DATA PROTECTION POLICY

INFORMATION AND FREQUENTLY ASKED QUESTIONS

Your personal data is important to us. This policy outlines how NEER Service France and its related corporations and business units (collectively, the “Companies”) manage personal data (as defined below) we hold in compliance to the France Personal Data Protection Act (Please take a moment to read this Data Protection Policy so that you know and understand the purposes of obtaining personal data.

By interacting with the Companies, as well as its representatives and/or agents (collectively referred to herein as “the Group”, “us”, “we” or “our”), submitting information to us, or signing up for any products and services offered by us, you agree and consent to us collecting, using, disclosing and sharing amongst themselves your personal data, and disclosing such information to the Group’s authorised service providers and relevant third parties in the manner set forth in this Data Protection Policy. This Data Protection Policy supplements but does not supersede nor replace any other consents you may have previously provided to the Group in respect of your Personal Data, and your consents herein are additional to any rights which any of the Companies may have at law to collect, use or disclose your Personal Data.

The Group will update this Data Protection Policy for any future developments, industry trends and/or any changes in legal orregulatory requirements.  Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Protection

  • In this Data Protection Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be
    identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including
    data in our records as may have updated periodically
  • Examples of such Personal Data you may provide to us include (depending on the nature of your interaction with us)
    • Name
    • Passport/Valid Identification No
    • Telephone/Mobile number(s)
    • Mailing address
    • Email address
    • Any other information relating to any individual which you have provided us in any forms you may have submitted to us, or
      via other form of interaction with you.

Generally, we collect Personal Data in the following ways:

  • when you submit particulars such as passport, declaration of tax during customs clearance.
  • when you enter into any agreement or provide other documentation or information in respect of your interactions with us, or when you use our products and services;
  • when you interact with our staff, including customer service officers, for example, via telephone calls (which may be recorded), letters, fax, face-to-face meetings, social media platforms and emails;
  • when you use our electronic services, or interact with us via our websites or use services on our websites;
  • when you request that we contact you or request that you be included in an email or other mailing list;
  • when you respond to our promotions, initiatives or to any request for additional Personal Data;
  • when you submit an employment application or when you provide documents or information including your resume and/or CVs in connection with any appointment as an officer, director, representative or any other position;
  • when your images are captured by us via CCTV cameras while you are within our premises, or via photographs or videos taken by us or our representatives when you attend events at our premises;
  • when you are contacted by, and respond to, our marketing representatives and customer service officers;
  • when we seek information about you and receive your Personal Data in connection with your relationship with us, including for our products and services or job applications, for example, from business partners, public agencies, your ex-employer, referral intermediaries and the relevant authorities; and/or
  • when you submit your Personal Data to us for any other reasons.
  • When you browse our website, you generally do so anonymously but please see the section below on cookies. We do not, at our website, automatically collect Personal Data unless you provide such information, write in through our website or login with your account credentials.
  • If you provide us with any Personal Data relating to a third party (e.g. information of your spouse, children, parents, and/or employees), by submitting such information to us, you represent to us that you have obtained the consent of the third party to provide us with their Personal Data for the respective purposes.

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do
so may result in our inability to provide you with the products and services you have
requested, or delays in providing you with products and services you have requested, or processing your applications.

