PREAMBLE

This Internet website (the « Website”) is made available by the company Omnicom Public Relations Group (hereinafter referred to as “OPRG”), a Simplified Joint Stock Company with capital of 872,115 euros, whose registered office is located at 73, rue de la Condamine – 75017 Paris, registered in the Trade and Companies Register of Paris under number 414 079 251.

The Website is not intended for consumers, as defined in the introductory article of the Consumer Code.

OBJECT, ACCEPTANCE AND MODIFICATION OF THE TERMS AND CONDITIONS

Access to and use of the Website (including all or any part of its content) by any Internet user (the “User” or “you”) are governed by these Terms and Conditions of Use (hereinafter the “Terms”).

Before using the Website and the services offered therein, please read these Terms carefully as they describe your rights and obligations, as well as those of OPRG. Access to the Website, its use and the use of services that may be offered therein imply the unreserved and unconditional acceptance of the terms of these Terms and Conditions by the User. If you do not wish to be bound by these Terms, you are not authorized to use the Website and the services offered therein and must immediately cease their use.

The Terms and Conditions are directly accessible on the Website at any time. OPRG reserves the right to modify the Terms and Conditions at any time. The modified Terms and Conditions shall take effect on the date of their publication on the Website and are deemed to be accepted without reservation by any User who browses the Website after their publication. The applicable Terms and Conditions are those in effect on the date of navigation on the Website.

INTELLECTUAL PROPERTY

The structure of the Website and all graphic, textual, visual and photographic elements therein, namely in particular illustrations, texts, decorations, presentation methods, slogans, graphics, images, photographs and other content (hereinafter the “Content”) are and remain the exclusive property of OPRG or are licensed to OPRG and are protected, in particular, by intellectual property rights.

In particular, the trademarks, logos, company names, acronyms, trade names, signs, domain names, product and service names used on this Website, whether registered or not, constitute distinctive signs or commercial names (hereinafter the “Distinctive Signs”) which are and remain the exclusive property of OPRG or are licensed to OPRG.

Subject to compliance with these Terms and Conditions, OPRG grants Users a personal, non-exclusive and non-transferable right to access and use the Website, its Content and/or the Distinctive Signs solely for the purpose of consulting the Website (excluding in particular any commercial exploitation).

Accordingly, any representation, reproduction, modification and/or total or partial exploitation or other use of the Website, its Content and/or the Distinctive Signs, by any process and on any medium whatsoever, including by storing information on another medium, for purposes other than those expressly provided for in these Terms and Conditions without the prior express written authorization of OPRG is prohibited and may engage the User’s liability.

More specifically, and without prejudice to the provisions of Section 2.3, the User shall refrain from:

·  copying, reproducing, representing, distributing or publishing, whether on a permanent or temporary basis, all or part of the Site and/or its Content and/or the Distinctive Signs, by any means and on any medium whatsoever, whether now known or hereafter devised;

·  creating derivative works from the Site and/or its Content and/or the Distinctive Signs;

·  modifying, translating, adapting or arranging all or part of the Site, its Content and/or the Distinctive Signs;

·  disassembling, decompiling or carrying out any reverse engineering of the Site and/or its Content;

·  carrying out any extraction, use, storage, reproduction, representation or retention, whether direct or indirect, in whole or in part, of a qualitatively or quantitatively substantial portion of the contents of one or more of OPRG’s databases, or the repeated and systematic extraction or re-use of qualitatively or quantitatively insubstantial portions of the contents of one or more of OPRG’s databases, without OPRG’s prior written authorization;

·  distributing, transmitting, disseminating, selling, renting, marketing, licensing or otherwise exploiting, in any manner whatsoever, all or part of the Site and/or its Content and/or the Distinctive Signs without the prior express written consent of OPRG.

• The User undertakes not to access and/or use the Site for any unlawful purpose

(including, without limitation, by commercializing or restricting, directly or indirectly, access to the Site or its Content) and/or with the intent to harm OPRG’s reputation or image, or, more generally, to infringe its rights, including its intellectual property rights or those of any third party.

PERSONAL DATA

When the User browses the Website, OPRG may collect and use personal data.

For more information on how OPRG processes your personal data, please consult OPRG’s Personal Data Protection Policy available here.

HYPERLINKS

No hyperlink directing to the Site may be created or published without the prior express written authorization of OPRG. Requests for authorization must be sent to the Site’s publication director at the following address: [email protected]

The Site may contain hyperlinks to other websites or, more generally, to resources available on the Internet. As OPRG has no control over such third-party websites and resources, OPRG makes no representations or warranties regarding the availability or content of such sites and resources and disclaims any liability in respect of the content (whether advertising or otherwise), products, services, or any other materials available on or from such external sites or resources.

