Search

Privacy Notice

EOS France, as data controllers, processes personal data in compliance with applicable laws and regulations, notably Regulation (EU) 2016/679 of April 27, 2016, concerning the protection of individuals with regard to the processing of personal data and the free movement of such data ("GDPR"), the French Data Protection Act of January 6, 1978, as amended, and the guidelines issued by the CNIL (National Commission on Informatics and Liberty).

This information aims to clarify the objectives (purposes) pursued, the methods of use, and your rights regarding the processing of personal data implemented by EOS France.

Name and contact details of the data controller:
EOS France
74, rue de la Fédération
BP 587 - 75726 Paris CEDEX 15
Tel: 01 53 58 39 39
contact@eos-france.com

By mail: Attention of the DPO - EOS France – 10, impasse de Presles BP 587 - 75726 Paris CEDEX 15
Or by email: dpo.eos.siege@eos-france.com

Rights of Individuals

We inform you that, in accordance with the applicable regulations on personal data protection, namely as of today:

  • Regulation (EU) 2016/679 General Data Protection Regulation, hereinafter "GDPR", and
  • Law No. 78-17 of January 6, 1978, amended on June 20, 2018 (Data Protection Act),
    you have the right to access, rectify, port, limit, oppose, and delete any data concerning you.
    You can exercise this right in writing by proving your identity to the data controller at EOS France:
    By mail: Attention of the DPO - EOS France – 10, impasse de Presles BP 587 - 75726 Paris CEDEX 15
    Or by email: dpo.eos.siege@eos-france.com
Furthermore, if you believe that the processing of your personal data by EOS France was not in compliance with the GDPR, you have the right to lodge a complaint with the supervisory authority, the CNIL ("National Commission on Informatics and Liberty") (for more information, visit: www.cnil.fr).

Collection of Personal Data by EOS France in the Context of Its Activities

I. Context:

Your file, which includes personal data, is transmitted to EOS France as part of a contract signed with a client (assignor or principal) (hereinafter referred to as "Client"):

  • under a debt assignment, or
  • under a management mandate for services such as debt or credit management.
This file transmitted to EOS France originates from a contract initially concluded between you and the Client of EOS France.

The processing of personal data carried out by EOS France in the context of managing acquired or entrusted files may cover services such as:

  • credit management,
  • amicable and/or judicial debt collection,
  • management of over-indebtedness or collective proceedings,
  • collection of insurance contributions and management of insured parties' files,
  • etc. (hereinafter referred to as "the Activities").
The managed files may concern individuals or relate to companies and cover areas such as banking and credit, insurance, as well as energy or telecommunications.

Some services are conducted in EOS France's own name, while others are conducted under a white-label arrangement (in the name of our Client).

II. Purposes and Categories of Data Processed:

The processing of personal data implemented by EOS France aligns with its purposes related to the Activities specified above. The information provided by EOS France's Clients, as well as that collected and processed by EOS France, is necessary for managing your file.

As the holder or potential guarantor of a file processed by EOS France in the context of its Activities, EOS France may process the following categories of data concerning you:

  • Your file references (e.g., original references, internal references),
  • Your civil status (e.g., title, last name, first name, date and place of birth),
  • Your contact details (e.g., postal, telephone, electronic),
  • Your personal and family situation (e.g., marital status, number of people in the household, including children),
  • Your professional, economic, and financial situation (e.g., occupation/retired, employer, income, assets, housing), and, where applicable, that of household members or, in the event of death, that of your heirs,
  • Your banking references and, if applicable, those of relatives participating in the repayment of your file,
  • The origin and characteristics of the file (e.g., originator, type of credit or invoice, management stage, date and information related to the initial contract, remaining amount due or payment schedule),
  • The management history of your file, including various written exchanges and summaries of telephone conversations,
  • Agreed settlement proposals,
  • The history of payments and collections.
These data may also be processed to comply with legal or regulatory measures or obligations, such as:

  • The transmission of information to EOS France's Clients in the context of the FICP "National File of Incidents of Repayment of Consumer Credits";
  • Customer knowledge and the fight against money laundering and terrorist financing;
  • Any processing for accounting management and financial control purposes.
Based on EOS France's legitimate interests, your data may also be used for:

