Personal data protection
As data controller, Naval Group strives to protect your personal data.
Why do we use your personal data and how long do we keep it?
We use your personal data:
- To comply with various legal and regulatory obligations by which we are bound, including:
- Answering official requests from duly authorised public or judicial authorities;
- Combating corruption;
- Combating money laundering and the financing of terrorism.
In this context, we store your personal data for the time required by the applicable regulations.
- To enter into a contract with you as part of our supplier relations;
- To enter into a contract or an agreement with you in the context of a partnership relationship or an M&A transaction;
- We store your personal data for the duration of our contractual relationship;
- For the pursuit of our legitimate interests:
- Recruitment management.
We store your personal data for 18 months after our last contact.
You may delete your account and the associated data by visiting your applicant page ("Talents" section).
- Continuous improvement of our communication (via cookies);
- Communication about our products, services, offers, news and what we do at Naval Group;
- Monitoring our competitive ecosystem's news & knowledge.
What personal data do we use concerning you?
In compliance with the regulations, we collect and use only the data required for the purposes for which it is processed.
We may collect different types of personal data concerning you, including:
- Identification data (e.g. last name, first name, postal address, email address, telephone number, photograph);
- Professional data (e.g. CV, employment information);
- Information related to your digital activities (e.g. IP address, browsing activity, geolocation);
- Privacy data (cookies).
With whom do we share your personal data?
In order to fulfil the purposes described above, we transmit your personal data to:
- Duly authorised Naval Group employees;
- Partners and subcontractors performing services on our behalf;
- Judicial authorities, state agencies or public bodies, upon their request and within the limits authorised by the regulations;
- Regulated professions such as lawyers, notaries or statutory auditors.
What security measures have we put in place for your personal data?
We have defined technical and organisational measures to protect your data appropriately depending on its nature, extent of processing and accessibility. This may concern, for example, data encryption, management of access rights, secure flows, etc.
Respect for the security and protection of your data is required of all our employees as well as our partners and subcontractors.
Where is your personal data transferred?
Exceptionally, to fulfil the purposes described above and to host your data, it may be transferred to legal entities of Naval Group, its partners, as well as to some subcontractors located outside the European Economic Area. In this case, Naval Group takes the necessary measures to protect your personal data.
What are your rights and how can you exercise them?
Depending on the case, you may exercise the following rights:
- Right of access: you may obtain information concerning the processing of your personal data, as well as a copy of this data;
- Right of rectification: if you believe that your personal data is inaccurate or incomplete, you may request that this data be amended accordingly;
- Right of erasure: you may request the erasure of your personal data, within the limits permitted by the regulations;
- Right to restriction of processing: you may restrict the processing of your personal data;
- Right to withdraw consent: if you have given your consent to the processing of your personal data, you may withdraw this consent at any time;
- Right to data portability: you may ask to receive the personal data you provided to us, or, where technically possible, to transmit such data to a third party;
- You are also entitled to object to the processing of your personal data on grounds relating to your particular situation;
- You are also entitled to lodge a complaint with the French data protection authority (CNIL);
To contact the Group Data Protection Officer (DPO), or to exercise your rights: firstname.lastname@example.org.