Business France is the national agency supporting the international development of the French economy, responsible for fostering export growth by French businesses, as well as promoting and facilitating international investment in France.
Business France is also in charge of the welcometofrance.com website, whose purpose is to inform and guide international talents and their families in the main steps to carry out before and during the year of their move in France. A “contact us” section allows to link the users with Business France teams.
In this framework, you will find hereafter the commitments regarding the protection of personal data made by Business France, public institution located 77 Bd Saint Jacques 75014 PARIS, acting as the controller for the processing of personal data referred to in this document.
Notre délégué à la protection des données
- Business France has designated a Data Protection Officerwhose contact details are as follows: firstname.lastname@example.org
The Personal data that we process
- In the context of processing personal data, Business France collects and processes the following data:
- Data allowing your identification and those of your family (partner, dependent child)
- Data linked to your personal, professional and family life
- Economic and financial data concerning your mobility in France/project in France
- Personal data of your family accompanying you in your mobility France
In order to answer to your information query as formulated on the website welcometofrance.com or sent by email to Business France employees
The purposes of our data processing
- We are processing data for the following purposes:
- management of the information requests of foreign investors and talent regarding international mobility in connection with the company, its counsel and, where applicable, the public administrations concerned;
- the historic record of requests and answers provided to users;
- statistical analysis of the navigation on welcometofrance.com as well as the number and type of requests made (activity indicators, piloting).
The legal bases of our data processing
- We implement data processing only if at least one of the following conditions is met:
- your consent to the processing operations has been obtained;
- the existence of our legitimate interest, or that of a third party, which justifies that we implement this processing of personal data;
- the execution of a contract binding us to you requires that we implement this processing of personal data;
The recipients of your data
- The personal data we collect, and those we obtained subsequently, are intended for us in our capacity as controller, that is for Business France corporate services, its offices and international representatives abroad, some of which are located outside of the European Union, and for other stakeholders of the internationalization of the French economy (notably the Regions and the Chambers of Commerce and Industry based in France) and when your request requires it to French administrations.
- We ensure that only authorised persons have access to this data. Our service providers can be recipients of this data to perform the services we entrust to them. Some personal data may be sent to third parties or to legally authorised authorities in order to meet our legal, regulatory or contractual obligations.
- Your personal data can be subject to a convergence, mutualization or a sharing between all Business France entities.
Transfer of your data
- For some of the processing, we can be led to transfer your personal data out of European Union to Business France offices abroad located within the French Embassy and to Business France abroad offices located out of French Embassy in the following countries:
Cameroun, South Africa, Japan, United States (Boston, Detroit, NewYork, San Francisco), Turkey, India, Australia, China (and Taiwan) Switzerland.
- Each of these transfers is governed by legal instruments that comply with the applicable legal framework. Indeed, Switzerland benefits from an adequacy decision, which means that they offer your personal data a level of protection equivalent to the one which is applied on the European Union territory. Transfers made to other countries are covered by the following appropriate safeguards: standard contractual clauses approved by the European Commission.
The duration for which we keep your data
- The periods for which we keep your personal data are proportionate to the purposes for which your data were processed, that is for the longest duration mentioned below:
- one (1) year as from your request
- duration required to process your request
Increased, when applicable, by the legal prescriptions and also to ensure the respect of legal or regulatory requirements compulsory for Business France.
You can exercise your rights, by justifying your identity, by email to email@example.com or by post at the following address:
To the Data Protection Officer
77 Bd Saint Jacques
To do so, you have to clearly indicate your surname and first name, the address you want the reply to be sent and to join the copy of an identity document containing your signature.
As a principle, you can exercise freely all your rights. However, concerning the right of access, Business France may ask for the payment of reasonable fees based on the administrative costs for any copy of data required.
Concerning the right of information, Business France will not have to answer if you have already the information you ask for.
- Business France will inform you whether it cannot answer your request.
- The failure to provide information or modification of data can have consequences in the process of your query related to your global mobility or investment in France. Your request related to your rights will be kept for monitoring purposes.
Your rights are the followings:
A) Your right of information
The present document provides you with information related to the purposes, legal framework, interests, recipients or categories of recipients with whom your personal data were shared, and the possibility of a data transfer to a third country or international organisation.
In addition to this information and with the aim of ensuring fair and transparent processing of your data, the present document provides additional information concerning:
- the period for which your personal data will be kept;
- the existence of the rights which are granted to you and the terms and conditions to exercise them.
If we decide to process data for purposes other than those indicated, all information relating to those new purposes will be communicated to you.
B) Your right of access to and rectification of your data
You have the right to access and rectify your personal data, which you can exercise at the following address: firstname.lastname@example.org
In this respect, you have the confirmation as to whether or not your personal data are being processed and where this is the case, access to your data and the following information:
- the purpose of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipient as well as the international organisations to whom the personal data have been or will be disclosed, in particular recipients in third countries;
- where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
- the right to lodge a complaint with a supervisory authority;
- where the personal data are not collected from the data subjects, any available information s to their source;
- the existence of automated decision-making, including profiling, and in this case, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
You can ask us to, as the case may be, rectify or complete your personal data that are inaccurate, incomplete, equivocal or expired.
C) Your right to erasure of your data
You can ask us to erase your personal data where one of the following grounds applies:
- the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw the consent you have previously given;
- you object to the processing of your personal data and there is no legal reason for such processing;
- the processing of personal data does not comply with the provisions of the applicable legislation and regulations;
- your personal data has been collected in relation to the offer of information society services to children under 16 years of age.
