Privacy Statement (EU)

This privacy statement was last updated on 10 March 2025 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.

In this privacy statement, we explain what we do with the data we obtain about you via https://www.tiama.com. We recommend you carefully read this statement. In our processing we comply with the requirements of privacy legislation. That means, among other things, that:

  • we clearly state the purposes for which we process personal data. We do this by means of this privacy statement;
  • we aim to limit our collection of personal data to only the personal data required for legitimate purposes;
  • we first request your explicit consent to process your personal data in cases requiring your consent;
  • we take appropriate security measures to protect your personal data and also require this from parties that process personal data on our behalf;
  • we respect your right to access your personal data or have it corrected or deleted, at your request.

If you have any questions, or want to know exactly what data we keep of you, please contact us.

1. Purpose, data and retention period

We may collect or receive personal information for a number of purposes connected with our business operations which may include the following:

1.1 Contact – Through phone, mail, email and/or webforms

For this purpose we use the following data:

  • A first and last name
  • An email address
  • A home or other physical address, including street name and name of a city or town and zip code
  • Phone number or fax number
  • Professional or employment-related information
  • Date of birth

The basis on which we may process these data is:

Upon the provision of consent, or our legitimate interest (management of client and prospect relationships).

Retention period

For clients, we retain this data during the commercial relationship, and then 3 years after its end.

For prospective clients, we retain this data for 3 years.

1.2 Newsletters

For this purpose we use the following data: 

  • A first and last name
  • An email address
  • Professional or employment-related information
  • A home or other physical address, including street name and name of a city or town

The basis on which we may process these data is: 

Upon the provision of consent, or our legitimate interest (management of client and prospect relationships).

Retention period

We retain this data until the service is terminated.

1.3 Compiling and analyzing statistics for website improvement

For this purpose we use the following data:

  • IP Address

The basis on which we may process these data is: 

Upon the provision of consent, or legitimate interest in the proper functioning of the website, its optimization, and its security.

Retention period

We retain this data for 12 months.

1.4 Job application

For this purpose we use the following data:

  • A first and last name
  • An email address
  • Education information
  • CV and letter of motivation

The basis on which we may process these data is:

Upon the provision of consent.

Retention period

We retain this data as necessary for the recruiting process, or for our legitimate interest in establishing a CV database.

1.5 Management of disputes and litigation

The basis on which we may process these data is:

Legitimate interest in defending our interests in court and preparing our defense in litigation proceedings.

Retention period

For the duration of the complaint, then retention in accordance with the applicable statutory limitation periods, calculated from the date the complaint is resolved; or, in the event of legal action: retention of the data for the duration of the proceedings until full enforcement of the court decision or the settlement agreement.

1.6 Compliance with applicable laws, court orders, other legal proceedings, or the requirements of any authority

The basis on which we may process these data is: 

Legal obligation.

Retention period

For the period provided for by the applicable law or by the relevant judicial or administrative decision.

2. Sharing with other parties

We only share or disclose this data to processors for the following purposes:

3. Cookies

Our website uses cookies. For more information about cookies, please refer to our Cookie Policy.

4. Disclosure practices

We share personal data with our affiliates within the Kestrel Vision group to improve your experience by offering you tailored content, personalized offers and services, as well as communications that better match your expectations, and to enable us to understand your preferences and purchase history of our products and services, in order to also improve their visibility, accessibility, and performance.

Our duly authorized staff who need to access your data in the course of their duties in relation to the purposes described here may have access to your personal data. Our service providers or external advisors (lawyers, auditors, etc.) may also have access to your personal data.

We disclose personal information if we are required by law or by a court order, in response to a law enforcement agency, to the extent permitted under other provisions of law, to provide information, or for an investigation on a matter related to public safety.

If our website or organisation is taken over, sold, or involved in a merger or acquisition, your details may be disclosed to our advisers and any prospective purchasers and will be passed on to the new owners.

We have concluded a data Processing Agreement with Google.

Google may not use the data for any other Google services.

The inclusion of full IP addresses is blocked by us.

5. Security

We are committed to the security of personal data. We take appropriate security measures to limit abuse of and unauthorised access to personal data. This ensures that only the necessary persons have access to your data, that access to the data is protected, and that our security measures are regularly reviewed.

6. Third-party websites

This privacy statement does not apply to third-party websites connected by links on our website. We cannot guarantee that these third parties handle your personal data in a reliable or secure manner. We recommend you read the privacy statements of these websites prior to making use of these websites.

7. Amendments to this privacy statement

We reserve the right to make amendments to this privacy statement. It is recommended that you consult this privacy statement regularly in order to be aware of any changes. In addition, we will actively inform you wherever possible.

8. Accessing and modifying your data

If you have any questions or want to know which personal data we have about you, please contact us. You can contact us by using the information below. You have the following rights:

  • You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
  • Right of access: You have the right to access your personal data that is known to us.
  • Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
  • If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
  • Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
  • Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.

Please make sure to always clearly state who you are, so that we can be certain that we do not modify or delete any data of the wrong person.

9. Submitting a complaint

You are also entitled to lodge a complaint with the competent supervisory authority regarding the processing of your data. In France, the supervisory authority for the protection of personal data is the CNIL (www.cnil.fr).

10. Data processing outside of the European Union

Our processors may transfer your personal data outside the European Union. In the absence of an adequacy decision by the European Commission under Article 45 of the GDPR, any such transfer will be governed by appropriate transfer mechanisms under Article 46 et seq. of the GDPR (such as standard contractual clauses adopted by the European Commission).

11. Contact details

TIAMA SAS
215 Chemin du Grand Revoyet – 69230 Saint-Genis-Laval
France
Website: https://www.tiama.com
Email: marketing@tiama.com
Phone number: +334 37 20 15 00

DPO: rgpd@kestrel-vision.com