Aura Impact

Last updated: September 2022

Your privacy is important to Aura Impact. Privacy is a fundamental right and one of our core values.

Purpose of this Privacy Policy

This Privacy Policy governs the way in which Aura Impact as Data Controller processes Personal Data collected (i) in the context of the use of the Aura Impact Website (www.aura-impact.com) (hereinafter “Website”) or in the course of exchanges between Aura Impact and any person who is not a client of Aura Impact and (ii) in the context of Aura Impact’s performance of its consultancy activity and its contractual relations with its Clients (hereinafter “Services”).

Compliance with data protection legislation

Aura Impact undertakes to make every effort to comply with the laws and regulations governing the processing of Personal Data, including, but not limited to, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the “GDPR”) and any other applicable national laws or regulations governing the processing of personal data.

Data Protection Officer

Aura Impact has appointed a data protection officer (the “DPO”). If you have any questions regarding the management and use of your Personal Data, you can contact him/her at the following address:

Form: Contact form

Address: 13-15 Avenue de la Liberté, L-1943, Luxembourg, Grand Duchy of Luxembourg

Email: [email protected]

Who are the Data Subjects?

The Data Subjects, i.e. the persons whose Personal Data Aura Impact processes are:

Users of the Site or any other person who contacts Aura Impact without being a client;
Persons responding to a job offer posted on the Site or sending an unsolicited application to the following address: [email protected], or via the contact form (hereinafter “Form”);
Aura Impact’s clients who are natural persons or representatives and/or employees of Aura Impact’s clients who are legal persons; and
Any other natural person whose Data Subject or partner transmits Personal Data to Aura Impact. The Personal Data of these other persons are submitted to Aura Impact under the responsibility of the Data Subjects who undertake to transmit them to Aura Impact in accordance with the applicable legal provisions. The data will only be used by Aura Impact if it is necessary for the provision of its Services by Aura Impact.

Origin of Personal Data

Data Subjects are informed of the purposes for which their Personal Data is collected via (i) the information provided in the various online data collection forms; (ii) the Cookie Policy and (iii) this Privacy Policy.

Personal Data collected from Data Subjects

All Personal Data concerning Data Subjects is collected from them by (i) Aura Impact via the forms or other documents they fill in when using the Website; (ii) Aura Impact during the various exchanges with Data Subjects, whether by mail, online requests, telephone calls or any other means of communication used to contact Aura Impact.

Personal Data that Aura Impact automatically collects when using the Services

Aura Impact automatically collects Personal Data, in particular through the use of Cookies, when the Data Subjects use the Website.

Who are the data controllers?

The Controller is, within the meaning of the GDPR, the person who determines the means and purposes of the processing. The Processor is a person processing Personal Data on behalf of the Controller. He acts under the authority of the Controller and on the instructions of the Controller.

Aura Impact is responsible for the processing of the Personal Data of Data Subjects collected in the context of their browsing on the Website or any form of communication with Aura Impact.

Aura Impact takes all appropriate measures to ensure the protection and confidentiality of the Personal Data it holds or processes in compliance with the provisions of the GDPR and national legislation.

What Personal Data is processed and what is it used for?

All Personal Data processed by Aura Impact, are limited to those strictly necessary for the provision of the Services offered:

Identification and contact details: The identification and contact details of the Data Subjects may correspond to (i) the name and e-mail address given in the contact form on the Site or (ii) the data given in the business card given by the Data Subject or in the Data Subject’s e-mail signature. This data will be processed by Aura Impact in order to respond to the Data Subject’s requests or in the context of contractual relations with the Data Subject.
Content of CVs and cover letters: The data submitted by Candidates will be used in connection with applications and vacancies. This data includes surnames, first names, date of birth, nationality, means of contact (e-mail address, postal address, telephone number), education, professional qualifications, professional experience and any other personal data contained in these documents.
Content of messages from Data Subjects transmitted by any means of communication: Data Subjects may contact Aura Impact via various means, including social networks, to formulate their requests. This data will be processed by Aura Impact to respond to the Data Subject’s requests or in the context of contractual relations with the Data Subject.
Any other personal data provided to Aura Impact by Data Subjects concerning other persons: This data, collected directly or indirectly, enables Aura Impact to provide its consultancy services within the framework of legal obligations and in particular professional secrecy.
Content and metadata: These elements correspond to the operations carried out on the Site, i.e. the data flows generated by the activity of the Data Subjects on the Site. In principle, this data is not used by Aura Impact, for which the Site is simply the medium for exchanging this data. However, some of these elements may be used by Aura Impact to enable Aura Impact to better understand how Users interact with the Aura Impact Site and to improve its functioning.
Technical Information: This technical information may include browser type, language settings, country and time zone, cookie ID and settings, type of device used for connection, hardware model and operating system, unique identifiers such as IDFA (for iOS), MAC address or user ID, IP addresses and mobile network information, social network sharing, geolocation data. This data is used to ensure optimal use of the Site.

Some of these data are required to Aura Impact to provide its services, others are optional in order to benefit from all the Services offered. The mandatory or optional nature of the personal data to be provided is indicated at the time of collection. If you refuse to provide the mandatory data, Aura Impact will not be able to provide you with the requested services (such as the creation of your account or the processing of your teleconsultation request), nor to respond to your other possible requests.