  • Conducting satisfaction surveys and statistical processing (e.g., estimating processing costs, forecasting collections, evaluations),
  • Optimizing our internal processes (e.g., directing the file to a service, choosing a preferred communication channel, reconciling files concerning you). These choices do not have legal effects and do not significantly affect your rights regarding the repayment of your file. Moreover, your manager remains reachable for any requests or wishes related to the management of your file,
  • Enabling the establishment, defense, or exercise of EOS France's rights in court,
  • Optimizing collection management for updating and improving the quality of contact and civil status data (titles, names, first names, date and place of birth, postal, electronic, and telephone contact details): the contact and civil status data of debtor clients are duplicated and stored in a dedicated database (the "Directory Database") to compare the data of a debtor client whose claim has just been integrated into EOS France's business databases with the data in this Directory Database.
In accordance with Article 21 of the GDPR, you have the right to object at any time to the processing of personal data based on our legitimate interest as a data controller, provided that your interests or fundamental rights and freedoms prevail over our compelling legitimate interests, or for the establishment, exercise, or defense of our rights in court.

In the case of acquiring debt portfolios, EOS France is subrogated to the rights of the assigning client for the management of your file. Consequently, the management of your file is legally based on the contract you originally entered into.

In the case of a service contract (management mandate), EOS France will regularly inform the Client about the management of your file, particularly transmitting information related to your payments.

III. Transfer to another country

Generally, your personal data is processed within the European Union ("EU").

However, there may be specific cases where your personal data is transferred to a third country outside the EU. When this occurs, EOS France ensures the implementation of appropriate protective mechanisms as provided by the GDPR, such as signing Standard Contractual Clauses adopted by the European Commission when the recipient entities do not have an adequate level of personal data protection. Additionally, in the case of a service contract (management mandate), these transfers are only possible with the written consent of the Client of EOS France.

          1. Exchanges with the EOS Group

EOS France is the French subsidiary of the international EOS Group. As such, EOS France may transfer information to its shareholder (based in Hamburg, Germany) for the purpose of monitoring and controlling activities. This typically involves aggregated or anonymized information that does not contain personal data. EOS France may also transmit pseudonymized data to the EOS Group for statistical modeling purposes. Finally, in cases of necessity (fraud, legal obligations, or Group directives), EOS France may need to communicate personal data on a case-by-case basis. In this context, it would take all necessary precautions to secure such communications.

          2. Possible Transfers in the Context of Operational Management of Your File

               a. Transfer to EOS France's Mauritian Subsidiary

EOS France has a subsidiary in Mauritius, EOS Mascarenes. Some files may be processed by teams based at this location. It is important to note that personal data remains stored on servers located within the European Union. In the case of a service contract (management mandate), these transfers are only possible with the written consent of our partner client. EOS France ensures that EOS Mascarenes adheres to personal data protection regulations, having signed Standard Contractual Clauses for data protection adopted by the European Commission (clauses provided by supervisory authorities for transfers outside the European Union).

               b. Occasional Transfer to a Provider Located Outside the EU

EOS France may occasionally engage certain providers located outside the European Union for specific services. In particular, the EOS Group has a dedicated exchange platform for international debt collection. If the individual concerned no longer resides in France, EOS France may proceed with transfers to a subsidiary or partner of the EOS Group located in the country of residence. Any transfer to a provider located outside the EU is systematically governed by contractual agreements and includes the implementation of appropriate protective mechanisms. Moreover, in the context of a service contract (management mandate), these transfers are only made after the written consent of the Client of EOS France.