  1.  
  1.  
  • Generally, the Group collects, uses and discloses your Personal Data for the following purposes:
    • responding to, processing and handling your queries, feedback, complaints and requests;
    • verifying your identity;
    • managing and planning the administrative and business operations of the Group and complying with internal policies, reporting requirements and procedures;
    • facilitating business asset transactions (which may extend to any mergers, acquisitions or asset sales) involving any of the Companies
    • requesting feedback or participation in surveys, as well as conducting market research and/or analysis for statistical, profiling or other purposes for us to design our products, understand customer behaviour, preferences and market trends, and to review, develop and improve the quality of our products and services;
    • matching any Personal Data held which relates to you for any of the purposes listed herein;
    • preventing, detecting and investigating crime and analysing and managing commercial risks;
    • managing the safety and security of our premises and services (including but not limited to carrying out CCTV surveillance and conducting security clearances);
    • monitoring or recording phone calls and customer-facing interactions for quality assurance, employee training and performance evaluation and identity verification purposes;
    • organising promotional events and roadshows;
    • in connection with any claims, actions or proceedings (including but not limited to drafting and reviewing documents, transaction documentation, obtaining legal advice, and facilitating dispute resolution), and/or protecting and enforcing our contractual and legal rights and obligations;
    • conducting investigations relating to disputes, billing or fraud;
    • meeting or complying with any applicable rules, laws, regulations, codes of practice or guidelines issued by any legal or regulatory bodies which are binding on the Group (including but not limited to responding to regulatory complaints, disclosing to regulatory bodies and conducting audit checks, due diligence and investigations); and/or
    • purposes which are reasonably related to the aforesaid.
  • In addition, the Group collects, uses and discloses your Personal Data for the following purposes depending on the nature of our relationship:
    • If you are a customer of our products and services:
      • providing customer service and support (including but not limited to customer relationship management, facilitating and providing reminders of your service booking requests and appointments, providing you with administrative support, administering insurance coverage, processing your payments and providing delivery and pick-up services);
      • creating and maintaining profiles of our customers in our system database;
      • administering debt recovery and debt management;
      • administering rewards and benefits; and/or
      • purposes which are reasonably related to the aforesaid.
    • If you are a guest, customer or an employee of an organisation which is a corporate customer of NEER Service France
      • providing customer service and support (including but not limited to customer relationship management, processing and confirming your reservations, bookings and other orders, processing your payments, assisting you with booking requests, providing housekeeping services and attending to your requests for any other products and services whether or not offered by the Group);
      • creating and maintaining guest profiles in our system database;
      • administering debt recovery and debt management; and/or
      • purposes which are reasonably related to the aforesaid.
    • If you are an employee, officer or owner of an external service provider or vendor outsourced or prospected by the Group:
      • assessing your organisation’s suitability as an external service provider or vendor for the Group;
      • managing project tenders and quotations, processing orders or managing the supply of goods and services;
      • creating and maintaining profiles of our service providers and vendors in our system database;
      • processing and payment of vendor invoices and bills;
      • administering training programmes;
      • facilities management (including but not limited to issuing visitor access passes and facilitating security clearance); and/or
      • purposes which are reasonably related to the aforesaid.
    • If you submit an application to us as a candidate for employment:
      • conducting interviews;
      • processing your application (including but not limited to pre-recruitment checks involving your qualifications and facilitating interviews);
      • obtaining references and for background screening;
      • assessing your suitability for the position applied for;
      • on boarding successful candidates and facilitating human resource planning and management (including but not limited to
        preparing letters of employment, name cards); and/or
      • purposes which are reasonably related to the aforesaid.
    • If you are an existing employee of the Group:
      • providing remuneration and staff benefits (including leave and insurance), reviewing salaries and bonuses, conducting salary
      • benchmarking reviews, staff appraisals and evaluation, as well as recognising individuals for their services and conferring awards
      • administrating the employment relationship, its management and termination, including manpower, logistics management, work permit, employment pass or visa applications, providing employee relocation support, processing expense claims, tax clearance and payment to provident funds, facilitating overseas travel arrangements, and NS matters management;
      • training, learning and talent development;
      • providing you with tools and/or facilities to enable or facilitate the performance of your duties;
      • business continuity, including compiling and publishing internal directories and emergency contact lists;
      • conducting analytics, surveys and research for human resource planning and management, and for us to review, develop, optimise and improve work related practices, environment and productivity;
      • ensuring that the administrative and business operations of the Group function in a secure, efficient and effective manner;
      • generating incident reports and handling complaints;
      • purposes which are reasonably related to the aforesaid.
    • If you are a board member, corporate officer, company secretary or shareholder of the Group:
      • on boarding or facilitating your appointment;
      • maintaining statutory registers and to manage the publication of shareholder and director statistics on annual reports and circulars;
      • facilitating the execution of duties and administrative matters (including but not limited to issuing new share certificates, organising meetings, passing resolutions, and approving, executing and signing contracts);
      • administering remuneration, compensation and benefits; and/or
      • purposes which are reasonably related to the aforesaid.
  • Furthermore, where permitted under the Act, the Group may also collect, use and disclose your Personal Data for the following “Additional Purposes”:
    • providing or marketing services, products and benefits to you, including promotions, loyalty and reward programmes;
    • matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision or offering of products and services;
    • sending you details of products, services, special offers and rewards, either to our customers generally, or which we have identified may be of interest to you; and/or conducting market research, understanding and analysing customer behaviour, location, preferences and demographics for us to offer you products and services as well as special offers and marketing programmes which may be relevant to your preferences and profile; and/or
    • purposes which are reasonably related to the aforesaid.