Nevertheless, the exercise of this right will not be possible when the retention of your personal data is necessary for compliance with statutory or regulatory provisions and in particular for example for the establishment, exercise or defence of legal claims.
D) Your right to restriction of processing
You may request restriction of processing of your personal data where one of the following applies:
- the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
- the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims;
- the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
E) Your right to object to data processing
You have the right to object to the processing of personal data concerning you when the processing is based on the legitimate interest of the controller, or is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
Business France does not process anymore the personal data, except if Business France can demonstrate there are legitimate and compelling interests to process prevailing on your interests and rights and liberty, or for the contestation, exercise or defence of legal rights.
E) Your right to data portability
Since the 25th of May 2018, you have the right to portability of your personal data. The data on which this right can be exercised are:
- only your personal data, which excludes anonymised personal data or data that does not concern you;
- declarative personal data and personal data relating to our functioning, as mentioned above;
- personal data which does not adversely affect the rights and freedoms of others such as those protected by trade secrets.
This right is limited to processing based on consent or contract as well as to personal data that you have personally generated.
This right does not include derived or inferred data, which are personal data created by Business France.
G) Your right to withdraw your consent
When the data processing we carry out is based on your consent, you may withdraw it at any time. We will then stop processing your personal data but this will have no impact on the previous transactions to which you have consented.
H) Your right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with the French data protection authority (the Cnil) on the French territory without prejudice to any administrative or judicial remedy.
I) Your right to define post-mortem directives
You can give instructions in relation to the storage, erasure and communication of your personal data after your death to a certified trusted third party in charge of enforcing the wishes of the deceased in compliance with the applicable legal framework.
When you navigate on our website, cookies may be recorded or read on your computer, mobile phone or tablet, subject to your choices.
J-1 – Definition of a cookie
A cookie is a small text file left on your computer, mobile phone or tablet, during a site visit. In your computer, cookies are managed by your internet navigator.
F-2 –The obligation to provide information when depositing cookies
Article 82 of the Data Protection Act modified by Order no. 2018-1125 of December 1, 2018, henceforth requires site administrators and providers of solutions to inform internet users and to collect their consent before the insertion of certain types of cookies or other tracers, whatever terminal is used (computers, smartphones, digital tablets and video games consoles, etc.). Some cookies, judged to be necessary to provide a service expressly requested by the user, do not require prior consent, whereas others are bound by this obligation.
List of different cookies left by our websites are available in the preference management center of our consent management tool: to access it, simply click on the icon at the bottom left of your screen:
J-2 – Accepting or refusing cookies
You can choose at any moment to de-activate these cookies via the preference management center below and/or via the parameters of your navigator by clicking on the icon at the bottom left oy your screen:
Your navigator can also be set up to signal to you that cookies are stored on your computer and to ask you to accept them or not.
- Google Chrome™: https://support.google.com/chrome/answer/95647
- Microsoft Internet Explorer™: https://support.microsoft.com/help/17442/windows-internet-explorer-delete-manage-cookies
- Mozilla Firefox™: https://support.mozilla.org/fr/kb/activer-desactiver-cookies-preferences
- Apple Safari™: https://support.apple.com/kb/PH21411?locale=en_US&viewlocale=fr_FR
- Opera™: http://help.opera.com/Windows/9.20/fr/cookies.html
If you do not want our site to record cookies coming from social networks in your navigator, you can de-activate these cookies by clicking “Edit cookies” above and/or on the following de-activation links, which will record a cookie in your navigator with the sole objective of neutralizing the use of other cookies from the same issuer. De-activating these cookies will therefore prevent all interaction with the social network(s) concerned:
- Facebook: https://www.facebook.com/policies/cookies/
- Twitter: https://support.twitter.com/articles/20169453
- LinkedIn: http://www.linkedin.com/legal/cookie-policy
NB: The inclusion of your different wishes is based on a cookie or several set cookies. If you delete all the cookies concerning our site recorded on your terminal, we will no longer know what consent or refusal you have provided. It will therefore come down to you re-initializing your consent and you will have to refuse the cookie(s) that you do not want to keep. Similarly, if you use another internet navigator, you will have to refuse these cookies, as your choices, just like the cookies to which they are related, depend on your navigator and your terminal (computer, tablet, smartphone, etc.) that you use to consult our site.
J-3 – Our audience measurement cookies
These cookies enable us to measure the audience on our sites (number of visits, number of pages viewed, the activity of visitors on the site and how often they return).
Our cookies are exempt from the need to obtain consent as stated in the CNIL ruling n°2020-091, insofar as they are strictly necessary for the operation of the site.
You can refuse consent for the processing of your personal browsing data below by clicking Here
Please note that if you opt-out, we will no longer be able to measure and improve our sites in an optimal way.
In addition, we carry out more extensive audience measurement once the Internet user has consented to this additional purpose
For more information, please see the section “Data collected automatically via our audience measurement solution”.
Data collected automatically via our audience measurement solution
To measure audience on digital properties, we collect different types of information.
- ID-type information: cookie ID, mobile ID, IP address. After being collected, this data is used for real-time processing in order to generate a visitor ID (hashing is applied on source data) and to calculate geolocation information (which is never more granular than the city- or region-level, depending on the country). The raw data collected is never shown in our interfaces.
- Digital analytics information: data related to Internet users’ navigation:
- the type of browser used
- the number of page views
- the exact navigational path a visitor takes on the site
- the amount of time spent on a page, or the entire site
- shopping cart activity (items placed in cart, abandons, etc.)
- other types of navigational data
Within the framework of the definitions given by Article 4 of the GDPR, we consider that all the data we collect is considered as “personal data” and as such we apply the same attention and the same level of protection to it.