General Data Protection Regulation

Last update on August 27, 2019


On the 25th of May 2018 came the GDPR. This European text applies to all states within Europe and replaces the old directive 95/46/CE on personal data protection. It creates new obligations for companies and organizations that, just like Atolia, deal with personal and sensitive data. 

The GDPR allows a more harmonious juridical frame within European Union. And at the same time, it creates new rights for the persons related to this data, such as the right to forget and the right to have portable data.

A privacy policy

Atolia’s responsibilities and obligations are precisely defined with regard to the collection and processing of data from visitors, prospects and customers.


A data protection officer who ensures compliance with Atolia’s data protection policy.

A treatment register

All operations carried out on personal data that are transmitted to Atolia are identified and added to a processing register.

A strong security policy

Increased security of personal data to minimise the risk of a data breach. In the event that such an incident should occur, a protocol for notifying the CNIL and/or users has been put in place.

Measures implemented

Since our inception, we have placed the utmost importance on the security and privacy of our users' data.

The entry into force of the RGPD is an opportunity to enhance this protection to benefit all Atolia's customers.

Many measures have been put in place to ensure Atolia's compliance with the RGPD, including :

  • A privacy policy
  • A strong security policy
  • A treatment register
  • A DPO

Applied measures

Since the beginning, we are prioritizing security and confidentiality for our users.

The GDPR comes alongside our values and reinforces this protection for the best interest of our clients.

Many measures have been established to assure that the GDPR is well applied to Atolia :

  • Confidentiality policy
  • High strength security policy
  • Treatment register
  • A DPO

Treatment register

Every operation done on personal data is transferred to Atolia, identified and registered.

High strength security policy

An improved security regarding personal data to ensure the risks are being lowered and that there is no way to access this data. In the case of that happening, a notification protocol has been set up with the CNIL and users.

Confidentiality policy

It is part of Atolia’s responsibilities to collect your data and any of your collaborator’s data as well. Our confidentiality policy is strict for that reason.


A Data Protection Officer is making sure that data protection policies are being respected.

Within the services we offer our clients, we act as a subcontractor to them. We then need to make sure our operations conform to personal data collection for the information that is being given to us. 


For more information regarding personal data protection, we kindly invite you to have a read at our confidentiality policy on this detailed page. Regarding the final client’s data, any enquiry will have to be made to the employer, Atolia being only a subcontractor. 

If you have any questions about our confidentiality policy or about our GDPR conformity, you can contact us via email at  or via mail at : Atolia SAS, 3 Place de Haguenau, 67000 Strasbourg.