OPRG shall also not be liable for any actual or alleged damage or loss arising out of, or in connection with, the use of, or reliance upon, any content, goods, or services available on such third-party websites or resources. The User accesses such websites and/or resources at their own risk.

WARRANTIES – LIABILITY

The Site and its Content are provided “as is”. OPRG does not warrant that the Site or its Content will be error-free or available on an uninterrupted basis.

The Site is, in principle, accessible twenty-four (24) hours a day and seven (7) days a week, subject to:

– any event of force majeure as defined by French courts, including, without limitation, natural disasters, fires, malfunctions or interruptions of the electrical network, terrorist acts, strikes, wars and pandemics;
– the availability of the Internet network. It is specified that the Internet network and the computer and telecommunications systems used in connection with access to and use of the Site are not free from errors and that interruptions and outages may occasionally occur;
– suspensions of the Site for technical reasons, including updates to the Site, maintenance operations, or any other technical cause or decision made by OPRG.

OPRG reserves the right, at any time and without prior notice, to modify, suspend or discontinue all or part of the services offered on the Site, without incurring any liability in this respect.

OPRG undertakes to use its best efforts to remedy any malfunction brought to its attention (such undertaking constituting an obligation of means). However, OPRG shall not be held liable if it is required to temporarily or permanently suspend the Site without prior notice, in particular for technical and/or maintenance reasons, regardless of their origin or cause. OPRG shall not be liable for any inconvenience or damage related to the use of the Internet network.

The User warrants that they will use the Site in accordance with its intended purpose. The User is solely responsible for their use of the Site and the services, as well as for the content accessed from the Site.

Users are responsible for taking all appropriate measures to ensure the security of their equipment, data, software or other materials, in particular against contamination by any virus and/or attempted intrusion to which they may be exposed. OPRG does not guarantee that the Site will be compatible with any particular hardware or configuration and shall not be liable for any malfunction of any kind relating to the User’s computer equipment or Internet connection when accessing the Site and/or the services offered on the Site. The User is solely responsible for implementing and maintaining the proper functioning of the technical means necessary to access and use the Site, including, without limitation, their computer equipment, devices, Internet connection and any software or browser.

OPRG shall under no circumstances be held liable for:
– any direct or indirect damages, including loss of profits, loss of business, loss of data, loss of time, loss of goodwill or any other loss of intangible assets or commercial harm, arising out of or in connection with: (a) access to, use of, or inability to use the Site (and/or any sites linked to it), the services offered through the Site, or the Content of the Site (and/or any sites linked to it), including where access to the Site has been restricted by OPRG pursuant to these Terms of Use; (b) any transaction carried out through or facilitated by the Site (and/or any linked sites); (c) any claim attributable to errors, omissions, or other inaccuracies contained on the Site and its Content (and/or any linked sites) or the services offered through the Site (and/or any linked sites); (d) any alteration of your transmissions or data; or (e) any other matter relating to the Site and its Content (and/or any linked sites) or any services offered through the Site, even if OPRG has been advised of the possibility of such damages;
– any abnormal use of or unlawful exploitation of the Site. OPRG reserves the right, at any time, for any reason and at its sole discretion, to refuse all or part of access to the Site to any User without owing any compensation or damages to the User. In this respect, OPRG may block the User’s IP address(es) at any time, without prior notice and at its sole discretion, in order to prevent the User from continuing to use the Site, which the User acknowledges. OPRG reserves the right to take any measures it deems appropriate, at its sole discretion, in response to any breach of these Terms of Use, and expressly reserves all rights and remedies available to it.

GOVERNING LAW – JURISDICTION

These Terms of Use shall be governed by and construed in accordance with French law.

In the event of any dispute arising in connection with the application, interpretation and/or performance of these Terms of Use, the parties undertake to use their best efforts to resolve the dispute amicably prior to initiating any legal action or mediation proceedings.

Accordingly, in the event of a dispute between a User and OPRG, the parties agree to negotiate in good faith to settle the dispute. If the parties fail to resolve the dispute within thirty (30) business days from written notice of the dispute given by the most diligent party, the dispute may be submitted to the competent courts of the city of Paris, to which jurisdiction the parties hereby expressly submit.

MISCELLANEOUS

These Terms of Use constitute the entire agreement between OPRG and the User with respect to the User’s access to and use of the Site and its Content and supersede any prior agreement between the User and OPRG having the same subject matter.

If one or more provisions of these Terms of Use are held to be invalid, illegal or unenforceable by a competent court or under any applicable law or regulation, the provision(s) concerned shall be severed, and the validity and enforceability of the remaining provisions of these Terms of Use shall not be affected thereby.

The failure of OPRG to enforce any provision of these Terms of Use shall not be construed as a waiver of such provision or of the right to enforce such provision at a later date and/or to seek remedies for any breach of that provision.

