Privacy and GDPR Policy

Effective Date: 5 January 2024

1. Introduction

Parapluie FLAM (the « Federation ») is committed to protecting the privacy and security of your personal data. This Privacy and GDPR Policy outlines how we collect, use, store, and protect your information when you visit our website ( or interact with us, in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

Parapluie FLAM is the data controller responsible for your personal data. If you have any questions about this policy or how we handle your personal data, please contact us at:

3. Data Protection Principles

We adhere to the following principles when processing personal data:

3.1 Lawfulness, Fairness, and Transparency:
We process personal data lawfully, fairly, and in a transparent manner.

3.2 Purpose Limitation:
We collect personal data for specified, explicit, and legitimate purposes and do not process it in a manner that is incompatible with those purposes.

3.3 Data Minimisation:
We ensure that the personal data we process is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.

3.4 Accuracy:
We take reasonable steps to ensure that personal data is accurate and, where necessary, kept up to date.

3.5 Storage Limitation:
We retain personal data only for as long as necessary for the purposes for which it is processed.

3.6 Integrity and Confidentiality:
We process personal data in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

4. Information We Collect

We may collect and process the following types of personal data:

4.1 Information You Provide to Us:

  • Contact Information: Name, email address, phone number, postal address.
  • Membership Information: Details related to your membership or association with the Federation.
  • Communication Data: Any information you provide when you communicate with us (e.g., via email, phone, or contact forms).

4.2 Information We Collect Automatically:

  • Technical Data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform.
  • Usage Data: Information about how you use our website, products, and services.

4.3 Information from Third Parties:
We may receive personal data about you from third parties, such as service providers and partners who assist us in our operations.

5. Legal Basis for Processing

We rely on the following legal bases to process your personal data:

5.1 Consent:
Where you have given clear consent for us to process your personal data for a specific purpose.

5.2 Contract:
Where the processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.

5.3 Legal Obligation:
Where the processing is necessary for us to comply with a legal obligation.

5.4 Legitimate Interests:
Where the processing is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests.

6. Your Rights

You have the following rights regarding your personal data:

6.1 Access:
The right to request access to your personal data and to receive information about its processing.

6.2 Correction:
The right to request correction of any inaccurate or incomplete personal data.

6.3 Deletion:
The right to request deletion of your personal data when there is no longer a legal basis for retaining it.

6.4 Objection:
The right to object to the processing of your personal data when we are processing it based on our legitimate interests.

6.5 Restriction:
The right to request the restriction of processing of your personal data in certain circumstances.

6.6 Data Portability:
The right to receive your personal data in a structured, commonly used, and machine-readable format and to request the transfer of your personal data to another party.

7. Data Sharing

We may share your personal data with the following parties:

7.1 Service Providers:
Third-party service providers who provide IT and system administration services, professional advisors, and other support services.

7.2 Legal Requirements:
Where disclosure is required by law or necessary to comply with a legal process.

7.3 Business Transfers:
In the event of a merger, reorganization, or transfer of all or part of our operations.

8. Data Security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. We also limit access to your personal data to volunteers, freelancers, agents, contractors, and other third parties who require this information for legitimate business purposes.

9. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

10. Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or the content of those websites. We encourage you to read the privacy policies of any third-party websites you visit.

11. Changes to This Policy

We may update this Privacy and GDPR Policy from time to time. Any changes we make will be posted on this page, and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to this policy.

12. Contact Us

If you have any questions or concerns about this Privacy and GDPR Policy or our privacy practices, please contact us at: