Privacy policy

Efma, a certified association under French law, its subsidiaries and affiliates respect your privacy and are committed to protecting it through our compliance with this policy and any and all applicable laws, rules, and regulations including the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

In the following, we provide an overview of what information we collect when you visit our websites, how this data is used and when we share it with third party.

1. General

By accessing Efma websites, you acknowledge this Privacy Policy and agree to be bound by the terms hereof and the terms of use set forth on our websites. If there is anything you do not understand please email any inquiry to privacy@efma.com. If at any time you do not agree to this Privacy Policy, you may not use the websites.

Although many areas of our websites do not require registration and may be accessed without having to disclose any Personal Data other than cookies as described hereinafter, we may ask you for certain kinds of Personal Data when creating a personal Efma account.

Efma collects some personal information from individuals in order to deliver services to its members and non-members (banks, insurance companies, academic institutions and research centers, consulting companies, IT companies, fintech, and nonprofit associations) and to other companies.

Personal data is data relating to your identity. This includes, for example, particulars such as your name, mailing address, telephone number, user name and password and email address.

The Efma account creation is needed to receive information from Efma, vote at Efma awards, submit an innovation, access to the portals libraries, other specific features from portals, register at Efma events, download an Efma report, read some exclusive news and other types of content. To create an account, user has to go to www.efma.com or any other Efma portal (innovation in banking portal, innovation in insurance portal, FinTechVisor portal). Your ID and password are required to access to the exclusive section of these sites.

Your personal data is processed in accordance with French and European data protection regulations.

We have taken technical and organizational security measures to protect your personal data from loss, destruction, manipulation and unauthorized access. All our employees and any third parties involved in data processing must comply with the EU General Data Protection Regulation (GDPR) and the confidential handling of personal data. Our security measures are regularly updated in accordance with technological developments.

2. The processing of data on our websites

a) Purposes of the processing of Personal Data

Efma collects some personal information from individuals in order to deliver services to its members and non members (banks, insurance companies, academic institutions and research centers, consulting companies, IT companies, fintech, non profit associations) and to other companies.

Information that Efma stores is aimed to deliver our mission: invite individual to events about financial services, confirm registration to events and send user guides, invoice individuals who have purchased specific services (conference fee, learning expedition fee…), connect members to members, send news about finance, inform about new reports, offer trainings about financial and IT topics, provide insights from the community, inform about Efma. Efma stores your Efma usage, preferences and web navigation on Efma websites in order to improve your online experience, ,suggest reports, other content and services that are relevant to you.

The above mentioned Personal Data will not be retained by Efma for longer than necessary in accordance with applicable laws. In any case, our policy is to remove all inactive contacts after 3 (three) years of no contact. An email is sent to the inactive contact to ensure the contact doesn’t exist anymore or doesn’t reply. If no reply within two weeks, Efma removes all information about this individual from its database.

b) Data transmission and recording for statistical purposes

Your internet browser transmits data to our web server when you access our websites. The data collected includes the date and time of access, URL of the referring website, name of the accessed file, browser type and version, operating system and IP address ("access data"). Access data is stored separately from other data you enter when using our website. Access data is evaluated for statistical purposes

c) Payment information

Registration forms that include credit cards numbers are destroyed after performance of the corresponding obligation.

Online payment is secured: SSL protocol.

d) Cookies

Depending on your browser settings, we use cookies to collect information on how you use our websites. Cookies are small text files which are stored on your computer when you visit our website. Cookies help us to determine how often our website is used and by how many users. It also makes it as convenient and efficient as possible for you to use our website. We use session cookies which are temporarily stored while you use one of our websites as well as permanent cookies to store information about computers which repeatedly access our website. This enables us to provide you with optimum user guidance and to "recognize" you when you return to our websites so that we can offer you maximum variety and new content. We use permanent cookies to record the number of times you visit our websites, the amount of time you spend on our websites, start and end of use and your interest in our services.

The content of a permanent cookie is limited to an identification number. Name, IP address or other information regarding your true identity are not stored, and we do not set up any individual profiles regarding your pattern of use. Permanent cookies are automatically deleted. Storage duration varies depending on the cookie. You may delete permanent cookies at any time under the security settings of your web browser.

2. The processing of data on our websites

Once you logged in your user account on our websites, as part of your professional activity, you will receive from Efma email communications concerning financial services, such as newsletter or Efma communication.

You may opt out of receiving email communications anytime by following the instructions provided at the bottom of each email, clicking the “unsubscribe” button at the bottom of emails we sent you; and/or by managing your preferences of our Efma account profile on www.efma.com, and/or by emailing us at privacy@efma.com. Opting out of receiving communications will not prevent you from using Efma’s websites and portals.