Electronic Communications

Aura Impact may send informative emails for similar Services provided by Aura Impact (hereinafter the “Electronic Communications”) to Data Subjects whose electronic contact information Aura Impact has obtained by providing its Services when the Data Subjects in question have not objected to such use when their email address was collected.

Any other unsolicited electronic communication not covered by the above provisions will be made on the basis of the Data Subject’s consent only.

Data Subjects still have the opportunity to object to such use of their email address, free of charge and in a simple manner, (i) by clicking on the “unsubscribe” link contained within each Electronic Communication or (ii) by contacting the DPO directly at the contact details given above.

If a Data Subject objects to receiving Electronic Communications, he or she will not receive any such Communications once he or she has expressed his or her objection through one of the channels identified in the previous paragraph.

This processing is based on Aura Impact’s legitimate interest in providing information about its activity and sector news, thus enabling Aura Impact to continue to provide its services and promote its image to Data Subjects.

Use of social networks

The Personal Data of the Data Subjects collected through the use of social networks may be processed by Aura Impact, which has a legitimate interest in using them for marketing purposes and improving its advertising materials and its image on the basis of voluntary information transmitted or published by the Data Subjects.

You have the possibility to click on the icons dedicated to social networks on our site or any other communication medium, namely Linkedin, Twitter, Facebook, Instagram, or Youtube.

Social networks help to improve the usability of the site and help to promote it through sharing.

When you use these buttons, we may have access to personal information that you have indicated as public and accessible from your Linkedin, Twitter, Facebook, Instagram, or Youtube social profile. However, we do not create or use any independent database of these social networks from the personal information you may post on them and we do not exploit any of your privacy data in this way.

If you do not want us to have access to the personal information posted on the public area of your social profiles or accounts, then you should use the means provided by the social networks Linkedin, Twitter, Facebook, Instagram, and Youtube to limit access to your data.

Other social networks may also be added at any time by Aura Impact.

Use of Cookies

Aura Impact also uses Cookies to improve Data Subjects’ navigation on the Site and to compile data for anonymous statistics, to understand Data Subjects’ use of the Aura Impact Site and to improve its structure and content.

Some Cookies do not require the consent of the Data Subjects because they are purely technical and their use is in the legitimate interests of Aura Impact. For the others, Aura Impact collects the consent of the Data Subjects before collecting Personal Data about them via cookies.

For more information, in particular on the duration of the retention of Cookies, Data Subjects may consult Aura Impact’s Cookie Management Policy by clicking on the following link.

Links to Other Sites

We occasionally provide links to other websites for your convenience and information. These websites operate independently and are not under our control. These sites operated by third parties may have their own privacy notices or terms of use, which we strongly suggest you to review. We are not responsible for the content of these sites, for any products or services that may be offered on them or for any other use of them.

Retention of Personal Data

Aura Impact takes all reasonable steps to ensure that Personal Data is processed and retained for the minimum period necessary for the purposes set out in this Privacy Policy.

Unless a more specific provision is indicated in this Privacy Policy, the general principle applied by Aura Impact is to retain Personal Data according to the following criteria:

For Data Subjects who are not Clients of Aura Impact: five (5) years from the end of the relationship between the Data Subject and Aura Impact, except in the case of applications where the period is two (2) years after the last contact with the Applicant;
For Data Subjects who are Clients of Aura Impact: ten (10) years from the end of the contractual relationship, except where there is a statute of limitations or a longer legal retention requirement.
For all Data Subjects: The implementation of backups by Aura Impact ensures the availability of the data as well as their access within an appropriate timeframe in case of a physical or technical incident. The data included in the backups are kept until they are overwritten by a new backup. This is “out of use” data that is only used for backup purposes. In case a Data Subject requests the deletion of his or her personal data, the personal data contained in these backups will be deleted insofar as this is technically possible.

Aura Impact undertakes to delete or anonymise your personal data at the end of the retention period described above, plus a period of a few days or weeks, in proportion to the above-mentioned period, if this is necessary to ensure the deletion or anonymization of the data concerned in practice, unless there is an imperative reason for not doing so (e.g. in the context of a dispute).

How we protect Personal Data

Aura Impact implements all technical and organisational measures to ensure the security of the processing of Personal Data and the confidentiality of your data.

In this respect, we take all necessary precautions, in view of the nature of your data and the risks presented by our processing, to preserve the security of your data and, in particular, to prevent it from being distorted, damaged or accessed by unauthorised third parties (physical protection of premises, authentication procedures for persons accessing the data with personal and secure access via confidential identifiers and passwords, secure https protocol, logging and tracing of connections, encryption of certain data, etc.).

Data Subjects are responsible for ensuring that all Personal Data they send to Aura Impact is secure.
Aura Impact takes reasonable steps to:

Ensure that your Personal Data is accurate and, where necessary, kept up to date by allowing Data Subjects to amend any inaccurate data at any time.

Ensure that the Personal Data of Data Subjects is collected for the purposes set out in this Privacy Policy.

