Privacy Policy | Dr. Moundji MAOUI

General Information

                As a DPO (Data Protection Officer) registered with CNIL and CNAM certified, Dr. Moundji MAOUI is committed to ensuring optimal protection of your personal data in compliance with GDPR and Algerian Law 18-07.
            

This privacy policy describes how we collect, use, store and protect your personal data when you use our website or our legal services.

Certified DPO Expertise

Dr. Moundji MAOUI is a DPO registered with CNIL with certification under CNAM authority, guaranteeing recognized expertise in personal data protection.

Data Controller

Dr. Moundji MAOUI

Capacity: Lawyer - Doctor of Law - Certified DPO

Address: Résidence Djamila Paradou Hydra, Algiers, Algeria

Paris Office: 26 Boulevard de la Bastille, 75012 Paris, France

Phone: +213 23 52 70 15

Contact: Via website contact form

Data Collected

Types of Personal Data

We only collect data strictly necessary for providing our legal services:

Category	Data Collected	Purpose	Legal Basis
Identification	Name, surname, position, company	Contact and legal services	Consent / Legitimate interest
Contact	Email address, phone	Professional communication	Consent / Legitimate interest
Professional	Business sector, legal needs	Service personalization	Legitimate interest
Technical	IP address, Google cookies	Website operation and improvement	Legitimate interest

Collection Methods

Contact form: Voluntarily provided data
Google cookies: Anonymized browsing data
Correspondence: Professional exchanges
Consultations: Information necessary for services

Processing Purposes

Legitimate Objectives

Your personal data is processed exclusively for the following purposes:

1. Legal Services

Analysis of your legal needs
Provision of legal advice and services
Case and consultation follow-up
Billing and administrative management

2. Professional Communication

Response to your information requests
Sending legal documents
Appointment scheduling
Client relationship follow-up

3. Service Improvement

Client needs analysis
User experience improvement
New service development
Anonymized statistics

4. Legal Obligations

Professional secrecy compliance
Case file conservation
Regulatory declarations
Anti-money laundering (AML)

Legal Basis

In accordance with GDPR and Law 18-07, our processing is based on the following legal bases:

Consent (Article 6.1.a GDPR)

Use of contact form
Newsletter subscription (if applicable)
Non-essential cookies

Legitimate Interest (Article 6.1.f GDPR)

Improvement of our legal services
Website security
B2B commercial prospecting
Client relationship management

Legal Obligation (Article 6.1.c GDPR)

Client file conservation (ethics)
Tracfin declarations (AML)
Accounting and tax obligations

Contract Performance (Article 6.1.b GDPR)

Provision of legal services
Billing and payment
Case follow-up

Data Recipients

Internal Access

Only authorized persons have access to your data:

Dr. Moundji MAOUI - Lawyer and DPO
Authorized collaborators - Under direct supervision
Administrative staff - Limited access to necessary data

Partners and Subcontractors

Total Transparency

We commit to informing you of any data sharing with third parties.

Recipient	Purpose	Location	Guarantees
OVH	Website hosting	France (EU)	ISO 27001 certification
Google	Functional cookies	EU/United States	Standard contractual clauses
Legal experts	Specialized consultation	EU/Algeria	Confidentiality agreement

Competent Authorities

Your data may be communicated to authorities in the following cases:

Judicial requisition
Legal obligations (Tracfin, etc.)
Protection of our legitimate rights
Vital emergency

Retention Period

We apply the principle of minimization and retain your data only for the necessary time:

Data Type	Retention Period	Legal Basis
Active client files	Relationship duration + 5 years	Lawyer ethics
Correspondence	5 years after last contact	Legal prescription
Accounting data	10 years	Commercial code
Technical cookies	13 months maximum	CNIL
Non-converted prospects	3 years maximum	Legitimate interest

Automatic Deletion

Upon expiration of deadlines, your data is automatically:

Permanently deleted from active systems
Anonymized for statistics
Archived according to legal obligations

Your Rights

                You have extensive rights over your personal data. As a certified DPO, I commit to facilitating the exercise of these rights.
            

Fundamental Rights (GDPR + Law 18-07)

1. Right of Access (Article 15 GDPR)

Obtain confirmation of your data processing
Access your personal data
Receive information about processing

2. Right of Rectification (Article 16 GDPR)

Correct inaccurate data
Complete incomplete data
Update your information

3. Right to Erasure (Article 17 GDPR)

Deletion of your data (under conditions)
Withdrawal of consent
Unnecessary data

4. Right to Restriction (Article 18 GDPR)

Temporarily suspend processing
In case of dispute
To exercise your rights

5. Right to Portability (Article 20 GDPR)

Retrieve your data in structured format
Transmit your data to another controller
For consent-based data

6. Right to Object (Article 21 GDPR)

Object to processing for legitimate interest
Refuse commercial prospecting
Compelling legitimate reasons

Exercising Your Rights

How to exercise your rights?

By form: Via website contact form

By phone: +213 23 52 70 15

By mail: Résidence Djamila Paradou Hydra, Algiers

Response time: 1 month maximum (extendable by 2 months)

Proof: Identity document required

Complaint

If you believe your rights are not respected, you can contact:

CNIL (France): www.cnil.fr
Algerian Authority: National Personal Data Protection Authority
Bar Council: In case of ethical breach

Data Security

Technical Measures

Encryption: HTTPS/SSL for all communications
Secure hosting: OVH ISO 27001 certified
Backups: Regular and encrypted security copies
Updates: Systems and software kept up to date
Antivirus: Protection against malware
Firewall: Network access filtering

Organizational Measures

Restricted access: Principle of least privilege
Training: Staff awareness
Procedures: Documented security protocols
Audit: Regular access controls
Incident: Breach response plan

Breach Notification

Transparency Commitment

In case of data breach likely to present a risk to your rights, we will inform you within 72 hours in accordance with GDPR.

Cookies and Technologies

Types of Cookies Used

Type	Purpose	Duration	Consent
Essential cookies	Website operation	Session	Not required
Google cookies	Google functionalities	13 months	Legitimate interest

Cookie Management

You can control cookies via:

Browser settings: Block or delete cookies
Google tools: Google Analytics opt-out
Private browsing: Incognito/private mode

International Transfers

Data Location

Your data is primarily processed in:

European Union: OVH hosting (France)
Algeria: Main office
United States: Google services (with guarantees)

Transfer Guarantees

For transfers outside EU/Algeria, we apply:

Standard contractual clauses: Approved by European Commission
Adequacy decisions: Countries recognized by EU
Certification: Privacy Shield successors
Additional measures: Encryption and pseudonymization

Minor Protection

Our services are exclusively addressed to companies and professionals. We do not knowingly collect personal data from minors under 16 years old.

If we discover that a minor has provided personal data, we will immediately delete it and contact legal representatives if necessary.

Modifications

This privacy policy may be modified to reflect:

Regulatory developments
New services offered
Protection improvement
Feedback experience

Notification: Any substantial modification will be notified by email or via the website.

Last update: January 8, 2025

DPO Contact

Dr. Moundji MAOUI - Certified DPO

Certification: CNAM under CNAM authority

Registration: CNIL

Contact: Via website contact form

Phone: +213 23 52 70 15

Response: Within 48 business hours

                As a certified DPO and specialized lawyer, I personally commit to protecting your data with the highest level of professional requirement.
            