Legal information

Data protection policy

We recommend that companies use, where possible, professional identifiers and contact details that facilitate access to the CSSC Platform by different people within the same company who are responsible for different aspects of promoting cultural diversity.

Personal data submitted via the contact form or the email address contact@culturalcompliance.org, or for participation in the “Collaborative Projects” features, is processed in accordance with the European Union’s General Data Protection Regulation (GDPR) and the French Data Protection Act.

For each data processing operation, the collection of personal data is limited to the strict minimum necessary (data minimization) and in accordance with the purposes, legal bases, and categories of data and persons indicated below. This information is necessary for the purposes identified below.

Purpose	Legal basis	Data categories	Categories of people
Creation of an account to participate in the CSSC Platform	Legitimate interest	Identity/Civil status Contact details	Corporate Diversity or CSR Managers, Municipal Culture Managers
Management of relations with participants in the CSSC Platform	Legitimate interest	Identity/Civil status Contact details	Corporate Diversity or CSR Managers, Municipal Culture Managers
Organization, registration, and invitation to events	Legitimate interest	Identity/Civil status Contact details	Corporate Diversity or CSR Managers, Municipal Culture Managers
Analysis of data submitted via the CSSC Platform	Legitimate interest Provision of analysis services at the core of the CSSC platform	Identity/Civil status Economic and financial information	Corporate Diversity or CSR Managers, Municipal Culture Managers
Collaboration between companies via the CSSC Platform	Consent to participate in the CSSC platform’s networking features	Identity/Civil status Contact details	Corporate diversity or CSR Managers
Submission of projects as part of a search for support	Consent to participate in the CSSC platform’s networking features	Identity/Civil status Contact details	Municipal Culture Managers or artists responsible for the project

This data is retained for as long as a company or project remains active on our platform and for one year from the date of inactivity of a company (e.g., non-renewal of the certification process) or the deletion of a proposed cultural project.

The data processed is intended for authorized CSSC project personnel and its service providers and is stored within the European Union.

Each user only has access to their own data. No user data is transferred to another user without their consent. The sole purpose of this transfer is to enable them to participate, if they choose, in the networking features of the CSSC platform.

Exercising your rights

Under the terms of the GDPR and the French Data Protection Act, individuals have the right to access data concerning them, as well as the right to rectify, restrict, transfer, and erase such data.

Individuals affected by the processing operations also have the right to object at any time, on grounds relating to their particular situation, to the processing of personal data based on legitimate interests, as well as the right to object to commercial prospecting.

They also have the right to define general and specific guidelines defining how they wish the above rights to be exercised after their death by email to the following address: contact@culturalcompliance.org, accompanied by a copy of a signed identity document.

The persons concerned have the right to lodge a complaint with the CNIL (French National Commission on Information Technology and Liberties).