As of the date of this update, the providers outside the EU that may receive your personal data are located in the following countries:

  • Countries with an adequate level of personal data protection: Andorra, Israel, Liechtenstein, United Kingdom, Switzerland.
  • Recipient countries whose local subsidiary or partner has signed Standard Contractual Clauses with the EOS Group: Algeria, Bosnia and Herzegovina, Canada, China, United States, Hong Kong, Macedonia, Morocco, Russia, Serbia, Tunisia.
IV. Recipients

To carry out its missions, EOS France may need to:

  • Update your contact details to reach out to you; it may then transmit some of your data:
    • To a data enrichment provider.
    • Or to a duly authorized private investigation agency (in accordance with the Internal Security Code).
  • Transmit your file(s) to one of its partner bailiffs for amicable and/or judicial recovery.
  • Communicate with the Banque de France regarding cases of over-indebtedness.
  • If the individual concerned no longer resides in France, request assistance from a subsidiary or partner of the EOS Group.
  • Send updated information concerning you to the Client of EOS France.
V. Security

EOS France is committed to the confidentiality of the personal data it processes. Appropriate technical and organizational security measures are implemented to protect your data from accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continuously improved based on technological advancements.

These measures aim, in particular, to control:

  • Access to the premises and facilities where data is processed,
  • Access to computer systems and software platforms used, limited to authorized individuals based on the relevant processing, relying on authorization mechanisms, access rights, control, and recording of access,
  • Risks of unauthorized disclosure of personal data by securing all exchanges,
  • Traceability of events related to the entry of personal data,
  • Availability of personal data through security and backup measures to guard against accidental destruction or loss of data.
VI. Retention Periods:

Your personal data is stored in EOS France's databases only for the duration necessary to fulfill the purpose for which it was collected and/or for the time required for EOS France to comply with its legal and regulatory obligations or to defend its interests.

The personal data used in the management of your file will be retained for a maximum of 5 years after the balance or final closure of the file. For the purposes of updating and ensuring data quality, your contact and civil status data (titles, names, first names, date and place of birth, postal address, electronic address, and telephone contact details) will be retained for 10 years after the balance or final closure of the file, unless you object.

Additionally, your personal data may be retained for the following cases:

  • For the management of satisfaction surveys: 2 years from the date of the survey,
  • For the management of complaints and exercise of rights: 5 years from their closure,
  • For accounting management and financial control: 10 years from the end of the accounting period,
  • For the purposes of combating corruption, fraud, and the financing of terrorism: 5 years from the end of the business relationship or the date of suspicion declaration.
  • Conversations with EOS France services may be listened to and/or recorded for the following purposes:

    • Training and skill development of employees;
    • Ensuring compliance with legal and ethical standards;
    • Verifying the quality of employee communications.
    This processing is based on EOS France's legitimate interests (Article 6(1)(f) of the GDPR). You can object to this recording by informing your contact at the beginning of the phone conversation.

    Only duly authorized personnel can access the recorded phone calls for the specified purposes. The recording system has strict access management protocols.

    For employee skill development and/or service quality verification, management and the training department have access to the tool for listening to EOS France's recorded phone calls.

    In terms of quality control of the services provided by EOS France and compliance with legal and ethical standards, the compliance and quality department can access the tool for listening to EOS France's recorded phone calls.

    If a dispute or contestation arises regarding a file and certain conversations have been recorded, any person responsible for managing disputes and contestations (customer relations, human resources, for example) may be authorized to listen to the relevant recordings.

    Finally, some of our Clients may also access EOS France's recorded phone calls within the scope relevant to them.

    • Exceptionally, a public control body or a Client may conduct listening sessions as part of an audit.
    These recordings are retained for a maximum period of 6 months.

    EOS France's Mauritian subsidiary (EOS Mascarenes) may also access the recorded phone calls. This processing is governed by the signing of Standard Contractual Clauses (SCC). It is important to note that the recorded phone calls remain stored on servers located within the European Union.

Collection of Personal Data on the Website

  • When you access our website, the browser used on your device automatically sends information to the server of our website. This information is temporarily stored in a log file. The following information is collected without your intervention and retained until it is automatically deleted after 3 days:

    • IP address of the accessing computer,
    • Date and time of access,
    • Name and URL of the retrieved file,
    • Website from which access occurred (referrer URL),
    • Website retrieved from our website,
    • Your computer's browser and possibly its operating system, as well as the name of your internet service provider.
    The aforementioned data is processed by us for the following purposes:

    • To ensure a smooth connection to the website,
    • To provide comfortable use of our website,
    • To analyze the security and stability of the system, and
    • For other administrative purposes.
    The legal basis for processing the data is Article 6(1)(f) of the GDPR. Our legitimate interest arises from the purposes of the data collection mentioned above. We do not use the collected data to draw conclusions about you.

