("CGG"), as the data controller, collect, use and protect Personal Data received from Third Parties and/or Personal Data from its Employees transferred to Third Parties.
CGG agrees to comply in all material respects with all applicable privacy laws, rules and regulations, including but not limited to: (i) the European Regulation (EU) 2016/679 “on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing the EU Data Protection Directive” (the "GDPR") and any implementing legislation enacted by the member states of the European Union ("European Laws");
Affiliates (and their employees) shall not be considered as Third Parties for the purpose of this Third Party Policy. A separate Group Employee Data Privacy General Instruction applies to CGG’s employees (including the third party employees subcontracted to CGG “the Employees”).
Third Parties include applicants, clients, subcontractors, vendors/suppliers, investors, insurers, and visitors to CGG’s website (such parties referred to here in individually as a “Third Party” or collectively as “Third Parties”).
By providing Personal Data as below defined to CGG, Third Parties consent to the disclosure and/or collection and use of information as set forth herein unless otherwise required.
"Personal Data" and “Personal Information” are used interchangeably herein and refer to information that can be used to identify a Third Party either on its own or in combination with other readily available data (e.g., the individual’s name, title, work location, home address, date of birth, compensation, benefits, or family members).
"Sensitive Data" means Personal Data which reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic data, biometric data or data which concern health, sex life or sexual orientation.
Please note that Personal Data and Sensitive Data may have a different definition depending of your country.
CGG collects Personal Data entered by Third Parties on CGG's website or through cookies used by CGG as specified below, or given in any other way such as writings or phone calls during any transactional or administrative communications.
Subject to applicable laws and regulations, Personal Data and/or Personal Information collected may include, but is not limited to, the following:
A. Purpose and legal basis of the processing
CGG uses Personal Information collected from Third Parties for the purposes of CGG’s operations and activities management, training programs, and recruiting job applicants.
CGG collects and uses the Personal Data of Third Parties for the execution of its contracts with them, to comply with its legal obligations, on the basis of Third Parties consent and for the purposes of the legitimate interests of CGG.
Failure to provide this information may prevent or delay the fulfillment of these obligations.
CGG process Third Parties Personal Data on the following legal basis:
Sensitive Data shall be processed only where required by local law and only where there is a legitimate purpose for CGG in doing so.
B. Recipient of Personal Data
In the event that CGG or any portion of its assets are acquired, sold or transferred, CGG may disclose Personal Data with the company involved to perform the operation and complete the transition, on a limited basis in compliance with applicable law.
In certain circumstances, CGG may be requested or required to disclose Personal Data in response to valid legal process or under applicable laws and/or regulations. Such circumstances may include a search warrant, subpoena, court order or other request from a government or regulatory authority or agency, including to meet national security of Law enforcement requirements. CGG reserves the right to disclose such information in response to any such legitimate government or regulatory request or requirement.
CGG does not disclose or sell any Personal Data received from a Third Party (individual or legal entity) for marketing or any other commercial purpose.
C. International Transfer of Personal Data
Subject to applicable laws and/or regulations, Personal Data may be transferred to any country in the world where CGG does business, including countries where
privacy laws may be more or less protective than the privacy laws where a Third Party is located.
In particular, CGG may transfer Personal Data of Third Parties located in the European Economic Area to countries located outside the European Economic Area. Where appropriate, CGG will ensure that Third Parties are informed of such transfer and that appropriate transfer mechanisms are in place.
D. Onward Transfer and Choice “Opt in – Opt out”
CGG does not intend to disclose or use Personal Data received from a Third Party in a manner not described herein. However should at any time CGG needs to use Personal Data for a new purpose that is materially different from that for which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to a non-agent Third Party, CGG will provide individuals with an opportunity to choose whether to have their Personal Data so used or disclosed. Requests to opt out of such uses or disclosures of Personal Data should be sent to firstname.lastname@example.org.
If Personal Data that qualifies as Sensitive Data is to be used for a new purpose that is different from that for which the Personal Data was originally collected or subsequently authorized, or is to be disclosed to a Third Party, CGG will obtain the Third Parties' explicit consent prior to such use or disclosure, except if the use or disclosure is in the vital interests of the Third Party or another person; necessary for the establishment of legal claims or defenses; required to provide medical care or diagnosis; necessary to carry out CGG’s obligations in the field of employment law; or related to data that are manifestly made public by the individual.
If the Third Party does not consent explicitly to such disclosure or use, CGG will take all reasonable measures to remove the Third Party’s Personal Data from the intended disclosure or use.
