Privacy Policy
Our philosophy and commitments
ESP Groupe is committed to protecting your personal data and is committed to ensuring a high level of protection for your personal data in accordance with the European Regulation 2016/679 and the French Data Protection Act n°78-17.
As such, you will find below our personal data protection policy explaining in particular what personal data we collect, how it is processed and on what basis, how it is stored and your personal rights. We invite you to read it.
Our Personal Data Protection Officer is at your disposal to answer any questions you may have. You can contact him at the following address:
You can find the text of the applicable European Regulation here: https://eur-lex.europa.eu/legal-content/FR/TXT/?uri=CELEX%3A32016R0679 or contact the regulatory authority (CNIL) via its website www.cnil.fr.
This version of the personal data policy may be modified by us from time to time, and you will be informed accordingly.
Your data controller
ESP Groupe is responsible for processing your personal data. You will find its contact details below:
6 rue Jean-Pierre Timbaud
78180 Montigny-le-Bretonneux, France
It is referred to herein by its name or “We”.
Your personal data and its collection by ESP Groupe
Your personal data may be collected during :
- your visit to our site,
- our exchanges,
- our prospecting activities,
- the formation or execution of our contracts.
We do not collect any data that is not necessary for the purpose of processing mentioned at the time of collection, or data prohibited by law or regulation.
The collection of certain data may be mandatory or optional, and you will be informed of which information is mandatory. Your personal data may be collected by third-party service providers or partners, who undertake to comply with European and national regulations on personal data.
Our policy is not to transfer your data outside the European Union; if by exception we do so, such transfer may only take place to a country or organization covered by an adequacy decision (art.45 RGPD) or presenting appropriate sufficient guarantees (art.46 RGPD).
We do not make any automated decisions.
We may potentially collect the following personal data:
- Civil status, identity, contact details, images
- Personal economic and financial data
- Connection data
- Internet & telephony
- Professional data
How we process your personal data
We process your personal data by entering it in our databases; it is stored, kept and, where necessary, rectified, deleted, archived, anonymized or pseudonymized, or transferred to trusted third parties.
We may process your personal data for the following purposes, or for purposes specified to you at the time of collection:
Your information on our commercial offers (products, services…) and promotions
- Communicating with you
We may use your personal data for commercial prospecting purposes, and in particular to send you information on our products/services, commercial and promotional offers, quotations and other pre-contractual documents, and news by e-mail, post or telephone.
Fulfillment of current contracts and customer care
We use your personal data to carry out current contracts in accordance with your requests. We may also send you information about your order or your current contracts, their execution, your invoices and contractual documents, advice, the execution of our guarantees where applicable and our legal obligations. We also use your personal data to manage our customer relations, your requests or complaints, any disputes and to keep track of your customer history.
Improving the use of our services and enhancing our offers
We process your personal data to enable you to make optimal use of our services, to improve our offers and products/services, and to track your user experience, conduct satisfaction surveys, polls and anonymous statistics.
Your payments
Your bank details may be collected either directly by us or by a selected, dedicated service provider, who guarantees the complete confidentiality of your bank details. These details are only kept for the time required to complete the contractual relationship or within the legal limits.
Protection against fraudulent initiatives
The personal data collected may be used to combat fraud, particularly in connection with payments or direct debits. In this respect, our payment security service providers may receive this data.
Ensure compliance with the law and court rulings
Your Data may be used to:
- respond to a request from an administrative or judicial authority, a representative of the law, a court officer or comply with a court order;
- ensure compliance with our general terms and conditions of sale/service;
- protect our rights and/or obtain compensation for any damage we may suffer, or limit the consequences thereof;
- to prevent any action contrary to the laws in force, particularly in the context of fraud prevention.
We may also process your personal data for the following purposes:
No other purpose
Basis for processing your personal data
In accordance with the law, the processing of your personal data by us is based on one of the following grounds:
- Your consent to the processing of your data by us: you agree to the processing of your personal data by express consent. You may withdraw this consent at any time by contacting our DPO; or
- The existence of a contract between you and us: the processing of data is justified by the need to perform the contract; or
- Our legitimate interest in processing your personal data, provided that this proportionate interest respects your fundamental rights and privacy; or
- Applicable laws and regulations, where these require us to process and store your personal data.
How we store your personal data and for how long
We manage your personal data in three phases:
- an active phase, during which data is stored for the time indicated below in an “active” database: your personal data is then accessible only to those persons who have an operational need to access it in order to carry out authorized processing operations
- an archiving phase (for an additional period of time) when justified by a legitimate reason: your personal data is then archived with restricted access and for a limited period of time.
- A deletion or anonymization phase: at the end of the additional archiving period, your personal data is deleted or anonymized (so that it can no longer be used to identify you).
Your personal data is kept for the time required to process it, to maintain our customer relations where applicable and to execute contracts, and within the limits specifically laid down by regulations. We may keep your personal data for archiving purposes in order to keep accounting, tax or evidential documents for as long as required by applicable regulations. By way of example, we indicate below the retention periods applying to the following processing operations (subject to regulations imposing a different retention period)
different retention periods):
Withdrawal of your consent to the collection or processing of your personal data
Your consent to the collection of your personal data may be withdrawn by writing to our DPO by e-mail or post to the addresses given at the top of this page, stating your surname, first name, e-mail address and address, together with the precise nature and purpose of your request for withdrawal.
You can also send us any comments about your personal data to:
ESP Groupe
6 rue Jean-Pierre Timbaud
78180 Montigny-le-Bretonneux
Exercising your rights regarding your personal data
You have :
- A right of access, which enables you to obtain:
- Confirmation as to whether or not data concerning you is being processed;
- a copy of all personal data held by the data controller.
