menu
IFA Paris brochure Brochures IFA Paris open days Events Apply to IFA Paris Apply Now

Privacy Policy

The site https://ifaparis.com is operated by GROUPE EDH SAS, a simplified joint stock company with a share capital of €285,000, registered in the Paris Trade and Companies Register under number 381 224 054, having its registered office at SIS 61 rue Pierre Charron, 75008 Paris, itself represented by its Chairman, VENDOME EDUCATION, a simplified joint stock company with a share capital of €8,676,231.80, registered with the Paris Trade and Companies Register under number 880 507 686, itself represented by its Chairman, ARC EDUCATION, a simplified joint stock company with a share capital of €31,889,294.80, registered in the Paris Trade and Companies Register under number 914 479 100, having its registered office at the aforementioned address, represented by its Chairman, Mr Amin KHIARI (hereinafter “GEDH ”).

Users of the site are encouraged to read this privacy policy carefully.

For any questions related to the privacy policy, the User can send an email to the following address: dpo@groupe-edh.com.

1. Definitions

The terms defined hereinafter, the first letter of which is capitalised, will be defined as follows:

Site: the internet Site that is accessible at the following [a]site[/a] address https://ifaparis.comoperated by GEDH.

Cookies: automatic tracking text files set on a device (computer, tablet or smartphone) that record information when a User visits a website or views an advertisement.

Data/Personal Data: any information relating to a natural person who is identified or can be identified, directly or indirectly, through reference to an identification number or to one or more factors specific to that person. This may include the User's surname or first name, telephone number, email address, postcode or gender.

Processing: any action or set of actions relating to Data, such as collecting, recording, storing, consulting, communicating or even deleting and destroying Data.

Data Processor: the natural or legal person who determines the purposes and means of a Processing action, for example, the objective and way in which it is carried out. The Data Processor is identified in Article 2 of this privacy policy.

Sub-Processor: the natural or legal person who processes Data on behalf of the Data Processor, whether it be part of a service or contract.

Recipient: the natural or legal person who receives any such communication of the Data.

Data Protection Officer: the natural person responsible for ensuring that GEDH complies with Data protection regulations.

User: any natural person acting in a non-professional capacity whose Personal Data is processed by GEDH, namely Users visiting the Site, whether they are students, former students or potential students of a GEDH establishment.

2. The identity of the Data Processor and Data Protection Officer

The Data Processor is:

GROUPE EDH SAS
SAS with a share capital of €285,000
Registered in the Paris Trade and Companies Register under number 381 224 054,
61 rue Pierre Charron, 75008 Paris
Phone number: [a]+33 1 53 76 88 00[/a]

The User may exercise these rights by contacting Laura Delair by email at the following address dpo@groupe-edh.com, or by post at the following address: 61 rue Pierre Charron, 75008 Paris

3. General information

This privacy policy may be modified at any time by GEDH for the purpose of complying with changes in laws and regulations, case law, technical changes or the requirements set forth by the authorities. Should the privacy policy be amended, GEDH will inform the User and/or seek the User's consent where necessary.

The most up-to-date version of the privacy policy is the one available on the Site.

Users are invited to read the privacy policy before browsing the Site and to read it regularly to remain informed of any changes and/or updates made by GEDH.

Processed Data

When using the Site, Personal Data may be collected from the User and processed for GEDH.

GEDH seeks to only collect and process Data that is strictly necessary for its intended processing purposes.

If the User does not wish to provide the information marked with an asterisk (*), the User understands and accepts that GEDH will most definitely be unable to respond to the User's request. In such a case, the User is invited to contact the admissions department at the number provided at the bottom of the Site page.

GEDH does not collect any sensitive Data as defined by the applicable regulations.

GEDH may collect Data from minors who wish to obtain information and/or apply for courses offered by GEDH. In accordance with the applicable regulations, the Data Processing of information collected from minors over the age of 15 is not subject to the receipt of consent from the minor or persons with parental authority but requires full disclosure. In this context, the information provided by Users who are minors is adequately described in this privacy policy.

4.1. The Data required for the communication of documentation to the User

To receive documentation relevant to their course, the User must provide the following details:

Additional Data may be required as part of this request (choice of document, choice of campus, etc.) but cannot be considered Data as defined by the applicable laws and regulations.

4.1. The Data required for the communication of documentation to the User

To receive documentation relevant to their course, the User must provide the following details:

In this context, the User may disclose any information that they wish to bring to GEDH's attention. If the User sends Data in this way, GEDH will process it in accordance with the conditions set out herein and in compliance with the applicable regulations.

Additional Data may be required as part of this request (choice of document, choice of campus, etc.) but cannot be considered Data as defined by the applicable laws and regulations.