    Furthermore, we use cookies and analytical services when you visit our website. You will find more detailed information about this in sections 5 and 6 of this privacy policy.
  • You can reach us via the provided email addresses.

    If you contact us in this manner, the personal data transmitted through your message will be retained. The legal basis for processing the data for the purpose of contact is our legitimate interest in responding to your request (Article 6(1)(f) of the GDPR).

    If contact is established for the purpose of implementing a professional business relationship, the legal basis for this processing will be the execution of pre-contractual measures or the execution of the contract (Article 6(1)(b) of the GDPR).

    The personal data collected will be retained for the duration of the processing and will be deleted once the retention period is no longer necessary for the purpose of processing, in accordance with applicable data protection regulations.
  • The data collected is processed for the management and follow-up of your application and will be retained for a maximum period of 2 years unless you object.
  • Like most websites, we use cookies on our site to make your browsing experience as pleasant and efficient as possible. Cookies are small files created by the website and automatically stored in your device's browser (computer, tablet, smartphone, or other) during your visit. Cookies pose no risk to your device and do not contain viruses, Trojans, or any other malware. The data generated in connection with the specific device used is recorded in the cookie, but this does not mean that we are directly informed of your identity through this method.

    The use of cookies primarily aims to provide you with a more enjoyable experience. For example, we use "session cookies" to detect if you have already visited certain pages on our site. These cookies are automatically deleted when you leave our site.

    To improve the usability of the site and optimize user-friendliness, we also use temporary cookies, which are stored on your device for a specific duration. If you return to our site to use our services again, these cookies will automatically recognize that you have previously visited us. The entries and settings you made previously will be automatically recognized, and you will not need to enter them again.

    The cookies we use are divided into three categories: "Necessary," "Personalization," and "Marketing":

    • Necessary Cookies: These are essential for the proper functioning of the website. In particular, they enable the security features of our site. Without these cookies, certain parts of the site cannot function.
    • Personalization Cookies: These improve the functionalities of our site and facilitate your navigation. If you revisit our site to use our services, it will automatically recognize that you have previously visited us. The entries and settings you made previously will be automatically recognized, and you will not need to enter them again. For example, you will not have to enter your user data each time; the data you previously entered will be accessible during your next visit.
    • Marketing Cookies: These allow us to offer you personalized and relevant content based on your interests during your visit.
    The collection and processing of data through necessary cookies are necessary to safeguard the legitimate interests of our company, in accordance with Article 6(1)(f) of the GDPR, particularly for the proper functioning of the site.

    The collection and processing of data through personalization and marketing cookies are subject to obtaining your consent, in accordance with Article 6(1)(a) of the GDPR. These are carried out either for statistical purposes to improve user experience, to enhance the functionalities of our site and facilitate your navigation, or to offer personalized content and for marketing purposes. For these cookies, you can modify or withdraw your consent at any time by clicking on " Modify cookie settings " at the bottom of the site.

    For more information on cookies and their use, you can access our cookie policy here [link to cookie policy]. You can also consult the file from the National Commission on Informatics and Liberty at: www.cnil.fr.

    Cookie Management

    Most browsers automatically accept cookies. However, you can configure your browser to prevent cookies from being stored on your computer or to display a notification each time a new cookie is set. Each browser manages cookie settings differently; for each one, the procedure for modifying cookie settings is explained in the help menu. To configure cookies, you can click below on the link corresponding to the browser you are using:

    If you completely disable cookies, you may not be able to use all the features of our website.
  • The tracking measures we use allow us to ensure a user-centered design and continuous optimization of our website. We also use tracking measures to statistically record the use of our website and evaluate it to optimize our offerings. The purposes of data processing and the corresponding categories of data are indicated in the tracking tools mentioned in this section. The legal basis for this data processing is your consent in accordance with Article 6(1)(a) of the GDPR.