If you have provided your France telephone number(s) and have indicated that you consent to receiving marketing or promotional information via your France telephone number(s), then from time to time, the Group may contact you using such France telephone number(s) (including via voice calls, text, fax or other means) with information about our products and services.

  • In relation to particular products and services or in your interactions with us, we may also have specifically notified you of other purposes for which we collect, use or disclose your Personal Data. If so, we will collect, use and disclose your Personal Data for these additional purposes as well, unless we have specifically notified you otherwise.
  • You have a choice to withdraw your consent for receiving marketing or promotional materials/communication. You may contact us using the contact details found below.
  • Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, it may take up to 30 working days for your withdrawal to be reflected in our systems. Therefore, you may still receive marketing or promotional materials/communication during this period of time. Please note that even if you withdraw your consent for the receipt of marketing or promotional materials, we may still contact you for other purposes in relation to the products and services that you have requested from the Group.

The Group will take reasonable steps to protect your Personal Data against unauthorised disclosure. Subject to the provisions of any applicable law, your Personal Data may be disclosed, for the purposes listed above (where applicable), to the following entities or parties, whether they are located overseas or in France:

  • the Group’s related corporations and employees;
  • companies providing services relating to insurance to the Group;
  • agents, contractors, sub-contractors or third party service providers who provide operational services to the Group, such as telecommunications, information technology, payment, printing, billing, payroll, processing, technical services, transportation, training, market research, call centre, security, employee recognition, sales and marketing, or other services to the Group;
  • vendors or third party service providers in connection with marketing promotions, products and services offered by the Group
  • any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale) involving any of the Companies;
  • our professional advisers such as consultants, auditors and lawyers;
  • our customers, clients and business partners in relation to managing project tenders and obtaining appropriate security clearance on behalf of our vendors and service providers;
  • companies providing insurance and warranty services to our customers;
  • foreign embassies, travel agencies and hotels in relation to facilitating overseas travel arrangements;
  • relevant government ministries, regulators, statutory boards or authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes imposed by any governmental authority; and/or
  • any other party to whom you authorise us to disclose your Personal Data to.

When you interact with us on our websites, we automatically receive and record information on our server logs from your browser. We may employ cookies in order for our server to recognise a return visitor as a unique user including, without limitation, monitoring information relating to how a visitor arrives at the website, what kind of browser a visitor is on, what operating system a visitor is using, a visitor’s IP address, and a visitor’s click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).

Cookies are small text files stored in your computing or other electronic devices which allow us to remember you. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on an electronic device. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.

Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website.

The Group will take reasonable efforts to protect Personal Data in our possession or our control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. However, we cannot completely guarantee the security of any Personal Data we may have collected from or about you, or that for example no harmful code will enter our website (for example viruses, bugs, trojan horses, spyware or adware). You should be aware of the risks associated with using websites.

While we strive to protect your Personal Data, we cannot ensure the security of the information you transmit to us via the Internet or through the use of our electronic services, and we urge you to take every precaution to protect your Personal Data when you use such platforms. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.

If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.

We maintain appropriate security safeguards and practices to protect your Personal Data unauthorised access, collection, use, disclosure, copying, modification disposal or similar risks, in accordance with applicable laws.

If you:

have any questions or feedback relating to your Personal Data or our Data Protection Policy;

would like to withdraw your consent to any use of your Personal Data as set out in this Data Protection Policy; or

would like to obtain access and make corrections to your Personal Data records, please contact us as follows:

Call: +331344550000

Email: info@neerservice.fr

Address: 17 Avenue des Morillons – 95140 Garges les Gonesse – France

Please note that if your Personal Data has been provided to us by a third party (e.g. a referrer, or your company), you should
contact that organisation or individual to make such queries, complaints, and access and correction requests to the Group on
your behalf.

If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, the Group
may not be in a position to continue to provide its products and services to you, or administer any contractual relationship in
place, which in turn may also result in the termination of any agreements with the Group, and your being in breach of your
contractual obligations or undertakings. The Group’s legal rights and remedies in such event are expressly reserved.

All complaints should be made within 90 days of the date that the event occurred, or the date that the issue came to your
attention.