4.3. The Data required for the application of the User

To apply for a training course offered by GEDH, the User must first provide the following information:

Additional Data may be required as part of this request (choice of document, choice of campus, etc.) but cannot be considered Data as defined by the applicable laws and regulations.

Candidates who have chosen an English-language program complete their registration via a dedicated form, and their Data is processed in accordance with the applicable Privacy Policy.

4.4. Data required to register the User for events

To sign up for an event organised by GEDH, the User must provide the following information:

Additional Data may be required as part of this request (choice of field of study, choice of campus, etc.) but cannot be considered Data as defined by the applicable laws and regulations.

4.6. Additional Data provided

The User may also contact a GEDH establishment directly, by email or telephone, using the contact details provided on the Site.

In this context, the User may disclose any information that they wish to bring to GEDH's attention. If the User sends Data in this way, GEDH will process it in accordance with the conditions set out herein and in compliance with the applicable regulations.

5. Legal basis and processing purposes

The Data is used by GEDH in accordance with the applicable laws and regulations.

The Data Processing is therefore lawful as long as it complies with:

  1. GEDH's legitimate interests relating to:
    • The commercial and financial purposes for which the Data must be processed ;
    • The organisation of prospecting activities among Users ;
    • Requests for information and documentation submitted by Users.
  2. Where applicable, the consent given by Users for the collection and processing of their Data.
  3. Where applicable, the fulfilment of a contract entered into with the User.
  4. Where applicable, compliance with a legal obligation.

6. Purposes of Data Processing

GEDH only uses Data for the purposes described in the privacy policy, either for consistency purposes or for the purposes it explained to the User at the time of collection.

More specifically, Data is collected for the purposes of:

7. Data retention period

The Data collected on the Site are stored by GEDH for 2 (two) years following the last date of contact with the User.

At the end of this period, GEDH may contact the User in question to find out whether they wish to continue receiving commercial communications. Should GEDH fail to receive a positive response, it will delete the Data in accordance with the regulations in force, in particular those set out in the French Commercial Code, the French Civil Code and the French Consumer Code.

In the event of a rejected application, the Data collected as part of the User's application will be kept for 2 (two) years following the last date of contact.

Data collected to manage requests relating to the exercising of rights is kept for between 1 (one) and 6 (six) years according to the right exercised.

Data used to demonstrate proof of a right or contract, or kept to comply with a legal obligation, may be securely archived for a period of time no longer than is necessary for the purposes for which they are kept (in particular, but not exclusively, as required by the French Commercial Code, the French Civil Code and the French Consumer Code, but also by the accounting and tax requirements applicable to GEDH).

8. Cookies

8.1 Each time the User visits the Site, GEDH collects information relating to the User’s connection and browsing.

Cookies have several functions:

8.2. The Cookies stored on the User's device when visiting the Site and the length of time they are stored for are indicated in Appendix 1 (Appendix 1: Cookies).

8.3. Cookies are set and stored on the User's device in accordance with applicable laws and regulations and are subject to the preferences selected by the User, who may modify them at any time.

GEDH obtains the User’s express consent to the use of Cookies upon entering the Site, with the exception of so-called session Cookies, which are necessary for the proper functioning of the Site and which do not require the User’s consent to be stored on his or her terminal. The User does not have the option of objecting to the deposit of these session Cookies on his or her terminal, due to their limited lifespan and the fact that they are necessary for the Site to function.

The User may choose to modify the Cookie settings at any time, via the Cookie settings link. They may also set their browser to refuse all Cookies, accept all Cookies or only accept Cookies that they wish to be stored on their device.

To this end, each browser is set up differently. To change their browser's settings, Users are invited to follow the links below:

The User is thus free to refuse Cookies.

For more information about Cookies, the User is invited to read the CNIL (The French National Commission for Information Technology and Civil Liberties) website: www.cnil.fr.

8.4. Cookies may also be set on the User's device by third-party companies, in particular when the User clicks on the icons of third-party websites that are accessible on the Site, and in particular social networks such as Facebook, Instagram, LinkedIn or YouTube.

By clicking on the icon of one of these third-party sites, the User can share content from the Site, follow the GEDH social media accounts and share their opinions with others.

When the User's account on the third-party website is already activated on their device, third-party Cookies enable the User to be identified and their browsing on the Site to be tracked.

GEDH does not manage how third-party websites collect Data regarding the User's browsing activity on the Site.

Therefore, GEDH recommends that Users read the Cookie policies on said third-party sites to learn more about how they use Cookies.

Accessing Data

9.1. Data Recipients are GEDH's authorised employees and staff members, its establishments and all the group's entities, in particular, members of the finance, marketing, sales and administrative departments and the departments responsible for handling customer relations. The logistics and IT departments may also have access to the Data.

