Data protection

Personal data protection policy

Filhet-Allard Maritime makes personal data protection a priority and an integral part of building trust-based relations with partners, clients, policyholders and beneficiaries. We are committed to the ethical and responsible use of personal data, in accordance with the latest rules in effect under the French Data Protection Act and the General Data Protection Regulation of 27 April 2016 (Informatique et Liberté et le Règlement Général sur la Protection des Données n°2016-679).

About us

Filhet-Allard Maritime is required to collect and process personal data in the course of providing services as an insurance broker, both independently and jointly alongside insurance companies through delegated authority arrangements.

Filhet-Allard Maritime
Rue Miguel Cervantès
33735 Bordeaux Cedex 9, France

Types of personal data we collect

We gather the following personal data to deliver our services and meet relevant legal and regulatory requirements:

Personal details (including name, address, email, telephone number, date of birth, relationship with the insured party, marital status and number of children).
Financial information (including bank details, corporate bank, income and tax assessments).
Employment information (employment situation, name of employer, status and job title).
Insurance details.
Information on any compensation claims underway, along with relevant identification documents, which may include medical data and social security number.
Data required to combat fraud, money laundering and the financing of terrorism.

Why we collect this information

We collect this personal information for the purposes set out below,
with the lawful basis stated in each case.

Lawful basis	Purpose
Contractual necessity	Establishing a relationship. Providing a quote. Processing affiliation. Ensuring follow-up and contract management for clients and insured parties. Providing services. Answering requests.
Legal obligations	Preventing money laundering and the financing of terrorism, with contract monitoring potentially leading to the submission of a Suspicious Activity Report or freezing of assets in accordance with the Monetary and Financial Code. Compliance with legal, regulatory and administrative obligations.
Legitimate interests	Preventing insurance fraud, which may lead to inclusion in the list of individuals posing a risk of fraud. Compiling research and statistics.
Consent	Sending out newsletters.

Filhet-Allard Maritime will ensure the privacy of any personal information provided and will not share this information with third parties for commercial purposes.
In the event that your data is to be used for any reasons other than those listed above, Filhet-Allard Maritime will update its data protection policy to clearly state the new purpose and, where applicable, will request the consent of relevant parties to process their personal information for this new purpose.

Who receives the personal information we collect

Filhet-Allard Maritime will only share personal data with a limited number of recipients on a need-to-know basis:

Individuals responsible for managing the contract for its full duration.
Institutional bodies, insurance companies, other brokers, business partners, and healthcare and third-party payment systems and professionals.
Group affiliates, solely for the purposes of providing specific services, as well as a select group of service providers (subcontractors), who are bound under contract to comply with our privacy and security policy.
Oversight, administrative and legal bodies.

Filhet-Allard Maritime will not share or sell client data in any shape or form to third parties for their own marketing purposes.

Given the international reach of Filhet-Allard Maritime, personal information gathered for the aforementioned purposes may be shared between EEA Member States and non-EEA countries. In such cases, Filhet-Allard Maritime will ensure any data is suitably protected.

How we protect your personal information

Personal data protection and information security are key priorities for Filhet-Allard. Our cybersecurity strategy is expressly designed to effectively cope with the wide array of threats we are liable to face. The goal is to safeguard our information assets and especially the third-party data we process.

This strategy is built on several key principles:

The DPO and security teams work together to devise measures that strike a balance between protection and compliance.
We incorporate security into our initiatives at the earliest possible stage through a dedicated methodology based on privacy by design and security by default.
Our goal is to ensure “adequate security” , which means implementing advanced security protocols based on an in-depth risk assessment and safeguard strategy when the need arises. A key aspect of this approach involves processing sensitive data in accordance with the GDPR. Standard security protocols are implemented when no particular threats are identified.
In addition to implementing suitable security protocols, we use a specific set of in-depth detection measures to identify any attacks as soon as possible and adapt our cybersecurity system accordingly.
The Filhet-Allard security team regularly adapts safeguards to swiftly react to any new threats (new exploits, new types of attack, etc.).

