Efma, a certified association under French law, commercially using the tradename Qorus, its subsidiaries and affiliates respect your privacy and are committed to protecting it through our compliance with this policy and any and all applicable laws, rules, and regulations including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).
In the following, we provide an overview of what information we collect when you visit our websites, how this data is used and when we share it with third party.
Although many areas of our websites do not require registration and may be accessed without having to disclose any Personal Data other than cookies as described hereinafter, we may ask you for certain kinds of Personal Data when creating a personal Qorus account.
Qorus collects some personal information from individuals in order to deliver services to its members and non-members (such as banks, insurance companies, academic institutions and research centers, consulting companies, IT companies, fintech, and nonprofit associations) and to other companies.
Personal Data is data relating to your identity. This includes, for example, particulars such as your name, mailing address, telephone number, user name and password and email address.
The Qorus account creation is needed to receive information from Qorus, vote at Qorus awards, submit an innovation, access to the portals’ libraries, other specific features from portals, register at Qorus events, download an Qorus report, read some exclusive news and other types of content. To create an account, user has to go to https://www.Qorusglobal.com or any other Qorus portal (innovation in banking portal, innovation in insurance portal, FinTechVisor portal). Your ID and password are required to access to the exclusive section of these sites.
Your Personal Data is processed in accordance with French and European data protection regulations.
We have taken technical and organizational security measures to protect your Personal Data from loss, destruction, manipulation and unauthorized access. All our employees and any third parties involved in data processing must comply with the EU General Data Protection Regulation (GDPR) and the confidential handling of personal data. Our security measures are regularly updated in accordance with technological developments.
2. The processing of data on our websites
a) Purposes of the processing of Personal Data
Qorus collects some personal information from individuals in order to deliver services to its members and non-members (such as banks, insurance companies, academic institutions and research centers, consulting companies, IT companies, fintech, non-profit associations) and to other companies.
Information that Qorus stores is aimed to deliver our mission: invite individual to events about financial services, confirm registration to events and send user guides, invoice individuals who have purchased specific services (conference fee for instance), connect members to members, send news about finance, inform about new reports, offer trainings about financial and IT topics, provide insights from the community, inform about Qorus. Qorus stores your Qorus usage, preferences and web navigation on Qorus websites in order to improve your online experience, suggest reports, other content and services that are relevant to you.
The abovementioned Personal Data will not be retained by Qorus for longer than necessary in accordance with applicable laws. In any case, our policy is to remove all inactive contacts after 3 (three) years of no contact. An email is sent to the inactive contact to ensure the contact doesn’t exist anymore or doesn’t reply. If no reply within two weeks, Qorus removes all information about this individual from its database.
b) Data transmission and recording for statistical purposes
Your internet browser transmits data to our web server when you access our websites. The data collected includes the date and time of access, URL of the referring website, name of the accessed file, browser type and version, operating system and IP address ("access data"). Access data is stored separately from other data you enter when using our website. It is not possible for us to allocate access data to a particular person. Access data is evaluated for statistical purposes and deleted after 6 (six) weeks at the latest.
c) Payment information
Registration forms that include credit cards numbers are destroyed after performance of the corresponding obligation.
Online payment is secured: SSL protocol.The provider of our online payment solution is STRIPE, which general terms and conditions are accessible here.
The content of a permanent cookie is limited to an identification number. Name, IP address or other information regarding your true identity are not stored, and we do not set up any individual profiles regarding your pattern of use. Permanent cookies are automatically deleted. Storage duration varies depending on the cookie. You may delete permanent cookies at any time under the security settings of your web browser.
Below is an overview of the types of cookies we may use:
Necessary & Functional cookies. Some cookies are strictly necessary to make our services available to you. For example, to provide the login functionality and to remember your consent and privacy choices. We cannot provide you with the services without these types of cookies.
We may also work with third-party advertising partners to show you ads about Qorus, its subsidiaries and affiliates, as well as assist us with data collection, reporting, ad-response measurement, analytical information, and delivery of marketing messages and advertisements. To do so, we and our advertising partners may place and access cookies through our Site and otherwise collect or access Personal Data collected over time and across different online services.
3. Control of Personal Information and Opt-Out
Once you subscribed to Qorus’s newsletter or logged in your user account on our websites, as part of your professional activity, you will receive from Qorus email communications concerning financial services, such as newsletter or Qorus communication.