Omnicom Public Relations Group and the Omnicom Public Relations Group branded companies (“we”, “us” or “our”) respect your privacy. We are committed to protecting your privacy and safeguarding your information against any unauthorized use.This Personal Data Protection Policy (the “Policy”) is intended to comply with the requirements of Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “GDPR”).

WHO PROCESSES YOUR PERSONAL DATA?
This Policy applies to the processing of personal data by Omnicom PR Group France and Omnicom Public Relations Group in the United States (to the extent that such non-European Omnicom Public Relations Group entity is subject to the GDPR).
For the purposes of this Policy and of the GDPR, to the extent that any of the above entities processes your personal data in connection with the use cases identified in this Policy, each shall be considered a “data controller” of your personal data. Please note that in certain circumstances we may carry out the activities described in this Policy in our capacity as a processor acting on behalf of our clients. We clearly distinguish such situations in this Policy.

PURPOSE OF THIS POLICY
This Policy explains our approach regarding the personal data that we may collect from you when you use this website (the “Site”) and any other personal data concerning you that we may collect or process in other situations or interactions with us, as well as the purposes for which we process your personal data.
This Policy also sets out your rights in relation to our processing of your personal data.
This Policy will inform you of the nature of the personal data concerning you that we process and how you may request that we delete, update, transfer and/or provide you with access to such data, or object to its processing for a particular purpose. This Policy is intended to help you make informed decisions when using the Site, when providing us with personal data, or in any other circumstances in which we may process your personal data.
Please note that this Policy is not intended to apply to our processing of personal data relating to employees of Omnicom Public Relations Group, which is governed by our separate workplace privacy policy.

TYPES OF PERSONAL DATA WE COLLECT/PROCESS
When we refer to personal data, we mean any information relating to an identified or identifiable natural person. Natural persons may be identified by reference to a name, an identification number, location data, an online identifier (such as an IP address), or to one or more factors specific to them, such as their physical appearance. The categories of personal data that we may collect and process include:les coordonnées (p. ex., nom, adresse postale, numéro de téléphone, adresse e-mail) ;
contact details (e.g., name, postal address, telephone number, email address);
your date of birth;
information relating to your employment or education;
information about your interests or affiliations, or about positions publicly expressed on political matters, corporate matters or similar issues;
information relating to articles (or similar content) that you may have published;
information relating to talent recruitment and human resources (e.g., right-to-work information, financial account information, government-issued identification information, or dietary requirements);
 your image;
 any additional data capable of identifying you that you provide to us.
For more information about the personal data we collect, please refer to the section

HOW DO WE USE PERSONAL DATA? below.
CHILDREN’S PERSONAL DATA
We do not seek to collect personal data from children and do not knowingly collect such data.

HOW WE OBTAIN PERSONAL DATA
We may collect and receive your personal data using different methods:
Personal data you provide to us. You may provide your personal data to us directly. This will be the case, for example, when you send us enquiries, complete forms on our Site or in paper form, participate in a survey, subscribe to our marketing communications, provide feedback, provide services to us, or otherwise interact with us.
Personal data received from third parties. From time to time, we may receive personal data about you from third parties. For example, we may receive your contact details from an industry contact or a client, we may receive your CV from your agent or a recruitment service provider, or we may receive information regarding your dietary requirements from your agent or a catering service provider. We may also use third parties to collect personal data relating to your interactions with our Site.
Publicly available personal data. From time to time, we may collect personal data about you (including your contact details, biography, interests or affiliations) from publicly available sources (including open-access databases), media reports, or personal data about you that you or a third party has made publicly available (for example, by speaking at events, publishing articles or other reports, or posting content on social media).

HOW DO WE USE PERSONAL DATA?
Our primary purposes when collecting personal data from you are to:
verify your identity;
provide our services to clients;
 improve our Site and our products and services, and develop and market new products and services;
respond to enquiries you submit to us;
investigate or resolve requests or disputes;
comply with applicable laws, court orders, other legal processes, or the requirements of any regulatory authority;
perform our contracts with you;
protect our rights, property or safety, or those of third parties, including our other clients and users of the Site;
support the delivery of our services;
carry out recruitment activities; and
otherwise use such data as required or permitted by law.
We set out below in greater detail the specific ways in which we may use your personal data.

Client administration.
We may collect personal data relating to our current and prospective clients in order to respond to their requests, administer client accounts held with us, carry out credit checks (where permitted under applicable law), and verify and process financial transactions for payments made to us.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently.
With whom do we share personal data for this purpose?
We may share such personal data with our third-party providers (such as payment service providers or IT service providers), financial institutions, group companies and affiliates, professional advisers, regulatory bodies or other authorities, or with other third parties, as described in the DATA SHARING section below in connection with this purpose.

