l o a d i n g

Privacy Statement

This data protection statement defines how we, acting as data controller, may process information relating to identified or identifiable natural persons (called “data subjects”) collected from time to time (directly or indirectly, on a compulsory or voluntary manner, manually or otherwise) from the data subjects themselves as well as from its clients, third parties (such as potential clients, subcontractors, providers or any stakeholders involved in an engagement with Tender’z (“We”)) and/or from publicly available sources where applicable.

I. Why do we process personal data?

We may process personal data for the following purposes:

• To provide, develop and improve the services we render:

• To maintain its administrative and clients/suppliers relationships management systems, including:

o Bid issuance and contract drafting;

o Clients/suppliers/alumni follow up and management;

o Invoicing and payments of invoices;

o Advertising, communication and public relations;

o Event organisation and surveys and

o Client or user experience improvement and personalisation of services delivery.

• To apply acceptance and continuance procedures (including anti-money laundering, anti-bribery and counter-terrorist financing), if any;

• To facilitate compliance with its legal, regulatory, professional and/or contractual obligations (including independence and archiving requirements…);

• To maintain and protect its buildings, equipment, IT infrastructure and data (including access management and authentification, security and performance monitoring…);

• To manage and monitor the presence in the buildings, the use of equipment and the interactions of the data subjects (including the management of workspaces, parking, meeting rooms as well as the implementation and the monitoring of safety, health and hygiene measures, etc.);

• To ensure its business continuity;

• To manage risks and litigations;

• To process the data subjects’ requests;

• To manage its websites; and/or

• For any other purpose expressly indicated to the data subject at the time of collection of his/her personal data.

The purposes above are based on at least one of the following legal basis:

• the processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;

• the processing is necessary for compliance with a legal obligation to which we are subject;

• the processing is necessary for the purposes of the legitimate interests pursued by us or by a third party (such as the protection of our assets, the understanding of our clients’ needs and expectations or the fulfilment of our purpose or social interest); and/or

• the data subject has given consent to the processing for one or more specific purposes.

II. What personal data do we process?

Depending on, and when necessary for, the purposes above, we may process the following categories of personal data:

• Identification data;

• Professional data;

• Administrative data ;

• Relational data;

• Environmental data;

• Financial data;

• Numeric data and

• Biometric data.

III. Do we share personal data to third parties?

Depending on the purposes above, and besides the data subjects themselves, we may share the personal data to the following categories of recipients:

• subcontractors, business partners and experts;

• processors and sub-processors such as IT suppliers (including systems administrators, cloud services providers, hosting providers, etc…);

• Our external counsels, agents or auditors;

• entities or individuals that have a relationship with the data subjects (employers, relatives, counsels, business or potential business partners, etc…); and/or

• supervisory bodies or public authorities.

IV. Do we transfer personal data outside the European Union?

We shall not transfer any personal data outside the European Union otherwise that:

• to countries which provide an adequate level of protection for personal data as decided by the European Commission or;

• to recipients under a suitable agreement which contains the legal requirements for such transfer. Copy of the applicable safeguards may be requested to our Data Protection Officer.

V. How long do we keep the personal data?

The personal data will be kept in a form which permits identification of the data subjects for no longer than is necessary for each purpose for which they have been collected, without prejudice to automatic IT back-ups and our legal and regulatory archiving obligations.

Specific aspects of image rights

In the frame of events, workshops and training organised by us, photographer(s) may be present to take non-targeted pictures or videos reflecting the general atmosphere “in full view" of all participants and attendees. However, it may be that the photographer(s) will propose targeted photos or videos in which you are the main subject, either by appearing alone, being put in the foreground, by taking a pose or being interviewed. Insofar as you do not object to being photographed or recorded in such a manner will constitute your deemed consent to the shooting and its publication in all internal media, on its website or on any other media, including social networks.

VI. What are your rights as data subject?

To the extent permitted by the laws, you may have the right, to:

• request access to and rectification or the erasure of your personal data or restriction of processing;

• object the processing of your personal data; as well as

• data portability.

Should the processing be exclusively based on your consent, you shall have the right to withdraw it at any time, without affecting the lawfulness of the processing based on your consent before such withdrawal.

To exercise the rights listed above, you are invited to send an email demonstrating your identity and specifying the right you want to exercise to our Data Protection Office.

Please note that you shall also have the right to lodge a complaint with the competent supervisory authority, the lead supervisory authority competent for personal data processed by us being the Commission Nationale de Protection des Données (CNPD).

How to contact us

For any further information, please contact marie@tenderz.eu

Update – Last update September 16, 2024

In order to comply with the applicable laws and to reflect adequately the way we process the personal data, this data protection statement shall be updated from time to time.