  • For complaints related to privacy policies we aim to take action within 3 days
  • The complaint will be handled in the strictest confidence
  • The staff you talk to will aim to see it through to resolution wherever possible but will report to the managing director for
    proper advice.
  • A formal letter of complaint is requested addressed to the management for further internal investigation.
  • When we get things wrong or made any inconvenience to the complainant we will sincerely apologise and take responsibility.
  • This Data Protection Policy and your use of this website shall be governed in all respects by the laws of France.
    OVERVIEW OF PERSONAL DATA PROTECTION

    What is Personal Data?

    Personal data refers to data, whether true or not, about an individual who can be identified from that data; or from that data and
    other information to which the organisation has or is likely to have access. Personal data in France is protected under the Personal
    Data Protection Act 2012 (PDPA).

    What is the Personal Data Protection Act?

    The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal
    data. It recognises both the rights of individuals to protect their personal data, including rights of access and correction, and the needs
    of organisations to collect, use or disclose personal data for legitimate and reasonable purposes.

    The PDPA provides for the establishment of a national Do Not Call (DNC) Registry. The DNC Registry allows individuals to register their
    France telephone numbers to opt out of receiving marketing phone calls, mobile text messages such as SMS or MMS, and faxes from
    organisations.

    Objectives of the Personal Data Protection Act

    Today, vast amounts of personal data are collected, used and even transferred to third party organisations for a variety of reasons.
    This trend is expected to grow exponentially as the processing and analysis of large amounts of personal data becomes possible with
    increasingly sophisticated technology. With such a trend comes growing concerns from individuals about how their personal data is
    being used. Hence, a data protection regime to govern the collection, use and disclosure of personal data is necessary to address these
    concerns and to maintain individuals’ trust in organisations that manage data. By regulating the flow of personal data among
    organisations, the PDPA also aims to strengthen and entrench France’s competitiveness and position as a trusted, world-class hub for
    businesses.

    How does the Personal Data Protection Act Work?

    The PDPA will ensure a baseline standard of protection for personal data across the economy by complementing sector-specific
    legislative and regulatory frameworks. This means that organisations will have to comply with the PDPA as well as the common law
    and other relevant laws that are applied to the specific industry that they belong to, when handling personal data in their possession.
    The PDPA takes into account the following concepts:

    • Consent – Organisations may collect, use or disclose personal data only with the individual’s knowledge and consent (with some
      exceptions);
    • Purpose – Organisations may collect, use or disclose personal data in an appropriate manner for the circumstances, and only if they
      have informed the individual of purposes for the collection, use or disclosure; and
    • Reasonableness – Organisations may collect, use or disclose personal data only for purposes that would be considered appropriate
      to a reasonable person in the given circumstances.

      Application of the Personal Data Protection Act

      The PDPA covers personal data stored in electronic and non-electronic forms.

      The data protection provisions in the PDPA (parts III to VI) generally do not apply to:

    • Any individual acting in a personal or domestic basis.
    • Any employee acting in the course of his or her employment with an organisation.
    • Any public agency or an organisation in the course of acting on behalf of a public agency in relation to the collection, use or
      disclosure of the personal data. You may wish to refer to the Personal Data Protection (Statutory Bodies) Notification 2013 for the list
      of specified public agencies.
    • Business contact information. This refers to an individual’s name, position name or title, business telephone number, business
      address, business electronic mail address or business fax number and any other similar information about the individual, not provided
      by the individual solely for his or her personal purposes.

These rules are intended to be the baseline law which operates as part of the law of France. It does not supersede existing statutes,
such as the Banking Act and Insurance Act but will work in conjunction with them and the common law.

When did the Personal Data Protection Act Come into Effect?

The PDPA took effect in phases starting with the provisions relating to the formation of the PDPC on 2 January 2013. Provisions
relating to the DNC Registry came into effect on 2 January 2014 and the main data protection rules on 2 July 2014. This allowed time
for organisations to review and adopt internal personal data protection policies and practices, to help them comply with the PDPA.
Development of the Personal Data Protection Act.

In the development of this law, references were made to the data protection regimes of key jurisdictions that have established
comprehensive data protection laws, including the EU, UK, Canada, Hong Kong, Australia and New Zealand, as well as the OECD
Guidelines on the Protection of Privacy and Transborder Flow of Personal Data, and the APEC Privacy Framework. These references are
helpful for the formulation of a regime for France that is relevant to the needs of individuals and organisations, and takes into account
international best practices on data protection.