Media enquiries and requests for information.
We may collect personal data relating to journalists, client contacts or industry contacts in connection with interview requests, media enquiries or requests for information about Omnicom Public Relations Group. We may also offer individuals the opportunity to subscribe to newsletters or to receive copies of blogs and other information that we make available. When an individual subscribes to receive such information, contact details may be requested in each case, as well as details of other personal data relevant to such requests. This information is used to enable us to respond to individual enquiries or media requests.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently and to provide appropriate information to those who request it.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, media partners or media representatives, third-party providers (such as IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Market research and focus groups.
As part of the services we provide to our clients, we may collect an individual’s contact details, communications, health data, opinion data, age range, nationality, image and educational background for the purpose of conducting market research through focus groups, interviews and user testing. We may do so on behalf of our clients or on our own behalf.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently. Where we process special categories of data collected directly from an individual for this purpose, we do so only with that individual’s explicit consent. Where we obtain such information from publicly accessible sources, we rely on the fact that the individual has manifestly made such information public. Please note that where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, market research partners or agents, third-party providers (for example our IT service provider), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Media monitoring.
As part of the services we provide to our clients, we may monitor websites (including social media sites) and collect information about individuals on such sites, either directly or through a social media monitoring service provider, including opinions regarding how a particular client campaign or client offering has been received, or on topics more generally relating to our client.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our partners, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Campaign reporting.
As part of the services we provide to our clients, we may collect information about individuals through third-party providers, directly from the individual, or via social media or other media, such as their contact details and opinions regarding how a particular client campaign has been received or other feedback concerning a client campaign or offering.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently and to provide our clients with insight into the performance of a campaign or client offering. Please note that where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our partners or agents, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Surveys and polls.
We may collect personal data from individuals through surveys or polls in order to obtain feedback on our products and services, or those of our clients. Participation in such surveys is voluntary and individuals have the option to decide whether or not to disclose personal data. Certain personal data, such as contact details, may be required to register to vote or to participate in a survey. We will use this information solely to communicate the results of the survey or poll.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to provide the services requested by our clients efficiently and to understand how our clients and their products are received in the market. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our survey partners or agents, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Promotions.
We may organize promotions, competitions or giveaways on our own behalf (or on behalf of our clients), which may require registration to participate in such activities. We collect personal data from individuals in order to administer the promotion, competition or giveaway and to award prizes or send notifications. Participation in these activities and the provision of personal data are voluntary.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process personal data in this manner in order to enable individuals to participate in the promotion, competition or giveaway, or to do so in order to perform an obligation owed to the individual. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, third-party providers (such as our IT service providers), competition partners, professional advisers, regulatory bodies or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Industry information.
We collect and maintain databases containing information about journalists, talent, social media influencers, social media users and other professionals in the public relations, news or media sectors, collected by us or by our approved third-party media analytics service providers. Such information may include an individual’s name, professional contact details, professional interests and affiliations. This information may be voluntarily provided to us by such individuals via our Site or in other circumstances (such as public events), or may consist of publicly available information or information available in third-party databases or via third-party content platforms (including social media platforms).
In addition, we may collect and/or review other publicly available news reports and journalistic content, including content made available through public news websites and social media sites, in order to understand what is being said about us and our clients. We use this information to provide our services to our clients, including to ensure that we and our clients are aware of public opinion in any given area and are fully informed when dealing with the press. We may also use this information to contact such individuals to discuss our clients’ goods and services. We may further use this information for our own internal administrative and promotional purposes.