4. Access to and disclosure of Personal Data

Efma doesn’t sell or resell any Personal Data. We share your Personal Data with Efma partners (associate members or sponsors) only if the individual user has accepted the Efma data policy and confirm he/she allows Efma to share personal data with third parties.

Efma might disclose the access to Personal Data you transmit through the websites to the following categories of recipients:

  • Affiliated companies and subsidiaries of Efma
  • Partners as described in section 5 hereinafter
  • Several service providers which are instructed in connection with the performance of contractual obligations, such as hosting companies, subprocessors or marketing teams.
  • Those public or private bodies to which we have to disclose Personal Data to meet a statutory obligation.

We provide these companies only with the information they need to perform their services. We require that these recipients agree to keep all information shared with them confidential and to use the information only to perform their obligations to us.

In any case, any and each recipients of Personal Data must comply with GDPR requirements and take all necessary technical and organizational measures to perform processing in accordance with the regulation.

5. Efma partners

Our partners are selected by Efma and recognized for their value in financial services.

a) Efma events

Registration process to Efma events requires agreeing to our data privacy policy. This includes that registered individuals agree to share their name, picture, job title and company name with other registered persons of the same event. No contact details are accessible neither transmitted to sponsors. Efma will not communicate names, job titles and company names and any contact information to sponsors of the event if the individual has opted out the option to share his/her personal information with partners when identifying him/herself on efma.com or from his/her profile (MyEfma)

b) Co-branded reports, webinars and roadshows:

Co-branded reports, webinars and roadshows that are a common initiative from Efma and an Associate Member (selected Efma’s partner: called Associate Members) can be accessed after identification of the user. In that case, the individual can opt out the share of personal contact details with the partners or modify his/her profile options. However, Name, First Name, Job Titles and Compagny names will be shared with the co-organizer or co-publisher (exclusive Associate Member).

c) Efma portals:

Efma has created dedicated portals and specific initiatives with few selected partners to bring more services to Efma members about financial services like the Efma banking innovation portal (called DMI), the Efma innovation in insurance portal, the FinTechVisor portal.
Portals that are Efma and an Associate Member (selected Efma’s partner) that are common initiatives, can be accessed after identification of the user. In that case, the individual can opt out the sharing of contact details with the partners or modify his/her profile. However, names, job titles and company names will be shared with the exclusive partner of the initiative.

d) Clubs and exclusive Forums

By coming to Efma Club and Banking Forum Asia, you allow Efma to share personal information but no contact details with our partner.

For more information about these specific initiatives and our ecosystem of partners in Financial services, please visit: https://www.efma.com/partner/associate

6. Security of your Personal Data

a) Security of your Efma account

Any individual can create an Efma account by providing professional information and a password. It enables any user to access Efma services that require this account information. User ID is the user professional email address. Password is minimum 3 characters created by the user. The password is encrypted and Efma doesn’t store it on its database. No one, even the user nor any Efma employee, can retrieve passwords. If the password is forgotten by the user, he or she needs to create and submit a new one and activate the account by clicking on the link contained in the received email.

b) Other security measures

Personal Data are stored at Efma’s facilities protected by a firewall Juniper SSG 410.

Our data set is hosted on Mediactive which provide a high security data storage environment and includes a firewall Juniper SRX 240. Our servers run Symantec Endpoint Protection to ensure a safe environment (anti-virus and Anti-malware).

In order to prevent external attack through our desktops, Efma runs Kaspersky Endpoint Security 10 on each desktop.

6. Security of your Personal Data

You have a permanent right of access, rectification, opposition, erasure, restriction and portability to all your Personal Data, in accordance with the Data Protection Legislation.

If you have given us your consent, you also have the right to revoke your consent at any time with effect for the future.

You are entitled to assert the above-mentioned rights against us, e.g. by notifying us via one of the methods of contact listed at the end of this Privacy policy.

You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation.

In such cases Efma will no longer process your personal data unless it can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims.

8. Contact information

If you have any further questions relating to data protection and the processing of your Personal Data, you can exercise your rights, by e-mailing privacy@efma.com or with a detailed request.

Efma’s Data Privacy Officer (DPO) is Céline Ristors. She can be contacted at the following address:

Email: privacy@efma.com

Phone number: +33 1 47 42 52 72

You also have a right to lodge a complaint with a supervisory authority, such as the CNIL, if you consider that any processing of your Personal Data infringes the requirements of Data Protection Legislation.