    Siteimprove Analytics: This website uses Siteimprove Analytics for the purposes described in the "Statistics" category. Siteimprove Analytics is a web analytics service provided by Siteimprove GmbH. Information is stored and processed by Siteimprove on servers located in Denmark. IP addresses are anonymized before the collected data can be accessed by EOS via Siteimprove Suite. It is not possible to reverse the anonymization of IP addresses or to attribute IP addresses to the collected data.
  • 1. Shariff

    We use Shariff buttons for social networks such as Facebook, Twitter, Google+, LinkedIn, and Xing on our website. These buttons are simple HTML links. The procedure we use corresponds to the framework of the Shariff solution. With the Shariff solution, a script extracts the number of clicks on, for example, the share button on a page. To do this, the script contacts the social network via APIs and retrieves the numbers. No personal data is transmitted during this process. Instead of your IP address, only the address of our server is sent to Facebook, Google, or Twitter. You are only directly connected to Facebook, Google, or Twitter if you take action. Before this action, the social networks cannot collect any data about you. As long as you do not click on a link to share content, you remain invisible to the networks. If you click on a link, the obligation to provide information about data collection and processing is no longer ours but that of the social network operator.

    2. YouTube

    Our website contains links to videos from YouTube LLC, 901 Cherry Ave, San Bruno, CA 94066, USA. If you visit a page on our website that contains such a video, a direct connection is established between your browser and the YouTube server once you activate the video. YouTube receives information that you have visited our website along with your IP address. If you click on the link to the video, your IP address will be transmitted to YouTube. We would like to draw your attention to the fact that as the provider of our website, we have no knowledge of the content of the data transmitted or their use by YouTube. For more information, please consult YouTube's privacy policy (https://www.youtube.com/).

Disclaimer

This website has been created with the utmost care, and we strive to keep the information published up to date. However, EOS cannot guarantee the accuracy and correctness of its content. Therefore, EOS disclaims any responsibility for damages arising directly or indirectly from the use of this website, unless they are due to verifiable malicious intent or gross negligence on the part of EOS. The use of the information contained on this site is solely the responsibility of the user.

EOS reserves the right to make any modifications to the site that it deems necessary, without prior notice, even if access to the site is consequently interrupted. The user acknowledges having verified that the computer configuration used does not contain any viruses and is in perfect working order. The user commits to using the services of the site and all information they may access solely for individual and private reasons.

Disclaimer Regarding Other Links

Our website contains hyperlinks that lead to other independent sites. We have selected these sites; however, EOS disclaims any responsibility for the content of these websites, which are developed by third parties and can be accessed through the proposed hyperlinks. Indeed, EOS has no influence over the design or content of the accessible pages or any tools that may be made available through the displayed links.

Therefore, EOS explicitly dissociates itself from these sites.

The possibility of establishing simple hyperlinks to the site www.eos-france.com is subject to prior approval from EOS. Any deep hyperlink or use of "framing" techniques (displaying a page within a frame on another site) is prohibited.

Data Security

During your visit to the website, we use the common SSL (Secure Socket Layer) method combined with the highest level of encryption supported by your browser. Generally, this is 256-bit encryption. If your browser does not support 256-bit encryption, we revert to 128-bit v3 technology. You can see that an individual webpage on our site is transmitted in encrypted form by the closed key or padlock symbol in the lower status bar of your browser.

We also take appropriate technical and organizational security measures to protect your data from accidental or intentional manipulation, partial or total loss, destruction, or unauthorized access by third parties. Our security measures are continually improved based on technological developments.

Privacy Notices of Other EOS Group Companies

This privacy notice does not apply to data processed by other companies in the EOS Group. This is also the case if these other EOS Group companies and their contacts are mentioned on our website and/or their services are presented on our website.

The other companies in the EOS Group will therefore provide separate privacy policies for specific data processing activities on a case-by-case basis.

Updates and Modifications to This Privacy Notice

This privacy notice is currently valid and was last updated in October 2024. It may be necessary to modify this privacy notice due to improvements made to our website and the offerings via our website or due to changes in legal or regulatory requirements.