Our legal basis for processing
It is in our legitimate interests (or those of our client) to process personal data in this manner in order to provide the services requested by our clients efficiently. Where the personal data collected constitutes special categories of personal data, we rely on the fact that such personal data has manifestly been made public by the individual in order to process it. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Social Networks.
We may collect or process personal data of individuals who interact with us via social media (including by visiting our social media pages or communicating with us through social media). We may also operate our clients’ social media pages, accounts or channels on their behalf.
Our legal basis for processing
It is in our legitimate interests to process personal data in this manner in order to market our services and interact with the public. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Interactive areas and fan pages.
We may offer interactive areas, such as discussion platforms, fan pages, chats or other forums or closed communities. Participation in these areas by users is voluntary. We may provide these interactive areas (including fan pages) in collaboration with third parties such as Facebook or other social media platforms. Although we discourage individuals from submitting information that could personally identify them when contributing to these areas, we may nonetheless process their personal data in connection with such interactive areas.
Our legal basis for processing
To the extent that we process personal data for this purpose, it is in our legitimate interests to do so in order to help us understand industry issues, share content and, more generally, provide services to our clients and users. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our partners or agents (such as Facebook), third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Events.
From time to time, we may organize and host functions and other industry events to promote our services or on behalf of clients. For this purpose, we may process the names and contact details of individuals (including email address, postal address and telephone number) in order to communicate with them about such events where they have specifically requested information about those events or where we otherwise have a lawful basis for sending such information.
If you attend one of our events, we may use your personal data to record your attendance and for record-keeping purposes and, where applicable, we may collect and process information regarding your dietary requirements or any other requirements. We may also use photographs taken at our events, and such photographs may appear in publications that we send to our clients and/or publish on our Site, in print or on other media.
Our legal basis for processing
It is necessary for us to use personal data in this manner in order to perform our obligations under any contract we may have with the individual, or it is in our legitimate interests or those of our client to use personal data in this way in order to provide our services efficiently.
If we specifically request your permission to use your photographs, quotations, testimonials or other content, our processing of such personal data will be based on your consent.
Where we organize events solely at the specific request of our clients, we do so in our capacity as our client’s data processor and therefore do not require a legal basis to process the personal data.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our event and ticketing partners or agents, third-party providers (such as our IT service providers), professional advisers, event organizers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Insights and analytics.
We may analyze individuals’ contact details together with other personal data we observe about them based on their interactions with our Site, our electronic communications and/or our services.
We may use log files and other tracking technologies to collect personal data from the hardware and software used to access the Site, or from mobile devices. This may include an IP address in order to monitor site traffic and volume.
This information is used to generate insights into the browsing habits of visitors to our Site.
Using this information, we can measure the effectiveness of our content and how visitors use our Site and services. This enables us to understand which pages of our Site are most appealing to visitors, which parts of the Site are of greatest interest, and the features our visitors value.
We also use this information for marketing purposes (see the MARKETING COMMUNICATIONS section below for further information).
Our legal basis for processing
We will use non-essential tracking technologies on devices only with the user’s consent. It is in our legitimate interests to process personal data collected through tracking technologies in order to improve our services and tailor our marketing communications.
With whom do we share personal data for this purpose?
We may share such personal data with group companies and affiliates, third-party providers (such as our analytics service providers or other IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Communications marketing.
We may carry out marketing activities using an individual’s personal data. In particular, we may use personal data to form a view on what the individual may want, need or be interested in. We may use this information to provide individuals with marketing information about our products and services that we believe may be of interest to them. We may also provide individuals with information about media or public relations events.
Our legal basis for processing
We rely on our legitimate interests to process personal data in this manner for marketing purposes (unless consent is required under applicable local law, in which case we will obtain such consent). Where the individual is a consumer, we will send electronic marketing communications or event invitations only with that individual’s consent.
We also provide individuals with opt-out choices regarding the use of their personal data, particularly in relation to marketing and advertising. To learn how you can opt out of marketing communications, please refer to the section entitled RIGHT TO OBJECT AND UNSOLICITED COMMUNICATIONS.
Please note that if a third party asks us to share personal data so that it may send electronic marketing communications to specific individuals, we will obtain the consent of the individuals concerned before sharing the personal data for that purpose.
With whom do we share personal data for this purpose?
We may share your personal data with group companies and affiliates, promotional agents, third-party providers (such as our IT service providers), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Talent databases
As part of the services we provide to clients, we manage talent databases containing individuals’ contact details, biographies, dietary requirements and personal preferences, which we may use for a particular campaign. We use this information in order to select talent for a specific campaign and to work with such talent. We may obtain this information directly from the individual or via third-party recruiters or agents, or from publicly available sources.
Our legal basis for processing
It is in our legitimate interests (and those of our clients) to process talents’ personal data in this manner in order to provide our services. Where we process special categories of data collected directly from you for this purpose, we do so only with your explicit consent. Where we obtain such information from publicly accessible sources, we rely on the fact that the individual has manifestly made such information public. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, recruitment partners or agents, third-party providers (such as our IT service providers and production companies), professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Receipt of services.
If we have engaged an organization to provide us or our client with products or services (for example, IT support or financial advice), we will collect and process your personal data where you are a contact within that organization in order to manage our relationship, or that of our client, with the organization, to receive products and services from the organization and, where applicable, to provide our services to third parties, including our clients.
Our legal basis for processing
It is necessary for us to use personal data in this manner in order to perform our obligations under any contract we may have with the organization, or it is in our legitimate interests to use personal data in this way to work effectively with the organization and to be able to provide our services to third parties efficiently. Where we carry out such processing on behalf of our clients in our capacity as a processor, we do not require a legal basis for that processing.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, our partners and agents, third-party providers, professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Recruitment
If individuals apply to us or otherwise express an interest in a position with us, we will collect the individual’s contact details and CV or CV information. We use this personal data for the following purposes: (a) to assess the individual’s suitability for the position for which they have applied (or for future positions for which we believe the individual may be suitable), including permanent positions, freelance roles, summer jobs or internships, as well as any support or service roles, whether such application is received online, by email, by post or in person; (b) to take all steps necessary to enter into an employment (or other) contract with the individual; (c) to comply with any regulatory or legal obligation relating to such application; and (d) to monitor our equal opportunities profile in accordance with applicable law. We do not discriminate on the basis of sex, race, ethnic origin, age, religion, sexual orientation, disability or any other ground protected by applicable law. For further information, please refer to our Recruitment policy.

 
Our legal basis for processing
Where we use personal data in connection with recruitment and talent management, such processing is necessary for entering into a contract, or is in our legitimate interests to use personal data in this manner in order to make the best recruitment and talent management decisions for Omnicom Public Relations Group, or is required for us to comply with a legal obligation to which we are subject. We will not process any special categories of data unless we are permitted to do so under applicable law or with the individual’s explicit consent.
With whom do we share personal data for this purpose?
We may share such personal data with group companies and affiliates, third-party providers, professional advisers or other third parties, as described in the DATA SHARING section below in connection with this purpose.
Visits to our premises
If an individual visits one of our premises, we may collect their contact details as part of our registration process. We may also capture their image through our CCTV surveillance system.
Our legal basis for processing
It is in our legitimate interests to process personal data in this manner for security purposes.
With whom do we share personal data for this purpose?
We may share such personal data with our clients, group companies and affiliates, recruitment partners or agents, third-party providers (such as our IT service providers), advisers, authorities or other third parties, as described in the DATA SHARING section below in connection with this purpose.

Business management and compliance with laws.
We may use an individual’s personal data for the following business management and legal compliance purposes:
to facilitate the efficient operation or management of our group of companies;
to comply with our legal obligations (including any security/cybersecurity obligations);
to assert or protect our rights;
to handle complaints;
to protect the rights of third parties (including where a person’s health or safety is threatened (e.g., a fire)); and
in connection with a business transfer or assignment, such as a merger, reorganization, acquisition by another company, or the sale of all or part of our assets.
Our legal basis for processing
Where we use personal data in connection with a business transfer or group management, to assert our rights or to protect the rights of third parties, it is in our legitimate interests to do so. For all other purposes described in this section, we rely on our obligation to comply with the law, such as a court order, to process such personal data.
We will not process any special categories of personal data (or sensitive data) or personal data relating to criminal convictions or offences unless we are permitted to do so under applicable law or with the individual’s explicit consent where permitted by law.
 
With whom do we share personal data for this purpose?
We may share personal data with our clients, group companies and affiliates, our agents and partners, third-party providers or professional advisers, emergency service providers, authorities or other regulatory bodies (including tax authorities and social security authorities), or other third parties, as described in the DATA SHARING section below in connection with this purpose.

SHARING OF YOUR PERSONAL DATA
We may share your personal data with any of our group affiliates, or with our agents, partners, clients, processors, professional advisers, or public or regulatory authorities for the following purposes: (a) to provide our services to clients or to receive assistance in processing transactions; (b) to handle information requests, receive and send communications, update marketing lists, and perform data analysis; (c) to provide IT and other support services; (d) to facilitate the efficient operation and management of our group of companies; (e) to comply with a legal obligation or in connection with a legal claim or dispute, or otherwise to protect our rights; and (f) to assist with other matters related to the performance of our activities from time to time. Our agents, partners and processors will use your personal data only to the extent necessary to perform their functions. For more information on how we may share your personal data in connection with a particular use case, please refer to the relevant use case above.
We will not sell your personal data to other companies and will not share it with other companies for their own use without your consent, except in the circumstances listed above or in connection with the sale or merger of Omnicom Public Relations Group or of the division or office responsible for the services.
Please note that the categories of third parties with whom we share your data listed above are not exhaustive, and in certain circumstances we may need to share personal data with other third parties in order to operate our Site and provide our services. We will inform you of any other circumstances in which we share your information on a case-by-case basis.
OBTAINING YOUR CONSENT
Where our use of your personal data requires your consent, you may provide such consent:
at the time we collect your personal data by following the instructions provided; or
by informing us by email, post or telephone using the contact details set out in this Policy.
Please note that if you specifically consent to additional uses of your personal data, we may use your personal data in accordance with that consent.
TRANSFERS OF PERSONAL DATA OUTSIDE THE EEA
We may transfer personal data outside the EEA to certain categories of third parties (listed above in HOW DO WE USE PERSONAL DATA?), and in particular to: (1) our headquarters in New York, New York, United States (“United States”); (2) our various offices in the United States and elsewhere around the world; and (3) our affiliated entities in the United States or in other locations worldwide.
In particular, when transferring your personal data outside the EEA, we will ensure that, where required by applicable law, at least one of the following safeguards is implemented: (1) we will transfer your personal data only to countries that have been deemed by the European Commission to provide an adequate level of protection for personal data; or (2) where applicable, we will use specific contracts approved by the European Commission, such as the “standard contractual clauses,” which provide personal data with the same protection as in Europe.
COMPLIANCE WITH THE EU-U.S. DATA PROTECTION FRAMEWORK (“DPF”)
Please note that Omnicom Public Relations Group US complies with the principles of the EU-U.S. Data Privacy Framework (“Data Privacy Framework” or “DPF”), as set forth by the U.S. Department of Commerce. Omnicom Public Relations Group US has certified to the U.S. Department of Commerce that it adheres to the DPF Principles. In the event of any conflict between the terms of this Policy and the DPF Principles, the DPF Principles shall prevail. For more information about the DPF program and to view our certification, please visit https://www.dataprivacyframework.gov/.
Omnicom Public Relations Group US also maintains a separate global data protection policy describing our compliance with the Data Privacy Framework Principles regarding data transferred from the EU to the United States. This global data protection policy is available at: https://www.omc.com/
 
