Personal Data Protection Policy

The John Cockerill Group (“John Cockerill”), to which ARQUUS belongs, undertakes to strictly comply with applicable data protection regulations, in particular European Regulation 2016/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data (“GDPR”).

In this respect, ARQUUS attaches particular importance to the protection of the personal data of all third parties with whom ARQUUS is in contact (employees, consultants, customers, suppliers, partners, websites and social media visitors).

The purpose of this Personal Data Protection Policy is to explain clearly and simply the processing of personal data that ARQUUS may carry out.

This Data Protection Policy is updated regularly. ARQUUS reserves the right to modify this policy, if necessary, in order to comply with regulatory changes.

You are invited to consult the ARQUUS website regularly to view the latest version in force.

This Policy applies to all activities of ARQUUS unless a specific document provides otherwise or expressly replaces this Policy.

With regard to the processing of your personal data as a visitor to the website and as a visitor to the ARQUUS social media pages, the data controller is: ARQUUS, a French incorporated company, having a share capital of 28.016.640 euros whose registered office is at 15 bis allée des Marronniers – Camp de Satory – 78000 Versailles – France, registered at the Trade and Company Register of Versailles under n° 662 043 405,

WHAT PERSONAL DATA IS COLLECTED?

Personal data refers to any information relating to an identified or identifiable natural person. A person is considered identifiable when they can be recognized, directly or indirectly, by means of an identifier (such as a name, number, or address) or by one or more specific elements related to their physical, physiological, mental, economic, cultural, or social identity.

In the course of our activities, we collect the following categories of personal data:

• Identification and contact details: Last name, first name, address, phone number, email address, data relating to your professional status, etc.
• Computer data: Browsing data relating to the collection of cookies and logs. For more information, see the Cookie Policy.

HOW DO WE USE YOUR COLLECTED PERSONAL DATA?

ARQUUS may process your personal data for the following purposes:

• For the purpose of executing and managing contractual relationships with customers, suppliers, etc.: in particular, placing orders, communicating about them, delivery, invoicing, and any recovery of services. This processing is necessary for the proper execution of the contract between you and ARQUUS. Without this data, ARQUUS cannot properly execute the contract;
• For direct marketing purposes: ARQUUS’ legitimate interest justifies carrying out information or promotion operations for its services (which also includes invitations to events);
• For prospecting purposes: if you have consented to the processing of your data by ARQUUS (for example, by communicating your data to ARQUUS);
• For direct marketing purposes, based on your consent. You may withdraw your consent at any time;
• For the purpose of managing the entities of the John Cockerill Group: for the possible creation of a data room justified by ARQUUS and John Cockerill Group's legitimate interest;
• For the purpose of complying with internal regulations and directives, for example for the performance of Due Diligences. This processing is justified by ARQUUS’ legal obligation to ensure the proper management of its activities;
• For the purpose of placing and reading cookies: some cookies are necessary to enable navigation on websites, while others are optional and you are free to accept them or not. For more information, see the Cookie Policy available on the ARQUUS website;
• For the purpose of managing your requests via the contact form available on the ARQUUS website: in order to respond to your question/request, ARQUUS needs to know the information requested. Without this data, ARQUUS cannot respond to you;
• For the purpose of producing statistics: based on its legitimate interest, ARQUUS compiles statistics on the audience and use of its website;
• For the purpose of improving its advertising system through social media;
• For the purpose of managing disputes;
• For the purpose of combating fraud and abuse;
• For any other useful purpose that has been communicated to you;

HOW LONG DO WE KEEP YOUR PERSONAL DATA?

Personal data must only be kept for as long as necessary to fulfill the purposes for which it was collected. ARQUUS undertakes to define specific retention periods for each type of processing, taking into account operational, contractual, and legal requirements.

IS YOUR PERSONAL DATA TRANSFERRED OUTSIDE ARQUUS AND/OR THE JOHN COCKERILL GROUP?

In principle, your data is mainly stored on servers located within the European Union.

In the event of transfer outside the European Union, your data will only be transferred to a country that does not offer an adequate level of protection if the processing of your file requires the sharing of information with professionals located in non-European Union countries.

Similarly, for certain processing activities, we may use subcontractors located outside the European Union.

In such cases, we will of course ensure that the recipients are obliged to comply with the same data protection standards as in the European Union, through appropriate contractual clauses. You can obtain a copy of these guarantees on request.

AS A DATA SUBJECT, WHAT ARE YOUR RIGHTS?

In accordance with the laws and regulations in force regarding the protection of personal data, you have the following rights:

Information – This right is exercised through this document. If the data processed includes your employees' data, you are responsible for ensuring that they are made aware of this document. Access and rectification – You have the right to access your data and have it rectified if necessary.

Objection – You may object to the processing of your data that we carry out, subject to legal provisions.

Withdraw your consent – When data is processed with your consent, you may withdraw this consent at any time, without affecting past processing.

Erasure and restriction– You may obtain the erasure of your data or the restriction of their processing under the conditions set out in Articles 17 and 18 of the GDPR.

Portability – The data you have provided to us can be sent to you in electronic format.

If you have any questions regarding the exercise of your rights, you may contact the Data Protection Officer (DPO) at the following address: dpo@arquus-defense.com. Your questions will be handled and processed in compliance with the regulations in force.

If you would like further information, you can contact the Data Protection Authority in your country: 

https://www.edpb.europa.eu/about-edpb/about-edpb/members_en

HOW DO WE PROTECT YOUR PERSONAL DATA?

Within ARQUUS and the John Cockerill Group, the security and confidentiality of personal data are at the heart of our commitments. We implement appropriate technical and organizational measures to ensure that data is protected against unauthorized access, loss, alteration, or disclosure.

To this end, strict internal procedures have been established. These measures include, in particular, the encryption of sensitive data, strict management of access rights, the securing of IT systems, and regular audits of our practices.

All our employees are made aware of and trained in best practices in data protection, so that all processing is protected in a reliable manner and in accordance with the GDPR and applicable local regulations.

To find out more about the Personal Data Protection Policy within the John Cockerill Group, of which ARQUUS is a part, you can visit the following page: https://johncockerill.com/en/privacy/