the Trade and Companies Register de Rennes under number 440 919 777 considered as the data controller.

“Privacy Policy”: Refers to this document, accessible from the websites of the LEGENDRE GROUP and its Subsidiaries, with the aim of informing the Internet user of the way in which the data controller collects, uses and stores Personal Data .

“Website”: Refers to the digital medias used by the LEGENDRE GROUP and its Subsidiaries to inform Internet users about their activity.

“DPO”: Acronym for Data Protection Officer, designates the Data Protection Officer.

Article 1 – Who is the data controller?

The LEGENDRE GROUP is responsible for processing your Data.

The LEGENDRE GROUP, a simplified joint-stock company with a capital of 10,065,600 euros, whose registered office is located at 5, rue Louis-Jacques Daguerre – 35136 SAINT-JACQUES-DE-LA-LANDE and registered in the Trade and Companies Register of Rennes under number 440 919 777, (hereinafter the “LEGENDRE GROUP”, or “Data Controller”) is the data controller.

You can contact us by mail by writing to:

LEGENDRE GROUP Legal Department – DPO
5, rue Louis Jacques Daguerre

The LEGENDRE GROUP has appointed a DPO for itself and all of its “Subsidiaries”. The latter’s mission is in particular to inform and advise the Data Controller on all matters relating to the protection of Personal Data. He ensures compliance with the regulations on the protection of Personal Data. He is also the contact person for the National Commission for Informatics and Liberties (the “CNIL”), the supervisory authority, for any question relating to the management of Personal Data.

You can contact our DPO:

We do everything we can to comply with the regulations in force on data protection, as well as the implementation measures, supervised by the CNIL. For certain services, we call on specialized partners who act as subcontractors. They must comply with our Privacy Policy and must also comply with their legal obligations in this area. In addition, we also ensure the protection of your Personal Data through appropriate provisions in our contracts with parties that may help us process your Personal Data or to whom we communicate your information.

Article 2 – What do we mean by Personal Data?

By Personal Data, we mean not only Data that identifies you directly, but also data that does so indirectly.
The various Personal Data that we usually collect in the context of the use of the Site are in particular the following:

Unless required by law, we do not process sensitive Personal Data, i.e. Data relating to health, racial or ethnic origin, political opinions, religion or beliefs, trade union membership or sexual life.

Article 3 – When do we collect your Data?

The LEGENDRE GROUP and its Subsidiaries collect your Personal Data directly or indirectly, in particular:

The LEGENDRE GROUP and its Subsidiaries may also be recipients of data that has been collected from you by a third party.

Article 4 – From whoom do we collect Data concerning you?

We collect most of your Personal Data directly from you, but may need to obtain information about you when we consult a file maintained by a public authority.

Article 5 – Purposes of the processing of Personal Data

The processing of Personal Data carried out by the LEGENDRE GROUP and its Subsidiaries through the Sites has the following purposes (hereinafter the “Purposes”):

The information essential to the LEGENDRE GROUP to fulfill the purposes described above is indicated by an asterisk (*) on the various pages of the Sites. Failure to complete the fields marked with an asterisk (*) could result in you being refused access to all or part of the services and features of the Sites and your requests may not be taken into account. The other fields are optional and are intended to improve the quality of the service offered to you by the Sites.

The other information is optional and allows us to get to know you better and to improve our communications and services to you.

Article 6 – Legal basis for the use of your Personal Data

In accordance with the law, we use your Personal Data when we have previously obtained your consent.

We also ensure that the Personal Data concerning you which are transmitted to us by third parties, have been collected in accordance with the law.

Article 7 – Cookies and other similar technologies

We use cookies on our Sites to increase their performance, to allow them to remember your preferences, and to provide you with information that we think may be of interest or useful to you.

Generally speaking, cookies are small data files stored on your computer. They can have different functions, but are generally used to keep track of the websites visited. They contain a small amount of information about specific website visits that can be used to remember you and your preferences on future visits.

Cookies can be “functional” and contain Data about you (as a user) such as language, which means that you do not have to re-enter this Data each time you visit our Websites.

Cookies can also be “technical” and record Data relating to the pages of our Website visited by the user as well as where the information can be entered in forms. Such cookies provide personalized information and may prevent you from receiving the same advertisements or other announcements over and over again. We also use Data recorded by cookies to compile statistics for our Website and to ensure that its performance and content is improved.

We may use cookies to identify certain patterns in your online behavior, in order to provide you with content that meets your needs and serves your interests.

Most browsers are automatically configured to accept cookies. However, you can configure your browser to notify you of each cookie sent, or to prevent cookies from being saved to your hard drive. If you refuse our cookies, you may experience a slowdown in navigation or not be able to access all services.

Our Websites may contain links to third party sites whose terms of use are outside the scope of our privacy policy. We recommend that you carefully read their Personal Data protection policy.

Article 8 – Retention period

The Personal Data collected is kept for the time necessary to achieve the various Purposes described in the previous paragraph and to comply with our legal obligations.

Data relating to cookies is kept for a period of thirteen (13) months from their collection. The Personal Data collected is deleted following the occurrence of one of the following events:

Article 9 – Data security

We take appropriate technical and organizational measures to ensure that your Personal Data is adequately secured against accidental loss or disclosure to persons who do not have authorization.

Procedures for the physical and electronic safeguarding of Personal Data collected on the Sites are implemented, in accordance with the French legislation in force relating to the protection of Personal Data.

