Supplier Privacy Notice
Your privacy is important to Asmodee Group, of which Edge Studio is one of the studios. This Privacy Notice explains how we handle and treat your personal data when we do business with you or your company.
This Privacy Notice explains our approach to any personal data that we collect from you or that we have obtained about you from a third party and the purposes for which we process your personal data. It also sets out your rights in respect of our processing of your personal data.
We may collect personal data from you in the course of our business, including when you contact or request information from us, or as a result of your relationship with one or more of our staff or partners.
ASMODEE GROUP, a French “Société par actions simplifiée à associé unique” with registered office at 18 rue Jacqueline Auriol, Quartier Villaroy, 78280 Guyancourt, registered with the Commerce and Companies Register of Versailles under number 399 899 806 (“Asmodee” or “we”) is the controller of your personal data.
We collect information regarding you, such as:
We use your personal data for the purposes listed below. Whenever we process your personal data, we do so on the basis of a lawful “justification” (or lawful basis) for processing, which we have identified in the table below.
| Purpose for processing | Lawful basis | |
| To carry out administrative operations relating to agreements (including their execution), orders, receipt of deliveries, invoices, payments, accounting in relation to vendor accounts management, etc. | This processing is necessary to perform the contract between you and Asmodee. | |
| To prepare payment instruments (checks, bills of exchange, drafts, promissory notes). | This processing is necessary to perform the contract between you and Asmodee. | |
| To establish financial statistic and turnover statistics per vendor. | We consider that we have a legitimate interest in conducting analysis regarding our activities to help us take business decisions. | |
| To provide a selection of vendors for the needs of Asmodee. | We consider that we have a legitimate interest in maintaining a list of our vendors to conduct our business operations. | |
| To maintain a documentation on vendors. | We consider that we have a legitimate interest in maintaining such a documentation to conduct our business operations. | |
| To comply with any applicable law, court order, other judicial process, or the requirements of a regulator. | This processing is necessary to comply with our legal obligations. | |
| To enforce our agreements with you. | We consider that we have a legitimate interest in ensuring that our contracts are performed correctly and in defending our rights where necessary. | |
| To enforce our legal rights and obligations, and for any purposes in connection with any legal claims made by, against or otherwise involving you. | We consider that we have a legitimate interest in protecting our organization from breaches of legal obligations owed to it and to defend itself from litigation. | |
| To protect the rights of third parties. | This processing is necessary for the compliance with legal obligations to which Asmodee is subject. This processing is also necessary for the purpose of the legitimate interests pursued by Asmodee. We consider that we have a legitimate interest in ensuring our activities do not violate any third partie’s rights. | |
| In contemplation of and/or in connection with a business transaction such as a merger, or a restructuring, or sale. | We consider that we have a legitimate interest as we need to be able to make decisions relating to the future of our business in order to preserve our business operations or grow our business. | |
| Organization of promotional / marketing activities including meals or other events where information on food restrictions may be collected. | We rely on your consent to collect information for the organization of marketing activities where you may be involved, to better serve you. | |
| To comply with our legal obligations in terms of suppliers verifications (including any Know Your Supplier, Anti-Money Laundering or Anti-Bribery regulations), conflicts or similar obligations including, but without limitation, maintaining regulatory insurance. | This processing is necessary to comply with our legal obligations. However, where such legal obligations result from laws other than EU or Member State law, then we consider that we have a legitimate interest in complying with such legal obligations when non-compliance may result in sanctions or other adverse consequences for our organization or the Asmodee group in general. |
If you are an employee of one of Asmodee’s vendors, we only use your contact information for the management of the relationship with your employer. We consider that we have a legitimate interest in ensuring we can communicate with you and preserve our business operations with your employer.
We may share your personal data with a variety of the following categories of third parties as necessary:
Please note this list is non-exhaustive and there may be other examples where we need to share with other parties where justified by our legitimate interest, permitted by applicable law, or necessary for compliance with a legal obligation to which we are subject.
In this context, your personal data may be transferred outside the European Economic Area (EEA), to countries not offering a level of protection of personal data equivalent to that offered within the EEA, such as China, USA, Canada, etc. In the absence of an adequacy decision of the European Commission, the transfer of your personal data will be made pursuant to standard contractual clauses adopted by the European Commission or pursuant to any other legal protection mechanism in accordance with applicable law.
Our general approach is to retain your personal data only for as long as required to fulfil the purposes for which it was collected. We generally retain your personal data for the duration strictly necessary for the management of our relationship with you.
However, we may retain personal data for longer periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or where such data is necessary to establish the existence of a right or contract. In that case, your personal data will be archived and retained for the duration imposed by applicable law, or for the duration of the applicable statute of limitations.
When your personal data will no longer be necessary, we will delete or anonymize them.
We are committed to keeping your personal data secure and we have implemented appropriate information security policies, rules and technical measures to protect it from unauthorised access, improper use or disclosure, unauthorised modification and unlawful destruction or accidental loss.
All of our partners, employees, consultants, workers and data processors, who have access to, and are associated with the processing of personal data, are obliged to respect its confidentiality.
You have a number of rights in relation to your personal data. More information about each of these rights is set out below:
You also have the right to lodge a complaint with a supervisory authority if you consider that the processing of your personal data infringes applicable law. In France, the supervisory authority for the protection of personal data is the CNIL (www.cnil.fr).
To exercise your rights regarding your personal data, please complete this form and send it to us at the contact details provided.
For further information regarding your rights or if you have any questions regarding the processing of your personal data, please contact donneespersonnelles-group@asmodee.com.
We may occasionally change this Privacy Notice, for example, to comply with new requirements imposed by the applicable laws, technical requirements or good commercial practices. We will notify you in case of material changes.
Last update: March 30th, 2021.
