top of page


The Sofinord Group, of which THA is a subsidiary, wishes to build a relationship of trust with its customers, partners and employees. In this context, the Sofinord Group is committed to ensuring the highest level of protection for your Personal Data.

This policy demonstrates THA' commitment to respecting the French Data Protection Act of January 6, 1978, as well as the General Data Protection Regulation (RGPD: n° 2016-679). It will allow you to learn more about the collection and processing of your personal data, as well as your rights.


"Personal data": personal data is any information relating to an identified or identifiable natural person. However, because it relates to individuals, they must retain control of it. A natural person can be identified :

directly (example: first and last name) ;

indirectly (e.g., by a telephone number or license plate number, an identifier such as a social security number, a postal or e-mail address, but also by voice or image).


"Processing": Processing of personal data is an operation, or a set of operations, relating to personal data, regardless of the process used (collection, recording, organization, storage, adaptation, modification, retrieval, consultation, use, communication by transmission or dissemination or any other form of provision, matching).


​​"Data controller": The data controller is the legal or natural person who determines the purposes and means of a processing operation, i.e. the objective and the manner of carrying it out.

"Purpose of processing": The purpose of processing is the main objective of the use of personal data. Data is collected for a specific and legitimate purpose and must not be further processed in a way that is incompatible with that original purpose.

"We": refers to the Sofinord Group entity that operates the personal data processing activities.


​​Who is responsible for the processing of your data?

For the Personal Data collected in the context of browsing the Website, the data controller is: THA, a subsidiary of the Sofinord Group. 

As the person responsible for processing the data we collect, we undertake to comply with the legal provisions in force. In particular, we are responsible for establishing the purposes of data processing, for providing our prospects and customers, as well as our employees, candidates and Internet users, with complete information on the processing of their personal data and for maintaining a register of processing that is in conformity with reality. 

What data do we collect?

When you browse the site, we may collect the following data: 

The information you provide by filling out the contact forms or by contacting us via an e-mail address (last name, first name, e-mail address, and any other information you provide to us)

The information you provide when applying for a job at THA: your last name, first name, email address, curriculum vitae and any other optional information you may wish to share with us. 

Cookies, when you accept their collection. Some cookies are mandatory and necessary for the proper functioning of the site, others are optional and require your consent. You can at any time revoke your consent and choose the cookies you accept by clicking on the yellow icon at the bottom left of the website.

Social networks: on our website, you can click on the icons to access our dedicated pages on social networks (for example, Facebook, Instagram, Twitter or LinkedIn). When you click on these icons and decide to follow us on one of these networks, we may access the personal data you choose to make available on your profiles.

IP addresses: This is an identifier that some electronic devices use to identify themselves and communicate with each other on the Internet. When you visit our site, we may use the IP address of the device you are using to connect to it. We use this information to determine the approximate physical location of the device and to understand what geographic area visitors to the site are from.​

Statistics: Our site may use Google Analytics to compile statistical reports, which allow us to see how many visitors have come to the site, which pages have been visited, and from which geographic area the visitors come. Information collected through the use of statistics may include, for example, your IP address, the website from which you arrived at our site and the type of device you are using. We do not use any of this information to identify visitors and we do not share it with third parties.


In any case, we do not sell any of the personal data we collect. 


Purpose of the data collected

We may process your personal data for the following purposes: 


Purpose of processing

Recruitment and hiring management

Legal basis for processing

- Our legitimate interest in recruiting profiles suited to our needs

- Your consent to send us your application

- The respect of legal obligations

- The execution of the contractual relationship, when you are hired by THA

Duration of data retention

- If you are hired: for the duration of the contractual relationship

- If you are not recruited and recruitment is envisaged in the future: 2 years from the date your application is sent

- If no recruitment is envisaged: only for the duration of the recruitment process



Purpose of the processing

To respond to your requests for information, quotations or contacts

Legal basis for processing

- Our legitimate interest in responding to your requests, in order to offer you the best quality of service

- Where applicable, the execution of the contractual relationship we have with you

Duration of data retention

3 years maximum from the last contact or data collection



Purpose of the processing

To improve your navigation on our site

Legal basis of the processing

- Our legitimate interest in offering you the best quality of service

Duration of data retention

12 months maximum after the last contact or data collection

What are your rights?


In accordance with the regulations in force, you have the following rights regarding your personal data:


Right of access and rectification, update, completeness of your personal data. Right to block or delete your personal data, when they are inaccurate, incomplete, ambiguous, outdated, or if their collection, use, communication or storage is prohibited

 Right to withdraw your consent at any time 

 Right to limit the processing of your data 

 Right to object to the processing of your data 

 Right to the portability of the data you have provided, where such data are subject to automated processing based on your consent or on a contract 

 the right to determine what happens to your data after your death and to choose a third party to whom we should disclose your data.


Once we become aware of a user's death, and unless we receive instructions from the user, we will destroy the data, unless it is required to be retained for evidentiary purposes or to meet a legal obligation.


If you wish to know how we use your personal data, ask to rectify them or if you wish to exercise any other right regarding your personal data, you can contact our DPO at the following address: 


In this case, you must specify your request. If your request concerns a correction, an update or a deletion, please indicate the personal data you wish us to correct, update or delete. If we are unsure of your identity, we may ask you to provide a copy of your identity document (ID card or passport or any other equivalent document).


Requests for the deletion of Personal Data will be subject to the obligations imposed by law, in particular as regards the conservation or archiving of documents. Finally, you may file a complaint with the supervisory authorities, including the CNIL.


Transfers of data outside the EU


In principle, we do not transfer any personal data concerning you to a country outside the European Union. However, in the event of a transfer of your personal data outside the European Union, we undertake to inform you of the transfer beforehand. We also undertake to take all necessary measures to ensure a sufficient and appropriate level of data protection. 





We undertake to take all necessary precautions to preserve the security of your data, and to take all reasonable steps to protect it against loss, misuse, unauthorized access, disclosure, alteration or destruction. However, if an incident affecting the integrity or confidentiality of your personal data is brought to our attention, we will inform you as soon as possible and inform you of the corrective measures taken.


To ensure the security and confidentiality of Personal Data, our site uses networks protected by standard devices such as firewalls, pseudonymization, encryption and passwords. 



Incident Notification


Despite our best efforts, no method of transmission over the Internet and no method of electronic storage is completely secure. Therefore, we cannot guarantee absolute security. If we become aware of a security breach, we will notify affected users so that they can take appropriate action. Our incident notification procedures take into account our legal obligations, whether at national or European level. We are committed to keeping you fully informed of all matters relating to the security of your data.


Applicable law and jurisdiction


Any dispute relating to the use of the site is subject to French law. Except in cases where the law does not allow it, exclusive jurisdiction is given to the competent courts of Paris.


Updating of our policy


In the event of changes in regulations, or in the processing of personal data implemented on this site, we may update or modify this policy. 




If you have any questions about this policy, the processing of your personal data, or to exercise your rights, you can contact the Sofinord group's data protection officer at the following address:

bottom of page