You may opt out of receiving email communications anytime by following the instructions provided at the bottom of each email, clicking the “unsubscribe” button at the bottom of emails we sent you; and/or by managing your preferences of our Qorus account profile on https://www.Qorusglobal.com, and/or by emailing us at privacy@Qorusglobal.com. Opting out of receiving communications will not prevent you from using Qorus’s websites and portals.
4. Access to and disclosure of Personal Data
Qorus doesn’t sell or resell any Personal Data. We share your Personal Data with Qorus partners (associate members or sponsors) only if the individual user has accepted the Qorus data policy and confirmed he/she allows Qorus to share personal data with third parties.
Qorus might disclose the access to Personal Data you transmit through the websites to the following categories of recipients:
- Affiliated companies and subsidiaries of Qorus
- Partners as described in section 5 hereinafter
- Several service providers which are instructed in connection with the performance of contractual obligations, such as hosting companies, subprocessors or marketing teams. Service providers include, but are not limited to:
- Stripe (payment services provider)
- HubSpot (contact information storage)
Those public or private bodies to which we have to disclose Personal Data to meet a statutory obligation.
We provide these companies only with the information they need to perform their services. We require that these recipients agree to keep all information shared with them confidential and to use the information only to perform their obligations to us.
In any case, any and each recipients of Personal Data must comply with GDPR requirements and take all necessary technical and organizational measures to perform processing in accordance with the regulation.
We also intend to transfer your personal data to recipients in third countries. Third countries are countries outside of the European Union or the European Economic Area where it is not always possible to assume that the level of data protection is comparable to that of the European Union.
Before any such data transfer we ensure that the required level of data protection is ensured in the third country concerned or at the recipient in the third country. This make the form of an “adequacy decision” of the European Commission which ensures that an adequate level of data protection has been ascertained overall for a certain third country. Alternatively, we can also transfer data on the basis of “EU standard contractual clauses”.
5. Qorus partners
Our partners are selected by Qorus and recognized for their value in financial services.
a) Qorus events
b) Co-branded reports and webinars
Co-branded reports and webinars that are a common initiative from Qorus and an Associate Member (selected Qorus’s partner: called Associate Members) can be accessed after identification of the user. In that case, Name, First Name, Job Titles and Company names will be shared with the co-organizer or co-publisher (exclusive Member).
c) Qorus portals
Qorus has created dedicated portals and specific initiatives with few selected partners to bring more services to Qorus members about financial services like the Qorus banking innovation portal (called DMI), the Qorus innovation in insurance portal, the FinTechVisor portal.
Portals that are jointly managed by Qorus and a selected Qorus’s partner are common initiatives and can be accessed after identification of the user. In that case, Qorus and Qorus’s partner are joint controllers of the Personal Data provided by the user.
6. Security of your Personal Data
We use physical, organizational, and technical safeguards that are designed to improve the integrity and security of Personal Data that we process.
a) Security of your Qorus account
Any individual can create an Qorus account by providing professional information and a password. It enables any user to access Qorus services that require this account information. User ID is the user professional email address. Password created by the user must be more than 6 (six) characters long and should contain at least 1 (one) uppercase, 1 (one) lowercase, 1 (one) numeric and 1 (one) special character. The password is encrypted and Qorus doesn’t store it on its database. No one, even the user nor any Qorus employee, can retrieve passwords. If the password is forgotten by the user, he or she needs to create and submit a new one and activate the account by clicking on the link contained in the received email.
b) Other security measures
Personal Data are hosted by:
- DigitalOcean (for web data), 101 Avenue of the Americas (Grand St.), New York, NY 10013, United States. https://www.digitalocean.com/about
- Hubspot (for CRM data).
25 First Street, 2nd Floor, Cambridge, MA 02141, United States
Qorus makes sure to implement all necessary security measures relating to the Personal Data processed, as required by applicable rules.
7. Your rights when your Personal Data is processed
You have a permanent right of access, rectification, opposition, erasure, restriction and portability to all your Personal Data, in accordance with the Data Protection Legislation.
If you have given us your consent, you also have the right to revoke your consent at any time with effect for the future.
You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation.
In such cases Qorus will no longer process your personal data unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.
8. Contact information
If you have any further questions relating to data protection and the processing of your Personal Data, you can exercise your rights, by e-mailing privacy@Qorusglobal.com or with a detailed request.
Qorus’s Data Privacy Officer (DPO) is Céline Ristors. She can be contacted at the following address:
Phone number: +33 1 47 42 52 72
You also have a right to lodge a complaint with a supervisory authority, such as the CNIL, if you consider that any processing of your Personal Data infringes the requirements of Data Protection Legislation.