CONFIDENTIALITY AND SECURITY OF YOUR PERSONAL DATA
We are committed to maintaining the security of the personal data you provide to us and will take reasonable precautions to protect your personal data against any loss, misuse or alteration.
To ensure protection against unauthorized access to personal data by third parties outside our organization, all electronic personal data we hold is stored on systems protected by up-to-date secure network architectures that include firewalls and intrusion detection devices. Data recorded on servers is subject to backup procedures (i.e., data is recorded on separate media) in order to avoid the consequences of any accidental deletion, destruction or loss. The servers are stored in facilities offering a high level of security, access to which is restricted to authorized personnel only, and equipped with fire detection and response systems. The location of these servers is known only to a limited number of our employees.
We have implemented information security policies, rules and technical measures to protect personal data under our control against:
unauthorized access;
improper use or disclosure;
unauthorized modification; and
unlawful destruction or accidental loss.
All our employees and processors (i.e., those who process your personal data on our behalf for the purposes listed above) who have access to, and are associated with the processing of, personal data are required to respect the confidentiality of the personal data of all users of our services.
Information relating to applications is encrypted and transmitted securely. You can verify this by looking for a closed lock icon at the bottom of your web browser or by ensuring that “https” appears at the beginning of the URL. Only employees or third parties who need the information to process a specific request are granted access to personally identifiable information.

YOUR DATA PROTECTION RIGHTS
You have the following rights in relation to the personal data concerning you that we hold, in certain circumstances:
To obtain confirmation that we process personal data concerning you, to access such data and obtain copies of the information, as well as information about the processing we carry out. Where we rely on our legitimate interests as the legal basis for processing personal data, you may request information about the balancing of our interests with yours.
To request that your personal data be rectified or erased, as appropriate.
If the personal data we hold about you is inaccurate or incomplete, you may request that it be amended. However, please note that it is each individual’s responsibility to provide us with accurate personal data and to inform us of any changes (e.g., a new home address or a change of name).
To request the deletion of your personal data, where appropriate.
If you demonstrate that the purpose for which the personal data is processed is no longer lawful or appropriate, the data will be deleted unless we can demonstrate that we are required to retain the personal data under applicable law or otherwise.
If we have shared your personal data with third parties, we will inform them of the deletion where possible. If you request, and where it is possible and lawful for us to do so, we will also inform you with whom we have shared your personal data so that you may contact them directly.
To request that we restrict the processing of your personal data in certain circumstances, for example where you contest the accuracy of the personal data, pending our investigation of the issue.
This will not prevent us from storing your personal data.
We will inform you before lifting any restriction.
If we have shared your personal data with third parties, we will inform them of the restriction, where possible.
If you request, and where it is possible and lawful for us to do so, we will also inform you with whom we have shared your personal data so that you may contact them directly.
Where processing is based on your consent, to receive your personal data in a commonly used electronic format, or to request that we transfer your personal data in that format to another provider, where your request relates to personal data you have provided directly to us and where technically feasible.
To object to the processing of your personal data where we rely on our legitimate interests or those of a third party to do so, or for direct marketing purposes.
To withdraw your consent at any time where processing is based on your consent.
In France, to provide us with instructions regarding the use of your personal data after your death.
To lodge a complaint with the data protection authority.
Data subjects may exercise these rights verbally or in writing using our contact details provided in the section below entitled CONTACT DETAILS. We will endeavor to respond to your requests promptly. Where you request a copy of your personal data, we are generally required by law to respond within one month of such request. If your request is refused or the response time extended, we will inform you of the reasons for the refusal or delay.
Please note that in order for you to exercise these rights, we may need to verify your identity to confirm your right of access to your personal data. This is a security measure to ensure that personal data is not disclosed to a person who has no right to receive it. In order to verify your identity, we may need to collect additional personal data beyond what we already hold.

