Privacy Policy
Version dated 18 June 2026
This Privacy Policy applies to the website operated by Hello Paris SERVICE (hereinafter “HPS”), available at: www.cdgexpress.com (hereinafter “the Website”).
HPS processes personal data relating to visitors to the Website and users of the services offered on the Website, in accordance with data protection regulations.
Important definitions
For the interpretation of terms relating to the protection of personal data and appearing in this Policy, please refer to the definitions in Article 4 of Regulation (EU) 2016/679 of 27 April 2016 (General Data Protection Regulation or ‘GDPR’). In essence:
- Personal data (or personal information) means any information relating to an identified or identifiable natural person (‘the data subject’), i.e. information that allows the data subject to be identified either directly (e.g. first name and surname) or indirectly (e.g. login details). (Art. 4(1) GDPR)
- The processing of personal data refers to any operation or set of operations, whether or not carried out by automated means, relating to personal data or sets of personal data (e.g. the collection, recording, organisation, storage, transmission of personal data). (Art. 4(2) GDPR)
- The Data Controller refers to the organisation that determines the purposes (the ‘Why’) and the means of processing (the ‘How’). (Art. 4-7 GDPR)
- Regulations on the protection of personal data refer to the GDPR as well as Law No. 78-17 of 6 January 1978 on information technology, files and civil liberties (hereinafter the amended “Data Protection Act”).
- The Processor refers to the organisation that processes personal data on behalf of the Controller and under its instructions. (Art. 4-8 GDPR)
What is HPS’s role?
Depending on your actions on the Website (browsing, use of services), HPS may be required to process your personal data. HPS carries out this processing as a Data Controller within the meaning of the GDPR.
HPS processes only the personal data necessary to achieve the purposes set out below, in accordance with the principle of data minimisation.
How does HPS use my personal data?
Pursuant to Article 13 of the GDPR, the table below details the information relating to the processing carried out by HPS on your personal data in connection with your use of the Website.
| Purpose of the processing of personal data | Legal basis for processing | Personal data processed | Recipients of personal data | Retention period for personal data |
|---|---|---|---|---|
| Management of the contact form | Article 6(1)(f) of the GDPR: pursuit of legitimate interests, whilst respecting the fundamental rights and freedoms of data subjects [HPS’s legitimate interest: to respond to your enquiry] | Identification data: Surname, First name Contact details: email address, telephone number (optional) Type of enquiry (as per the drop-down menu), message | Internal recipients: authorised HPS staff External recipients: [CA1.1] Website administrator Website hosting | Data retained for 12 months – Data deleted at the end of this period |
| Website audience measurement | Article 6(1)(f) of the GDPR: pursuit of legitimate interests, whilst respecting the fundamental rights and freedoms of data subjects [HPS’s legitimate interest: measuring traffic to the Website and services] | Aggregated (anonymous) data | Internal recipients: authorised HPS staff External recipients: Website administrator Website hosting provider Statistical solution management | Logging of connection logs for 6 months – Data deleted at the end of this period |
| Technical management of the website | Article 6(1)(f) of the GDPR: pursuit of legitimate interests, whilst respecting the fundamental rights and freedoms of data subjects [HPS’s legitimate interest: ensuring the proper functioning and security of the website] | Connection data | Internal recipients: authorised HPS staff External recipients: Website administrator Website hosting provider | Logging of connection logs for 6 months – Data deleted at the end of this period |
Details regarding external recipients:
HPS uses the services of the following subcontractors:
- Website management and hosting:
KLEE GROUP (France)
[Data Protection Policy] - Website traffic measurement:
MATOMO – web analytics platform (Recommended by the CNIL)
What are your rights?
When using the Website and its services, you have the following rights under the terms of the regulations on the protection of personal data:
- the right to access, rectify and erase personal data (Articles 15 to 17 of the GDPR);
- the right to withdraw your consent at any time (Article 7(3) of the GDPR);
- the right to restriction of processing (Article 18 of the GDPR);
- the right to data portability (Article 20 of the GDPR);
- the right to lodge a complaint with the CNIL (https://www.cnil.fr/fr/plaintes);
- the right to set out guidelines regarding access to personal data in the event of death (Article 85 of the amended French Data Protection Act).
For processing operations based on the legitimate interests of HPS, you have the right to object to the processing of your personal data under the conditions set out in Article 21 of the GDPR.
Requests relating to these rights may be made by email to the following address: Hello Paris, 8 rue de Sofia - 75018 Paris - specifying the subject of the request (right concerned) and attaching any supporting documents to verify your identity (if necessary) or a power of attorney in the event of representation.
Are there cookies on the HPS website?
The website uses only technical cookies that are necessary for its operation.
Changes to the Policy
This privacy policy may be updated periodically and without prior notice. Any changes will take effect upon publication of the new policy on the Website on the version date indicated.