August 2025
Privacy Policy
1. Preamble
The protection of personal data is a priority for 1987, which ensures transparency, security, and lawfulness in the processing of personal data carried out through its website.
Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”) establishes the legal framework for personal data processing in the European Union. This regulation strengthens the rights of data subjects and imposes accountability on all actors processing data: controllers, processors, recipients, etc.
In France, the GDPR is supplemented by Act No. 78-17 of 6 January 1978 (“Data Protection Act”), as amended by Act No. 2018-493 of 20 June 2018 and by Ordinance No. 2018-1125 of 12 December 2018, integrating European law provisions.
The applicable legal framework for personal data protection therefore includes:
the GDPR (General Data Protection Regulation);
the consolidated Data Protection Act;
implementing texts and recommendations of the French Data Protection Authority (CNIL).
In accordance with Article 12 of the GDPR, data subjects must be informed, in a concise, transparent, intelligible, and easily accessible manner, of the conditions under which their data is processed. This policy seeks to meet that requirement.
It specifies:
the types of data collected when browsing the site;
the purposes pursued and the legal bases applicable;
the recipients, retention periods, and users’ rights.
2. Data Collected and Sources
Data processed via the 1987 website originates exclusively from the user’s activity, namely:
information provided directly via the contact form: first name, last name, email address, message content;
technical data automatically generated during browsing: IP address, browser type, operating system, pages visited, date and time, session identifiers;
preferences expressed through the cookie management banner.
3. Purposes of Processing
Data is collected and processed for the following purposes:
Technical operation and security:
To enable access to the site, adapt display to the user’s device, prevent technical malfunctions, detect malicious use, and secure the digital environment.Audience measurement and continuous improvement:
To analyze site traffic (duration of visits, navigation paths, interactions) in order to optimize content, performance, and usability.Management of contact requests/queries addressed to 1987:
To allow any user to contact 1987, record and process their request, and provide an appropriate response.Management of cookies subject to consent:
To record user preferences regarding cookies and activate only third-party services based on consent (e.g., audience measurement tools, external content).
4. Legal Basis for Processing
The processing activities rely on the following legal bases:
- Legitimate interest of 1987:
- to ensure proper functioning and security of the site;
- to prevent misuse;
- to improve user experience.
- Consent of the data subject:
- for the placement of non-essential cookies or use of third-party services;
- for the processing of contact requests or queries addressed to 1987 via the contact means made available on its website.
5. Data Retention
Retention periods are defined in light of legal obligations or, failing that, based on the purposes pursued, in compliance with the principle of minimization.
| Data Type | Retention Period |
|---|---|
| Data from requests or queries addressed to 1987 via contact means made available on its website | 3 years from the last interaction or expression of interest |
| Cookies and trackers subject to consent | 13 months from placement |
| Technical browsing data (logs, IP, etc.) | 1 year from collection |
After these periods, data is either deleted or irreversibly anonymized. In case of litigation, retention may be extended for the duration of the proceedings.
6. Data Recipients
Data is only accessible to duly authorized individuals, on a need-to-know basis.
Recipients may include:
- Internal employees of 1987 responsible for site operation, support, or external communication;
- Technical service providers (hosting, maintenance) acting as processors contractually bound to 1987;
- Judicial or administrative authorities, if required by law or in case of legal requisition.
All recipients are bound by strict confidentiality and appropriate security obligations.
7. Data Security
1987 implements appropriate technical and organizational measures to ensure the security, confidentiality, and integrity of processed data. This includes access controls, encrypted communications, traffic monitoring, and regular audits.
8. Data Transfers Outside the European Union
Data collected via the site is not transferred outside the European Union. Should such a transfer be considered, it would be governed by the appropriate safeguards provided under the GDPR.
9. Data Subject Rights
In accordance with Articles 12 to 22 of the GDPR, data subjects have the following rights:
- Right of access, rectification, and erasure;
- Right to object and restrict processing;
- Right to data portability (where applicable);
- Right to withdraw consent at any time;
- Right to define instructions regarding the fate of their data after death.
To exercise these rights: data.officer@europa-group.com
11. Data Protection Officer (DPO)
1987 has not appointed a dedicated Data Protection Officer for its activities. For any questions regarding the protection of personal data, please contact: data.officer@europa-group.com
12. Complaint to the CNIL
In case of unresolved issues, you may lodge a complaint with the French Data Protection Authority (CNIL):
Commission nationale de l’informatique et des libertés (CNIL)
3 Place de Fontenoy – TSA 80715 – 75334 Paris CEDEX 07
Tel: +33 1 53 73 22 22
www.cnil.fr
13. Policy Updates
This policy may be updated at any time to reflect legal or functional developments. The applicable version is the one published on the site at the date of consultation.
14. Further Information
For any questions regarding this policy or the management of your personal data:
data.officer@europa-group.com