RIGHT TO OBJECT AND UNSOLICITED COMMUNICATIONS
To opt out of any future promotional or marketing communications or any other commercial communications from us, you should send us a request using the contact details set out in the CONTACT DETAILS section.

ENFORCEMENT RIGHTS AND MECHANISMS
We will ensure that this Policy is complied with and properly implemented. Violations of applicable data protection laws in the EEA may result in penalties and/or claims for damages.
If at any time you believe that your personal data has been processed in breach of this Policy, or if you have any questions or complaints regarding the use or restriction of use of your personal data, you may contact the appropriate persons listed in the CONTACT DETAILS section.
If your complaint cannot be resolved through our internal procedures, we will cooperate with the alternative dispute resolution provider JAMS (Judicial Arbitration and Mediation Services) in accordance with the JAMS International Mediation Rules, available on the JAMS website at: https://www.jamsadr.com/dpf-dispute-resolution.
JAMS mediation may be initiated in accordance with the applicable JAMS rules. The mediator may propose any appropriate remedial measures, such as the deletion of certain personal information, public disclosure of findings of non-compliance, payment of compensation for losses suffered as a result of non-compliance, or cessation of the processing of the personal information of the complaining individual. The individual may also submit the matter to the U.S. Federal Trade Commission, which has investigative and enforcement powers in relation to the Data Privacy Framework with respect to us. In certain circumstances, individuals may also invoke binding arbitration to address complaints concerning our compliance with the Data Privacy Framework Principles.
In addition to the above and in certain circumstances, individuals may invoke binding arbitration for complaints that have not been resolved by the other Data Privacy Framework mechanisms. For further information, see Annex 1 of the Data Privacy Framework: https://privacyshielddev.blob.core.windows.net/publicsiteassets/Full%20Text_EU-U.S.%20DPF.pdf.
We are also subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission or any other authorized U.S. statutory body.

THIRD-PARTY LINKS AND SERVICES
This Site contains links to third-party websites and services. Please note that when you use a link on our Site to access another website or request a service from a third party, this Policy no longer applies to such third-party websites and service providers, unless we act as joint controllers with the relevant third party in relation to your personal data.
Your browsing and interaction on other websites, or your transactions with any other third-party service provider, are subject to the rules and policies of that website or third-party service provider. We do not supervise, control or endorse the privacy practices of third parties.
This Site may incorporate services related to social networks. You understand that we do not control these services and that we are not responsible for the way in which they operate. Although we may provide you with the opportunity to use such services in connection with our Site, we do so as a convenience and, like you, we rely on those third-party services to function properly and fairly.
HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We retain personal data only for as long as necessary for the purposes described in this Policy, after which it is deleted from our systems.
With respect to personal data processed in connection with the provision of our services to clients, we may retain relevant personal data for a period of up to six (6) years from the date of the services and in accordance with our obligations under the GDPR (or similar legislation worldwide). We may thereafter destroy such files without further notice and without incurring any additional liability.
With respect to other personal data that we process, we generally retain relevant personal data for a period of up to three (3) years from the date of our last interaction with the individual and in accordance with our obligations under the GDPR (or similar legislation worldwide), although we may retain it for longer where we have a valid reason to do so.
Where personal data is useful only for a short period (e.g., for a specific event, marketing campaign, or in connection with recruitment), we will delete it at the end of that period. Please note that if you are an unsuccessful applicant, we may retain your information for a short period. Certain personal data may nevertheless be archived for the duration of applicable limitation periods (but will be removed from active databases).
If you have opted out of receiving marketing communications from us, we will need to retain certain personal data on a suppression list in order to ensure that you do not receive further marketing communications in the future.

CHANGES TO THE POLICY
We reserve the right to amend this Policy as necessary, for example to reflect changes in laws, regulations, or requirements introduced by supervisory authorities. Any changes must be approved by our privacy representatives, the company legal department, or their designated persons, who will seek such input from company management as they reasonably deem appropriate before the amended Policy enters into force. If we make changes to the Policy, the amended Policy will be resubmitted for approval in accordance with the relevant applicable legal provisions. We will notify data subjects of any material changes to the Policy. We will publish all amendments to the Policy on the relevant internal and external websites.
In implementing this Policy, any personal data protection policies shall, in the event of a conflict, be superseded by the provisions of this Policy. No other internal policy conflicting with this Policy shall apply with respect to the protection of personal data we manage within the EU. We encourage you to review this Policy regularly in order to remain informed about how we use your personal data.

CONTACT DETAILS
For any questions or concerns regarding this Policy, to raise questions or express concerns about our collection, management and processing of personal data, or to exercise your rights, you may contact us by:
sending an email to: [email protected]
writing to: 73-75 Rue La Condamine, 75017 Paris, France.