Personal data protection policy

In order to preserve a relationship based on trust and transparency, Cabinet Pierrat (“the Firm”) wishes, in this Policy, to answer questions that its clients, candidates wishing to join the Firm and all users of its website may have about the protection of their personal data.

This Policy has been drafted in accordance with applicable law, and in particular with the General Data Protection Regulation (GDPR) of 27 April 2016, which entered into force on 25 May 2018.

Cabinet Pierrat is available at to provide any clarification that would be required regarding its privacy policy.

Data collection:

Cabinet Pierrat collects and processes personal data that are necessary for its activity.

“Personal data” is any information that can be used to identify, directly or indirectly, a person. For example, the names and contact details of the Firm’s clients, the CVs and cover letters sent by candidates wishing to join the Firm, or the content of messages sent to the Firm by any users of its website, are personal data.

The Firm therefore only collects data that is specifically transmitted to it, for the following purposes:

To deal with issues that have been entrusted to it by its clients: this processing is essential to the conclusion and execution of the contract concluded between the Firm and each of its clients. This data is kept for the applicable limitation period;

To process the applications of persons applying to the Firm: this processing is necessary for the potential conclusion of a contract between the Firm and the candidate. The Firm keeps the CVs of candidates for up to two years after the last contact occurred with them;

To answer persons who contact the Firm for various reasons: this processing is in the legitimate interest pursued by the person who contacted the Firm. The Firm keeps the data (name, e-mail address, any information in the contact message) up to three years after the last contact occurred.

The Firm informs the users of its website by an asterisk (*) of the information of which the provision is essential to the processing of their request.

The Firm also uses cookies on its website, but they do not identify a particular Internet user:

_ga and _gid cookies make it possible for the Firm to know how many people use its website;

The _gat cookie is used to prevent “denial of service” attacks that may be initiated against the website.

At last, the Firm’s website contains social network “buttons” that allow direct access to the firm’s Facebook, LinkedIn or Twitter pages; but these are mere links. By clicking on these “buttons”, the website user does not register on these pages; in a more general way, the Firm cannot identify him/her and then follow him/her in his/her navigation on the Internet.

Data processing:

The personal data collected is protected by professional secrecy, which is an ethical obligation for the Firm.

As far as possible, only the Firm has access to the personal data collected.

However, the Firm sometimes has to call on service providers and give them access to some data: the Firm’s accountant or the company hosting its website in particular. Only data that is essential for these third parties to carry out the tasks entrusted to them by the Firm is transmitted to them.

In addition, the Firm has taken all necessary measures to ensure that service providers with access to personal data are subject to extremely strict obligations, in particular in terms of confidentiality and security (technical as well as organisational), in accordance with Article 28 of the GDPR. In particular, the data collected by the Firm is hosted in France.

The data collected by the Firm is kept only for as long as necessary for the purposes for which they are processed. Beyond this period, this data is either irretrievably anonymized or erased.

Data security:

Pierrat & Associés implements the technical and organisational measures necessary to protect the personal data collected, in particular against the risks of destruction, loss, alteration and unauthorised disclosure or access.

The rights of data subjects:

Any person entrusting his/her data to the Firm is entitled to the following rights:

  • Right to access his/her data;
  • Right to rectify incorrect information;
  • Right to request the deletion of data concerning him/her, in certain cases;
  • Right to request the limitation of certain processing operations;
  • Right to object, for legitimate reasons, to the processing of his/her data, and in particular to its processing for commercial purposes;
  • If the processing of the data is based solely on the consent of the person, the right to withdraw his/her consent at any time;
  • Right to define guidelines for the storage, communication or erasure of data after his/her death.

Contact us:

Cabinet Pierrat is at the disposal of data subjects to provide details on the processing of the data collected and to implement the rights of persons who request it.

The Firm can be contacted at or at the following mailing address: CABINET PIERRAT & ASSOCIES – 91, boulevard Raspail – 75006 Paris.

In accordance with the recommendations of the CNIL, any request that aims at obtaining the implementation of the rights of the data subject must mention the full name of the data subject and be accompanied by a signed copy of an identity document.

If the data subject is not satisfied with the way the Firm handles his/her data or with the Firm’s answers to his/her questions on this subject, he/she may file a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés) on its website