To ensure that Subcontractors receiving Personal Data guarantee the security and confidentiality of such data.

Ensure that the protection and security of Personal Data is taken into account in the planning and development of its Services from the outset.

Recipient of personal data and subcontractors

THE USER’S PERSONAL DATA WILL NOT BE COMMUNICATED TO COMMERCIAL OR ADVERTISING ENTITIES.

The Personal Data of the Data Subjects may be processed within the limits of their respective attributions and exclusively in order to achieve the purposes of this Privacy Policy by the following persons:

By authorized personnel of AURA IMPACT:
Authorised staff of our marketing, sales, administrative, logistical, legal and IT departments, responsible for handling customer relations, prospecting and for control.
By the authorised personnel of AURA IMPACT’s subcontractors:
For some activities related to its operations, Aura Impact uses the services of several specialised companies (emailing, teleconsultation, CRM, etc.).
Each of these subcontractors is carefully selected for its professionalism and reliability, particularly in terms of privacy and protection of personal data.
Other :
If applicable, by the relevant courts, mediators, accountants, auditors, lawyers, bailiffs, debt collection companies.

Cross-border transfer

In order to provide its Services, Aura Impact may use service providers located outside the European Union. If the transfer takes place to a third country where the legislation has not been recognised as providing an adequate level of protection for Personal Data, Aura Impact ensures that the necessary measures are put in place in accordance with the GDPR.

Rights of Data Subjects

Rights of Data Subjects to their Personal Data:

In accordance with the European regulations in force, Data Subjects who visit the Site have the following rights:

Right of access (article 15 RGPD) and rectification (article 16 RGPD), update, completeness of the Personal Data of the Data Subjects: the Data Subjects have the right to access their Personal Data held by Aura Impact and to request rectification or updating.
Right to erasure of Personal Data of Data Subjects (Article 17 of the GDPR), where (i) it is no longer necessary, (ii) the Data Subject has withdrawn consent, (iii) the Data Subject objects to the processing, (iv) the processing is unlawful or to comply with legal obligations.
Right to withdraw consent at any time (Article 13-2c GDPR) if such processing is based on consent.
Right to limit the processing of Personal Data of Data Subjects (Article 18 GDPR): this right means that the processing of Personal Data of Data Subjects that Aura Impact may carry out is limited, so that the Personal Data is retained, but Aura Impact may not use or process it.
Right to object to the processing of Personal Data of Data Subjects (Article 21 GDPR): Data Subjects may at any time object to the processing of their Personal Data where the processing is based on the legitimate interest of Aura Impact.
Right to portability of Personal Data provided by Data Subjects, where such Personal Data is subject to automated processing based on their consent or on a contract (Article 20 RGPD). Data Subjects have the right to move, copy or transmit their Personal Data from Aura Impact’s database to another.
Right to determine the fate of the Data Subjects’ Personal Data after their death and to choose to whom Aura Impact shall disclose (or not) their Personal Data to a third party that they have previously designated. As soon as Aura Impact becomes aware of the death of a Data Subject and in the absence of instructions from him or her, Aura Impact undertakes to destroy his or her Personal Data, unless its retention is necessary for evidentiary purposes or to comply with legal obligation.
For more information on their rights, Data Subjects may consult the CNPD website.

How Data Subjects may exercise their rights regarding their Personal Data:

If the Data Subject wishes to know how Aura Impact uses his or her Personal Data, or to exercise his or her rights, the Data Subject may contact Aura Impact at the following contact details:

Form: Contact form

Address: 13-15 Avenue de la Liberté, L-1943, Luxembourg, Grand-Duchy of Luxembourg

Email: [email protected]

In this case, the Data Subject must indicate the Personal Data that he or she would like Aura Impact to correct, update or delete, by identifying himself or herself precisely with a copy of an identity document (identity card or passport) or any other element that can be used to prove his or her identity.

Requests for deletion of Personal Data will be subject to the obligations imposed on Aura Impact by law, in particular with regard to the retention or archiving of documents.

Users may file a complaint with the supervisory authorities, and in particular with the CNPD (https://cnpd.public.lu/fr/particuliers/faire-valoir/formulaire-plainte.html).

Users’ acknowledgement of this Privacy Policy

By using the Aura Impact Site, Data Subjects acknowledge that they have read and understood the terms of this Privacy Policy.

Changes to this Privacy Policy

Aura Impact may modify, supplement or update this Privacy Policy in order to take into account any legal, regulatory, jurisprudential and/or technical developments.

Aura Impact will revise the date of the last update at the top of this page for this purpose. Aura Impact encourages Data Subjects to check this page frequently for changes. Aura Impact has put in place various means for Data Subjects to review this Privacy Policy and Data Subjects acknowledge and agree that it is their responsibility to regularly review this Privacy Policy and become aware of any changes.

Each Data Subject is advised that the only authoritative version of the Privacy Policy is the one found online, which he or she acknowledges and accepts without limitation.

The Data Subject is required to refer to the version of the Policy in effect at the time of access and use of the Site.

If you have any questions or comments regarding this Privacy Policy, please contact us at [email protected].

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Functional

Performance

Analytics

Others