We also have a comprehensive training and awareness-raising strategy to better shield our IT system. All of this has helped our employees hone their instincts and grow more attuned to these issues, making them increasingly adept at flagging any potential vulnerabilities. We aim to ensure our employees are our first line of defence.

How long we hold onto your personal information

Data may only be kept for a limited time, depending on the purposes for which the information is being processed, along with our legal obligations and recommendations from the French Data Protection Authority (CNIL).
Filhet-Allard Maritime will retain data needed for the purposes of the contract and related services for the full duration of the contract and, in the event of termination, until the expiry of the statutory limitation or in compliance with rules governing retention of accounting records.

Your rights

In accordance with the French data protection law of 6 January 1978 and the General Data Protection Regulation (GDPR), you have the right to access, rectify, erase or object to the processing or sharing of your personal information, in addition to determining the manner in which you wish these rights to be exercised after your death.
You may exercise your rights on proof of identity or submit any questions regarding this policy by contacting the Filhet-Allard & Cie data protection officer by email or post at the following address :

Filhet-Allard Maritime

DPO – Service Conformité
Rue Miguel Cervantès
33735 BORDEAUX CEDEX 9

email: dpo@fa-maritime.com

In accordance with relevant regulations, we will reply to any requests within 30 to 60 calendar days.

Any complaints should be submitted to the French Data Protection Authority in writing (CNIL, 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France) or on the website at www.cnil.fr.

Cookie policy

We strive to provide transparent information about the way in which cookies are saved, used and stored on your device (computer, smartphone, tablet, etc.) when you visit the filhetallard.com website, along with related options as to how cookies are managed.

What are cookies?

Cookies are small text files enabling a range of functionality that are stored on your device when you use a browser to visit our website.

Why we use cookies

Our website uses cookies needed to enable basic site features, site security, as well as for analytics, which allows us to gather data needed for site administration.

“Operational” cookies

These cookies ensure the proper functioning and security of the site. In particular, they enable us to :

– block robot requests to ensure that users are indeed human.

– manage the deposit of non-functional cookies, depending on whether or not consent has been given for these other purposes.

In order to maintain the required level of site availability and security, these cookies cannot be configured.

“Analytics” cookies

These cookies allow us to analyse site use and compile visitor metrics. We gather anonymous statistics to help run the site and improve performance, which may include tracking visitor metrics page by page, including data activity and time spent on each page.

These cookies cannot be saved to your device without your consent. You can change your preferences at any time simply by selecting “ Manage cookies ” at the bottom of each website page.

How long do we keep cookies?

Cookies may not be kept on your device any longer than 13 months after they were first stored.
Data collected via cookies may be kept for up to 25 months.

Partners

We use :

– Google
Analytics for audience measurement,

– Google
Ads for advertising purposes,

– Google
reCaptcha to prevent fraudulent or automated connection attempts (robot
requests). The aim is to protect the login system and users against spam.

To find
out more about Google reCAPTCHA, see Google’s
terms of use.

– Commanders Act to
enable you to set and remember your cookie choices.

How to configure cookie settings in your browser

Different browsers manage cookies in different ways.
You can change your cookie preferences in your browser settings:

Microsoft Internet Explorer

Select “Tools” then “Internet Options”
Open the Privacy tab
Use the cursor to choose your level of privacy

Mozilla Firefox

Choose “Settings” from the “Tools” menu
Open the Privacy & Security tab
Select your level of Tracking Protection under Browser Privacy

Google Chrome

Open the Chrome menu in your browser toolbar
Select “Settings”
Open the “Security and Privacy” tab
and select “Cookies and other site data”
Choose your preferred setting

Safari

Open the Safari menu
Select “Preferences”
Choose “Privacy” and select the relevant option