Employees of the LEGENDRE GROUP and its Subsidiaries who, by virtue of their function, have access to your Personal Data undertake to maintain the utmost confidentiality in this regard.

However, the LEGENDRE GROUP and its Subsidiaries do not control all the risks associated with the operation of the Internet and draw your attention to the existence of possible risks in terms of occasional loss of Data or breach of the confidentiality of Data passing through the internet network.

To this end, it is necessary to contribute to the security of your Personal Data by following these few tips:

The information offered on the website may be interrupted for cases of force majeure or beyond the control of the LEGENDRE GROUP or its Subsidiaries or for facts not falling under the responsibility of the LEGENDRE GROUP or its Subsidiaries.

Article 10 – Data recipients

According to the purposes described above, the Personal Data collected by the LEGENDRE GROUP and its Subsidiaries may be sent to the following recipients: the relevant departments and / or departments of the LEGENDRE GROUP, the departments and / or departments of the Subsidiaries, the partners commercial, any third party providers.

The LEGENDRE GROUP and its Subsidiaries only transmit your Personal Data to a third party in the following cases:

Article 11 – What are your rights?

11.1 – Right of access and rectification

You have a right of access to the Personal Data which concern you.

Following your request, the LEGENDRE GROUP can provide you with:

From the receipt of your request for the right of access, accompanied by a copy of a valid identification document, we will get back to you within a maximum of thirty working days. In the event that your request turns out to be complex, we will notify you within one month and get back to you with the requested elements within a maximum of two additional months. If you notice that your Data is inaccurate or incomplete, you can ask us to rectify it.

We take all necessary measures to ensure that your Personal Data is correct, up to date, complete, relevant, which is why we ask you to keep us informed of any changes.

If we correct your Data and have previously shared it with a third party, we will also notify the third party.

11.2 – Right to be forgotten

In certain specific cases, the law allows you to have your Personal Data deleted.

This is particularly the case if the Data is no longer necessary with regard to the Purposes for which we collected it, if the processing of your Data is based exclusively on your consent and you decide to withdraw it, or if you are opposed to the processing of your Data and that the LEGENDRE GROUP or its Subsidiaries do not have legitimate reasons that prevail over yours.

The LEGENDRE GROUP and its Subsidiaries may however retain your Personal Data when they are necessary for the establishment, exercise or defense of its legal rights or for the LEGENDRE GROUP and its Subsidiaries to comply with their legal obligations. The LEGENDRE GROUP and its Subsidiaries will thus be bound by the retention periods provided for by the various laws.

11.3 – Right to restriction of processing

This specific right of objection allows you to ask the LEGENDRE GROUP and its Subsidiaries for a temporary blocking of your Data in specific cases defined by law: The LEGENDRE GROUP and its Subsidiaries will then no longer be able to process your Data concerned for a defined period of time.

This lock can be requested:

If you have made use of this right, we will be able to keep your Data, but we will not be able to make any other processing of it except with your agreement, for the observation, the exercise or the defense of our rights (or those of another person), or in the cases provided for by law.

11.4 – Right to Data portability

By virtue of this right, you can ask GROUPE LEGENDRE or its Subsidiaries to send you your Personal Data or to send them directly to another controller, when technically possible. This right only applies to Data that you have provided yourself and which are subject to automated processing, under a contract or with your consent.

11.5 – Right to withdraw your consent

When the processing of your Data is based on your consent, you have the right to withdraw this consent at any time. This withdrawal will not however call into question the legality of the processing carried out during the period preceding your withdrawal of consent.

11.6 – Right of opposition

You always have the right to object, without justification and without charge, to the use of your Data for prospecting purposes. In this case, your Data will no longer be used for this purpose.

In addition, you also have the right to oppose, for reasons relating to your particular situation, any processing of your Personal Data which is based on our legitimate interest. However, your request will not be acted upon if our legitimate interest prevails over yours or if the processing of your Data is required for the establishment, exercise or defense of our legal rights.

Article 12 – How to exercise your right or let us know that you no longer wish to recieve marketing offers?

To exercise your rights, you can send us your dated and signed request, accompanied by a legible copy of both sides of your identity card, being as precise as possible:

Upon receipt of your complete request, we will respond within a maximum of 30 calendar days.

For any additional copy requested in the exercise of your right to access your Personal Data, we are authorized to charge you a reasonable amount on the basis of administrative costs.

Article 13 – Personal data policy relating to minors

The website does not target minors as a public. Access to the Sites, however, is not restricted to adults due to the fact that it does not feature content prohibited to minors under the age of eighteen (18).

The forms and surveys on the website are not intended to collect information on minors. If information was collected on a minor via our Sites, the legal representative of the minor would have the possibility of contacting the LEGENDRE GROUP to rectify, modify or delete this information.

Article 14 – Responsability

By using the website, you agree to have read your rights and the related procedures.

Furthermore, the LEGENDRE GROUP cannot be held responsible in the event that:

Article 15 – How to contact in the event of a complaint?

In the event of a complaint concerning the processing of your Personal Data, you can submit a complaint to the National Commission for Informatics and Freedoms at the following address:

National Commission for Informatics and Freedoms
3 Place de Fontenoy
TSA 80715
75334 PARIS CEDEX 07

Tel. : 01 53 73 22 22
Fax : 01 53 73 22 00

Article 16 – Modification of our privacy policy

We may need to modify this Privacy Policy, in particular in the case of the addition of new services. We invite you to regularly consult this document in order to be aware of any changes or updates made to the Privacy Policy.