PRIVACY - CARRHURE

GLOBAL PRIVACY POLICY

Last Updated: April 2025

CARRHURE, 12-14 Rond-Point des Champs-Elysées, 75008 Paris, France, RCS : 750 516 114, APE Code : 7022Z

CARRHURE attaches the utmost importance to protecting the personal data of its customers and prospects and to complying with the regulations in force.

This privacy policy informs you of our commitments and the measures we have put in place to guarantee the integrity, security, confidentiality and protection of your personal data, processed as part of our business, in compliance with the rules set out in the European Data Protection Regulation (RGPD), the French Data Protection Act (LIL) and the French Law for Confidence in the Digital Economy (LCEN).

The entity that collects and processes your personal data is CARRHURE, SARL with a share capital of €43,000, headquartered at 12-14, 12 Rond-point des Champs Elysées-Marcel Dassault, 75008 PARIS, represented by Aurée de Carbon, manager.

You can contact us at the following address: contact@carrhure.com

The personal data we process

CARRHURE collects and processes the following categories of data in connection with the processing operations we carry out:

Personal identification data (surname, first name, address, telephone number(s), etc.)
Professional identification data (surname, first name, job title, e-mail address)
Professional data (profession, SIRET number, income, etc.)
Payment information (bank details, IBAN, card accounts)
Transaction data (dates, invoices, contracts, history of services used)
Connection data (IP address, connection logs, duration, history)
Browsing data (unique identifier, browsing statistics, behavioral data).
Identity data (passport, NIR, etc.)
Sensitive data (criminal record data)

Legal basis, purposes and retention periods of data processing operations

In accordance with the RGPD, personal data collected by the CARRHURE company will be used for the fulfillment of the purposes for which they were collected and for a retention period detailed in the table below:

Purpose	Legal basis	Shelf life
Provision of recruitment services and background checks	Contract performance	5 years from end of contract
Referencing candidates in a database (CV-thèque)	Consent	2 years after last contact
Skills and background check	Consent	For the duration of the contractual relationship
Customer relationship management	Contract performance	5 years from end of contract
Communication with candidates	Legitimate interest	2 years after last contact
Managing information requests	Legitimate interest	Processing time
Accounting and billing	Contract performance	10 years from end of contract
Managing entitlement requests	Legal obligation	5 years from end of request
Commercial prospecting	Legitimate interest	Duration of prospecting or until withdrawal of consent
Recruitment	Legitimate interest	2 years after last contact
Newsletter	Consent	Until unsubscribed

Once the specified retention periods have been reached, your data will be deleted from all CARRHURE servers.

For more information on the cookies used by CARRHURE, please refer to our cookies policy.

Mandatory or optional nature of data collection and consequences of failure to provide data

When we collect your personal data, we inform you whether certain information is mandatory or optional.

Compulsory data are necessary for the operation of our services and the proper execution of the contract and will be indicated to you. If a compulsory data field is not provided, CARRHURE will not be able to provide its services.

Optional data are those that you may choose to provide to improve your user experience (e.g. communication preferences). Failure to provide this data will not affect the performance of the contract or the provision of the service, but may limit the personalization of our offer.

Recipients of personal data

The personal data we process is only used for pre-determined purposes, which are necessary for the provision of our services, linked to our activity.

We have access to your personal data:

Company employees according to defined internal authorization policies.
Our subcontractors, i.e. all digital or other service providers who process your data for specific purposes: invoicing tools, remote payment software, etc.
Authorized subcontractors.
Public bodies and supervisory and regulatory bodies, at their request or to meet our legal obligations, as well as judicial authorities, court officers in legal proceedings, ministerial officers and debt collection agencies.

Your data will also be shared with auditing bodies (such as the statutory auditor).

International transfers

Some of your data may be transferred to companies outside the European Union or a country in line with the European Union.

In this case :

Where data is transferred to a country whose level of data protection has not been recognized as adequate in the RGPD, such transfers are based on appropriate safeguards indicated in Article 46 of the RGPD, tailored to each service provider, in particular through the conclusion of standard contractual clauses approved by the European Commission.

Your data rights

Under data protection regulations, you have rights including:

Right of access

You have the right to request information about the nature of the processing carried out, the origin or type of data collected, as well as copies of all the information we hold about you.

Right to rectification

You have the right to request rectification of any information that you consider to be inaccurate. You also have the right to ask us to complete any information that you consider incomplete.

Right to erasure, right to oblivion

You have the right to ask us to delete your personal data in certain specific situations.

In cases where your data is processed on the basis of your consent or CARRHURE’s legitimate interest, you have the right to obtain the early deletion of your data. To exercise this right, simply inform us of your wish to withdraw your consent or exercise your right to object to the processing of your data.

If you do not exercise this right, your data will be automatically deleted on expiry of the aforementioned retention period.

Right to limitation

This right offers you the possibility of suspending the processing of your data after you have submitted a request for rectification, for example. If you have concerns about the lawfulness of any of our processing operations, this right enables you to ask our staff to stop processing your data, without deleting it. Furthermore, if you wish to take legal action to assert, exercise or defend your rights, this right also allows you to “freeze” your personal data.

Right to object

You have the right to object to the processing of your personal data in certain circumstances.

The right to object allows you to refuse to be, or no longer to be, included in a data processing operation.

Users may object to any processing of their personal data and request its deletion, unless the company can demonstrate a legitimate and compelling reason for such processing or that such processing is necessary for the establishment, exercise or defense of legal claims.

With respect to direct marketing solicitations that the user receives from CARRHURE, it is possible for the user to go back on the consent that he has given in order to no longer receive solicitations.

This right can be exercised at any time and will be reminded to you in the messages you receive from CARRHURE.

Right to data portability

This right gives you the possibility of requesting access to your personal data, provided that this data is processed on the basis of your consent or as part of a contractual relationship. This data will be provided to you in a technically usable format, whether by you or by an entity other than CARRHURE.

How to exercise your rights

To exercise your rights, please go to the following page: https://monexpertrgpd.com/exercice-des-droits/?client=CARRHURE

If you have any questions about the protection of personal data, please contact our Data Protection Officer (DPO):

Name: Mon Expert RGPD
E-mail: conformite@monexpertrgpd.com

Complaints to the CNIL

If, after contacting us, you feel that your rights with regard to your data have not been respected, you may lodge a complaint with the CNIL.

Effective date

We reserve the right to modify all or part of the present charter at any time.

This version of the CARRHURE privacy policy became effective on April 3, 2025.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.