Personal data and cookies Charter

Version Française

Welcome to the website

CYRANO may collect and process personal data of persons (hereinafter the "Users") browsing the website (hereinafter the "Website").

Concerned about respecting your privacy, CYRANO undertakes to ensure that the collection and processing of this information is carried out in compliance with the applicable rules on the protection of personal data, including the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter the "GDPR") and Law No. 78-17 of 6 January 1978 known as the "loi informatique et libertés" (hereinafter together the "Regulations").

The personal data and cookies Charter (hereinafter referred to as the "Charter") aims to inform you about your rights and freedoms that you may assert with regard to our use of your personal data and to describe the measures that we implement in order to protect them.

1. Who processes your personal data?

The person responsible for the processing of personal data relating to the management of the Website referred to in this Charter is CYRANO, a simplified joint stock company (“société par actions simplifiée”),with capital of 12 000.00 euros, whose registered office is located at 4 rue du Faubourg Saint-Honoré, 75008, Paris and which is registered in the Paris Trade and Companies Register under number 390 570 885.

The Website allows you to:

- send your application via the "BECOME A MODEL" section of the Website;
- browse the various sections of the Website and access general information on CYRANO's activity.

This processing is carried out in accordance with applicable law.

2. What personal data do we process?

By using the Website, you are likely to provide us with a certain amount of personal data about yourself, mainly data collected under the following categories:

- Data relating to an application: last name, first name, date of birth, country, city of residence, email address, telephone number, height and photos (full-length portrait and picture without make-up);
- Connection data and log.

3. What are the purposes and legal bases for processing personal data collected?

CYRANO processes personal data as described in this Charter on the following legal bases and for the following purposes:

- Data relating to an application: we use this data as part of our recruitment process in order to select and evaluate model applications. This processing is based on CYRANO's legitimate interest in building up a pool of candidates.
- Connection data: we use this data to manage the Website. This processing is based on CYRANO's legitimate interest in ensuring the security and user-friendliness of the Website.

4. How long is your personal data kept?

Your personal data is kept for no longer than is necessary for the purposes for which it is processed.

- Data relating to an application: personal data of successful applicants is kept for the duration of the contractual relationship and that of unsuccessful applicants is kept, unless otherwise requested, for 2 years from the last contact with us;
- Connection data: this data is kept for 1 year.

5. Who are the recipients of personal data?

In order to carry out the processing provided for in this Charter, your personal data may be communicated to the following persons:

- authorised members of CYRANO, in particular the administrative and human resources departments;
- CYRANO's service providers.

In addition, the data may be communicated to any authority legally entitled to know about it, in particular in the event of a judicial requisition from the judicial, police or administrative authorities.

6. Is personal data transferred outside the European Union?

The personal data covered by this Charter is collected and processed solely within the European Economic Area (EEA).

If a transfer of data were to take place outside the territory of the EEA, the transfer of the User's personal data would be implemented on the basis of an adequacy decision issued by the European Commission, in accordance with Article 45 of the GDPR, recognising that the country to which the personal data is transferred ensures an adequate level of protection. If the country has not been recognised as having an adequate level of protection by the European Commission, the transfer will be based on one of the appropriate safeguards referred to in Article 46 of the GDPR.

Any transfer of data to a third country outside the European Economic Area is carried out in compliance with the applicable regulations and in such a way as to ensure adequate data protection.

7. What security and confidentiality measures have been put in place?

The data controller implements appropriate measures to protect the security and confidentiality of your personal data and, in particular, to prevent it from being distorted, damaged or disclosed to unauthorized third parties.

8. What cookies are used on the Website?

Cookies are text files that are stored on your terminal. They are necessary for the operation of the Website (functional cookies).

9. How can you exercise your rights?

You have a right of access, information, rectification, limitation, opposition and deletion of your data.
Specifically in France, you have the right to define directives relating to the conservation of your data after your death, whether for the purposes of deletion or communication to third parties.

To exercise your rights and ask us questions about the processing of your personal data, please contact [ email address] and/or send us your request by registered letter with acknowledgement of receipt to the following address : 4 rue du Faubourg Saint-Honoré, 75008, Paris.
If, after contacting us, you feel that your rights have not been respected, you may submit a complaint to the Commission national de l'informatique et des libertés (CNIL), 3 place de Fontenoy - TSA 80715, 75334 Paris Cedex 07.