The same principles apply for the Personal Data received from Employees that is anticipated to be disclosed and/or used to a Third Party as described in the Employee Privacy General Instruction above referred to.
When the processing of Personal Data is outsourced to a Third Party processor, CGG will select a reliable Third Parties and data processing will be subject to a written agreement between CGG and the relevant Third Party processor. This written agreement will require that the Third Party processor (i) has at least the level of security measures in place than those implemented by CGG and (ii) will process Personal Data in strict compliance with CGG’s specific written instructions only for the purpose(s) mentioned in the said agreement. CGG shall be liable in case the Third Party does not process the Personal Data in an appropriate manner
E. Personal Data Security
CGG maintains appropriate technical and organizational measures to process Personal Data collected from Third Parties in a secure-access environment and in a manner that complies in all material respects with applicable laws and industry standards to guard Personal Data against loss, destruction, misuse, improper disclosure, and unauthorized access or modification. These safeguards are routinely tested internally and periodically audited by outside firms.
F. Personal Data retention period
Personal Data is not kept for longer than necessary to fulfill the purpose for which it was collected. Personal Data will generally not be retained longer than the term of Third Parties' contractual relationship with CGG, unless there is any legal or regulatory provision requiring otherwise.
G. Personal Data accuracy
CGG relies on the accuracy and integrity of Third Parties Personal Data in order to comply with its business obligations. CGG expects Third Parties to inform it of any changes to their Personal Data such as changes to contact information, address, or any information affecting benefits or services provided by CGG.
CGG makes reasonable efforts to ensure that the Personal Data it collects and maintains is reliable for its intended use, and is accurate, complete for the purposes for which it was collected.
H. Rights over Personal Data
Third Parties have a right to request access to their Personal Data and to request the rectification of any incorrect or incomplete data. Third Parties also have the right to data portability, to request the erasure of their Personal Data, to restrict the processing of their Personal Data, as well as to object to their processing by CGG, unless CGG demonstrates compelling legitimate grounds. Third Parties which are not satisfied with the way CGG processes their Personal Data have the right to lodge a complaint with the competent data protection authority.
Should a Third Party have any request for assistance regarding the exercise of their rights as above mentioned, the Third Party shall use the following e-mail address: email@example.com.
CGG will allow a Third Party to review the Third Party’s Personal Data that CGG stores and maintains about that Third Party in his or her personnel file, including information relevant to the use and disclosure of that person's Personal Data. However in certain limited circumstances CGG may not be able to provide a Third Party with access to all of his or her Personal Data where such refusal is permitted or required by applicable law or regulation.
Subject to all applicable laws and regulations, should any Personal Data concerning a Third Party be found to be no longer needed, to be inaccurate or incomplete or if a Third Party has withdrawn consent, CGG will take reasonable steps to erase or correct or update the information it maintains unless applicable laws or regulations exempt CGG from doing so.
These rights can vary depending of your country.
An individual can access CGG’s website without providing any Personal Data. However, should you choose, you may provide us with certain Personal Data. CGG may use this information:
If you subscribe to any service provided by CGG through CGG’s website or otherwise, and you wish to terminate that subscription and have all Personal Data about you removed from any list we maintain, please contact CGG by sending an e-mail to firstname.lastname@example.org, informing us of your request. We will promptly make reasonable efforts to remove all Personal Data about you from our data banks. In addition, e-mail communications from CGG inform the recipient how to stop receiving further communication.
Data stored in cookies with Personal Data about specific individuals. We may collect certain non-Personal Data from a visitor to our website such as what
browser was used, what pages were accessed, and the Internet address of the service provider in order to compile statistics and analyze this data for trends.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site.
Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org
CGG’s website uses the following cookies to understand how the site is being used in order to improve the user experience.
CGG uses this to understand how the site is being used in order to improve the user experience. User data is all anonymous. You can find out more about Google's position on privacy as regards its analytics service at:
To opt out of being tracked by Google Analytics across all websites visit:
K. Enforcement, Recourse and Liability
As a general principle, CGG is committed to resolve complaints about collection and/or use of Personal Data.
email@example.com, or to the Ethics Committee at firstname.lastname@example.org.
In compliance with the Laws, CGG will strive to acknowledge any complaint or enquiry and take appropriate action to remedy any raised issue within one (1) month of receipt. However, if CGG is unable to satisfactorily resolve the issue, CGG will inform the concerned Third Parties of the reasons preventing the implementation of measures to resolve such issue.
Under the GDPR, Third Parties who consider that the processing of their Personal Data infringes their rights, have the right to an effective judicial remedy.