9.2. In addition, GEDH's sub-processors may have access to the Data, especially for the purposes of:

As well as:

AGILITATION (Axeptio), a SAS with capital of €57,500, registered in the Montpellier Trade and Companies Register under number 821 947 009, with its registered office at Rue Benjamin Franklin, 34000 Montpellier;
Privacy policy: https://www.axept.io/fr/cgu
Contact: https://www.axept.io/fr/contactez-nous

HUBSPOT France, a SASU with capital of €475,000.00, registered in the Paris Trade and Companies Register under number 844 620 971, with its registered office at 24 rue Cambaceres, 75008 Paris;
Privacy policy: https://legal.hubspot.com/fr/privacy-policy
Contact: https://preferences.hubspot.com/privacy

OVH, a SASU with capital of €10,174,560, registered in the Lille Trade and Companies Register under number 424 761 419, with its registered office at 2 rue Kellermann, 59100 Roubaix;
Privacy policy: https://www.ovhcloud.com/fr/personal-data-protection/
Contact: abuse@ovh.net

LIVESTORM, a SAS with capital of €21,265.85, registered in the Paris Trade and Companies Register under number 820 434 439, with its registered office at 6 Boulevard Saint-Denis, 75010 Paris;
Privacy policy: https://livestorm.co/fr/rgpd
Contact: help@livestorm.co

METHODEWEB, a limited liability company with capital of €2,550, registered in the Paris Trade and Companies Register under number 503 077 315, with its registered office at 14 cours Albert 1er, 75008 Paris;
Contact: contact@methodeweb.com

ZettaByte Private Limited, a company registered in Singapore under number 201629385H, having its registered office at 111 North Bridge Road #08-19 Peninsula Plaza 179098, Singapore ;

The Processing carried out by GEDH's service providers is governed by agreements in which the Sub-processors agree to comply with the applicable laws and regulations and, more generally, with all the obligations incumbent on them, particularly with regard to protecting the security and confidentiality of Data.

9.3. The Data may also be sent to judicial and regulatory authorities but also to justice officials and ministerial officers as part of debt recovery missions and to protect GEDH’s interests.

10. Transfer of Data

The User is informed that some Data may be shared with partners located in countries outside the European Union for the purposes defined above. GEDH does everything in its power to ensure the security of Personal Data.

Prior to the transfer of Data outside the European Union, and in accordance with the regulations in force, GEDH makes every effort to implement the guarantees necessary to ensure the security of such transfers and to assure Users that the transfers are carried out in accordance with the privacy policy and the applicable regulations.

More specifically, GEDH uses the services provided by HUBSPOT, which may transfer and store Data in hosting centres located in the United States and in other countries outside the European Union exclusively for the aforementioned purposes.

This service provider has implemented measures to ensure compliance with regulations governing Personal Data. To comply with regulatory requirements, HUBSPOT had previously adopted the provisions set out in the Privacy Shield as the legal framework for the transfer of its customers' Data. As the Privacy Shield no longer constitutes a valid transfer system, this service provider applies standard contractual clauses (SCC) for Data protection that have been approved by the European Commission for Data transfers outside the European Union.

For more information, please see Hubspot's Data Protection Agreement, which is available here: https://legal.hubspot.com/fr/dpa.

In any event, the User may withdraw his consent to the transfer of his Data outside the European Union at any time by contacting GEDH at the following address: Data Protection Officer, 61 rue Pierre Charron, 75008 Paris or by email at the following address: dpo@groupe-edh.com.

11. Data security

Given the knowledge available, the costs of implementation and the nature of the Data in question, GEDH is committed to implementing appropriate measures to safeguard the security and confidentiality of the Data. GEDH therefore seeks to prevent the Data from being distorted, damaged or accessed by unauthorised third parties.

In particular, GEDH will ensure that:

In the event of a breach of Data likely to result in a risk to the rights and freedoms of natural persons, GEDH will report the breach in question to CNIL (The French National Commission for Information Technology and Civil Liberties) as soon as possible, and at the latest within the time limits stipulated by the applicable laws and regulations. If a Data breach is likely to result in a high risk to Users' rights and freedoms, GEDH will inform Users of the breach as soon as possible, except in exceptional cases as stipulated by the applicable laws and regulations.