- A right to request the portability of certain data: this allows you to recover your personal data in a structured, commonly used and machine-readable format.
- A right of opposition: this allows you to opt out of any further commercial prospecting by us or our partners, or, for reasons relating to your particular situation, to stop the processing of your data for the purposes of research and development, the fight against fraud prevention.
- A right of rectification: this allows you to rectify any information concerning you that is obsolete or erroneous. You also have the right to have incomplete information completed.
- A right to erasure: this enables you to have your personal data erased, subject to the legal retention periods. This right may apply in particular if your data is no longer required for processing.
- A right of limitation: This allows you to limit the processing of your data in the following cases:
- In the event of unlawful use of your data;
- If you dispute the accuracy of your data;
- If you need the data to establish, exercise or defend your rights.
They will no longer be actively processed, and cannot be modified for the duration of the exercise of this right. A right to human intervention: data controllers may use automated decision-making to underwrite or manage your contract. In this case, you can ask the Data Protection Officer what criteria were used to make the decision. You can exercise these rights by e-mail: or by letter to the following address: 6 rue Jean-Pierre Timbaud 78180 Montigny-le-Bretonneux, stating your surname, first name, address and e-mail address (if applicable, your customer references) and the subject of your request in clear, legible terms. ESP Groupe will respond to your verified request within one month of receipt. In the event of difficulty, you can contact our Data Protection Officer directly by e-mail: or refer the matter to the Commission Nationale de l’Informatique et des Libertés (CNIL).
Our subcontractors and partners
ESP Groupe may transmit your personal data to subcontractors carrying out services involving the processing of your data and in compliance with the purposes set out herein; these subcontractors must confer on your personal data the same level of confidentiality as ESP Groupe and have undertaken to comply fully with the regulations on personal data, in particular with the RGPD.
We do not trade in your personal data; if you would like to know more and specifically the identity of the service providers or partners to whom your personal data has been transmitted, you can contact our DPO at the following address: Service providers or partners likely to have access to your personal data may include:
- service providers likely to manage outsourced services for the execution of our services and contracts;
- service providers helping us to improve our services, carry out data analysis and optimize our offers, conduct surveys and statistics;
- auditors, chartered accountants, consultants, lawyers, audit firms, IT and outsourcing service providers, security service providers;
- investors and buyers.
We may also transmit your personal data to French authorities, administrations and jurisdictions, in particular in the context of legal proceedings or formalities
legal formalities requiring such communication.
Cookie policy
What is a cookie?
A cookie is a file deposited on your terminal (e.g. computer, tablet) by ESP security when you use the website and depending on your browser. For the duration of its storage, this file will identify your computer the next time you visit the site, enabling us to store your visit and browsing data.
ESP Groupe may use various systems to collect personal data, in particular by means of cookies on our website, for which your consent is requested; the following cookies are potentially concerned: ESP Groupe may also issue third-party cookies enabling the sharing of content on our site with third parties or tools for expressing your appreciation (e.g. “Like”, from social networks). You are then potentially identified by the social network, which may track your browsing. It is your responsibility to inform yourself of the social network’s confidentiality and cookie management policy, as our company does not use these tools.
Cookies are subject to your acceptance on our website during your first visit. The period of validity of consent to the deposit of cookies and tracers is a maximum of 13 months, starting from their first deposit in your terminal following the expression of your consent.
You can manage your acceptance or refusal of cookies directly from your browser settings. You can either accept all cookies, be notified when a cookie is placed, or refuse all cookies. If you refuse all or part of the cookies, certain functions of the Site may be compromised or certain pages inaccessible.
To disable cookies :
If you’re using Internet Explorer 8 and higher:
- Go to “Tools” in the menu bar and click on “Internet Options”.
- Click on the “Privacy” tab at the top
- Drag the slider up to the “Block all cookies” setting to block all cookies, or down to the “Accept all cookies” setting to accept all cookies.
For further information, visit https://windows.microsoft.com/fr-fr/internet-explorer/delete- manage-cookies
If you are using Firefox 30.0 and higher:
- Click on the “menu” button and select “Options”.
- Select the “Privacy” panel.
- In the History area, for the “Retention rules” option, select “Use custom settings for history”.
- Check the “Accept cookies” box to enable cookies, or uncheck it to disable them.
If you have problems with cookies, make sure that the “Accept third-party cookies” option is not set to Never. - Choose how long cookies can be stored.
- Keep them until : “Their expiration”: Each cookie will be deleted on its expiration date, a date set by the cookie-issuing site.
- Keep them until : “Closing Firefox”: cookies stored on your computer will be deleted when you close Firefox.
- Keep them until : “Ask me every time”: a warning is displayed every time a website wishes to send a cookie, asking you whether you agree to save the cookie or not.
- Click OK to close the “Options” window.
For further information, visit https://support.mozilla.org/fr/products/firefox/privacy-and-security/cookies
If you use Google Chrome:
- Go to the “Tools” menu
- Click on “Settings
- Click on “Advanced settings
- Click on “Privacy/Content settings”.
- “Cookies” must be selected. Then select “Block cookies and data from third-party sites”.
For further information, visit https://support.google.com/chrome/answer/95647?hl=fr
If you’re using Safari 5.0 or later:
- Choose Safari > Preferences and click on “Security”.
- In the “Accept cookies” section, specify whether and when Safari should accept cookies from web sites. To see an explanation of the options, click on the help button (looks like a question mark). If you’ve set Safari to block cookies, you may need to temporarily accept cookies to open a page. Repeat the above steps, selecting “Always”. When you’re finished with the page, disable cookies again and delete the cookies from the page.
For further information, visit http://support.apple.com/kb/ht1677?viewlocale=fr_FR. If you have a different browser type or version, please consult your browser’s “Help” menu.