privacy policy

Privacy Notice

As a global leader in consulting, technology services and digital transformation, Capgemini is at the forefront of innovation leveraging cloud, data, AI connectivity, software, digital engineering, and platforms to address the entire breadth of our clients’ needs. From advancing the digital consumer experience, to accelerating intelligent industry and transforming enterprise efficiency, we help our clients define the right path forward to a better future.

Capgemini is committed to protecting all personal data entrusted to it as part of its activities. We are committed to fostering transparency on how we collect and further process personal data.

Introduction

The aim of this Privacy Notice is to provide you with all the relevant information regarding the collection and further processing of your personal data by Capgemini.

In particular, in relation to the collection and processing of information which may result from your use of the Sogeti website – www.sogeti.fi (hereinafter, “the website”).

Capgemini Services SAS, as the group’s parent company and other entities of the group (hereinafter, “we”, “us”, “our” or “Capgemini”) may collect and process your personal data as a data controller.

Why is Capgemini processing your personal data?

Although your visiting our website will not necessarily result in the collection and/or further processing of your personal data, accessing parts of the website and/or requesting specific information may lead to such processing.

Depending on the purpose for which Capgemini collects or further processes your personal data, it shall either rely on your consent or on its legitimate interest. Please find below the main purposes for which Capgemini shall collect and/or further process your personal data:

Purpose

Legal basis

To answer any request, query, or inquiry you may submit through a contact form

Your consent

To enable the use of cookies and/or other trackers – provided you agreed to it – and subject to the terms and conditions detailed under the Cookies Policy

To allow you to register to an event or webinar

To allow you to subscribe to a newsletter

To allow you to download reports, articles, or other documents

To conduct customer satisfaction surveys

To allow you to submit a job application

For marketing purposes, to share information regarding Capgemini Group’s offerings with you

Your consent or Capgemini Group’s legitimate interest to share and promote its offerings

 

How long will Capgemini keep your data?

Capgemini shall keep your personal data for no longer than is necessary for the purpose(s) for which they were first collected. Capgemini shall determine the appropriate retention period considering the purpose(s) of the processing and the relevant applicable legal requirements.

This means that the retention period may be defined differently depending on the purpose(s) pursued by the processing and the local requirements, considering specific legal obligations.

In any case, and as described below, you can exercise your rights to access your personal data, object to the processing of your personal data, or ask that your personal data be rectified or deleted.

Who has access to your personal data?

  1. With other entities of the group

Capgemini is a global organization, as such, several entities of the group may access and further process your personal data. However, such access will always be strictly limited to the relevant stakeholder(s) both from a functional and geographical scope.

Please note that all processing activities carried out by Capgemini, including any cross-border transfers of personal data shall be covered and framed by Capgemini’s Binding Corporate Rules (BCR).  Capgemini BCR include both its EU and UK BCR.

Capgemini’s EU BCR where first approved the European Data Protection Authorities back in March 2016 and subsequently updated in January 2019 to comply with the General Data Protection Regulation (GDPR). Capgemini EU BCR where most recently updated in April 2023, to align with additional obligations regarding data transfers. As Capgemini’s Group Data Protection Policy, Capgemini’s BCR are legally binding on all Capgemini entities and their employees and provide a strong standard of protection to all personal data processed by Capgemini on its own behalf and on behalf of its clients.

  1. With third parties

Capgemini may share your personal data with third parties from time to time and only where strictly necessary. Where Capgemini shares your personal data with any third party, it shall do so in compliance with any applicable data protection legislation. Where any cross-border transfers of personal data are involved, such transfers shall be framed by the appropriate data transfer mechanism(s). In particular, where GDPR applies, Capgemini shall enter into Standard Contractual Clauses (SCC) approved by the European Commission to frame cross-border data transfers to countries which do not benefit from an adequacy decision by the European Commission.

  1. With judicial, public and/or law enforcement authorities

We may also be required – by law, legal process, litigation, and/or requests from public and/or law enforcement authorities – to disclose your personal data.  Please note that any such disclosure shall only occur after Capgemini has carefully assessed and ascertained the legality and legitimacy of the request, as provided under our internal policies.

Should you have any question or require further information on whether or why Capgemini may share and/or transfer your personal data, please reach out to our Data Protection Officer(s) using the contact form available below.

What are your rights and how can you exercise them?

You can request access to, rectification or deletion of your personal data. You may also object to the processing of your personal data, or request that such processing be restricted. In addition, you may ask for the communication of your personal data in a structured, commonly used and machine-readable format.

You may at any time withdraw any consent you have given us, but kindly note that doing so will not affect the lawfulness of the processing prior to the withdrawal of consent.

If you wish to exercise any of these rights and/or if you have any question or request related to the processing of your personal data, please reach out to our DPO using our dedicated contact form. Please include all relevant information allowing us to best address your question/request.

Please note that you also have the right to lodge a complaint with the competent data protection authority.

Third-party websites

Capgemini websites may feature links to third-party websites. Capgemini does not make any representations or warranties with respect to such third-party websites. You should be aware that the owners and operators of such third-party websites might collect, use, or transfer your personal data under different terms and conditions than Capgemini. Therefore, we invite you to carefully review any such third-party website’s Privacy Notice, Terms of Use and/or other documentation.

Notification of changes to this Policy

This Notice was last updated In February 2024. Please note that we may periodically change this Notice to keep pace with new technologies, industry practices, and regulatory requirements, among other reasons.