12. Users’ rights

In accordance with the applicable regulations, the User has the following rights:

  • The right to access their Data ;
  • The right to rectify, add to or update their Data ;
  • The right to oppose the Processing of their Data for legitimate reasons ;
  • The right to request the portability of their Data, in other words, the right to receive the Data provided in a structured format, and the right to transmit their Data to a third party ;
  • The right to request that GEDH limit the Processing of their Data ;
  • The right to request that their Data be deleted ;
  • The right to issue instructions concerning the retention, deletion and communication of their Data after their death, whereby these instructions may also be registered with a “certified digital trusted third party ”. These instructions, or a “digital will ” of sorts, may appoint a representative responsible for ensuring their implementation; failing this, the User's heirs will be appointed.
  • Notwithstanding the prior information, GEDH can keep certain Data when it is required to do so by the laws and regulations applicable to its operations or when it has a legitimate reason to do so.

    The User may exercise these rights by contacting the Data Protection Officer by email at the following address dpo@groupe-edh.com, or by post at the following address: 61 rue Pierre Charron, 75008 Paris.

    GEDH will strive to respond to the request as quickly as possible and, in any event, within the time limits stipulated by the applicable laws and regulations.

    The User may submit a complaint to CNIL (The French National Commission for Information Technology and Civil Liberties).

    13. Third-party internet sites

    If the User uses the links on the Site to visit third-party sites, GEDH strongly recommends that the User consult the provisions contained in the privacy policies of the sites visited.

    GEDH shall not be held liable for Data Processing carried out by third-party websites.

    14. Annexes

    Cookies deposited by https://www.ifaparis.com/fr/
    Cookies Purposes Retention period
    _fbp Storage of usage history 3 months
    _ga Used to store and count page views. 2 years
    _gat Used to limit the rate of demand 1 minute
    _gcl_au Advertising 3 months
    _gid Used to distinguish users 1 day
    _schn Traffic targeting Undefined
    _scid Identification 1 year
    https://www.ifaparis.com Session cookie required Session
    Cookies set by third parties
    Setting Cookies Purposes Retention period
    Doubleclick.net DSID Save user preferences 15 days
    IDE Ensure ad delivery or retargeting 3 weeks
    URL Personalised ad 2 months
    Facebook C_user User identification 2 years
    datr Targeted advertising 2 years
    dpr Performance 15 days
    Targeted advertising 2 years
    sb Browser identification 2 years
    xs Register a unique identifier 12 months
    Google.com 1P_JAR Personalised ad 1 months
    AID 1 months
    ANID 9 months
    CONSENT 28 years
    NID 6 months
    _Secure-3PAPISID 3 years
    _Secure-3PSID 1 year
    _Secure-3PSIDCC 1 year
    Linkedin.com AnalyticsSynHistory Data storage 1 months
    UserMatchHistory Cookie used by LinkedIn to synchronise LinkedIn Ads identifiers 1 months
    _guid Personalised ad 3 months
    bcookie Cookie used by LinkedIn to identify devices connecting to LinkedIn 2 years
    lang Used by LinkedIn to remember the language settings Session
    Li_gc Cookie used by LinkedIn to store the User's consent 2 years
    Li_mc Cookie used by LinkedIn to obtain opt-in Data 2 years
    liap Cookie used by LinkedIn to show the connection status 2 years
    lidc Cookie used by LinkedIn to facilitate the choice of data centres 1 day
    lissc Cookie used by LinkedIn to track the use of its services 1 year
    Lms_ads Identification 1 months
    Lms_analytics Identification 1 months
    Ads.linkedin.com lang Used by LinkedIn to remember the language settings Session
    Sc-static.net X-AB Cookie used by Snapchat linked to the integration of content from Snapchat 1 day
    Snapchat.com Sc_at Personalised ad 1 months
    t.co muc Facilitating functionality 2 years
    Twitter.com Guest_id Identification 2 years
    Perzonalization_id 2 years
    YouTube.com
    Privacy policy:
    https://www.youtube.com/intl/ALL_fr/howyoutubeworks/user-settings/privacy/
    APISID Statistical cookie. Used by YouTube to gather information on the use of videos hosted on YouTube 3 years
    CONSENT Personalised ad 18 years
    HSID Fraud prevention 3 years
    LOGIN_INFO Statistical cookie. Used by YouTube to gather information on the use of videos hosted on YouTube 2 years
    PREF 2 years
    SAPISID 3 years
    SID 2 years
    SIDCC 1 ans
    SSID 3 ans
    VISITOR_INFO1_LIVE Essential cookie. Used by YouTube to provide bandwidth estimates 2 years
    YSC Store and track interactions Session
    _Secure-1PAPISID Personalised ad 2 years
    _Secure-1PSID
    _Secure-3PAPISID
    _Secure-3PSID
    _Secure-3PSIDCC 1 year
    _ga 2 years
    _gac_UA-158850311-1 2 months
    Pinterest.com _pinterest_cm Personalised ad 12 years
    _pinterest_sess
    TikTok.com tt_webid Personalised ad 12 years
    tt_webid_v2
    ttwid

    Download
    IFA PARIS Brochure

    Download Now