Personal Data and Cookies Charter

Welcome to the website TotalEnergies Careers.

The Personal Data and Cookies Charter (hereinafter “Charter”) aims to inform you about your rights that you can exercise regarding the processing of your data and describes the measures that we take to protect these data.

TotalEnergies SE is the « data controller » with responsability for personal data processing on the website. These processing operations are carried out in accordance with the applicable law.

1. Purpose of processing, legal basis, the period of storage and types of data collected

When visiting the website you may need to provide us with personal data such your contact data and/or your personal data necessary for the management of your application (e.g.: C.V., cover letter, diplomas...).

  • You agree that we can process your data. This information is necessary to process your request, otherwise it cannot be processed. You can withdraw your consent at any time without this calling into question the processing of your data by writing to the following address: [email protected].
  • The information is necessary to enable us to fulfill our legal obligations. If you fail to answer the mandatory questions, we will not be able to process your request.

2. Recipient of the data

In order to carry out the processing provided for in this Charter, your personal data may be communicated to certain departments of the data controller or companies of the TotalEnergies company, as well as to certain service providers or subcontractors, in particular external recruiters for the sole purpose of selecting candidates and recruiting, or service providers responsible for the technical management of the candidate portal.

If you post a comment online, some of your personal data may be published on the website and the candidate portal. Given the characteristics of the Internet network, which are the free capture of information disseminated and the difficulty, or even the impossibility, of controlling the use that could be made of it by third parties, we recommend that you do not mention your personal data in this field and we inform you that you can object to such dissemination by contacting us at the contact address specified below.

3. Data transfers

Any transfer of data to a third country outside the European Economic Area is done in accordance with the applicable regulations and in such a way as to ensure adequate data protection. As part of the services provided on the site, your data may be transferred to companies of the TotalEnergies Company located outside the European Union.

In order to ensure adequate protection of personal data originating in the European Economic Area that may be transferred to TotalEnergies entities located outside the European Economic Area, Binding Corporate Rules (BCR) have been adopted. For transfers of personal data not covered by BCRs to countries outside the European Economic Area, other measures are put in place to ensure adequate data protection.

If you would like more information about our BCR, you can click here. For information on the other measures, we have in place to ensure adequate protection, please write to the contact address below.

4. Data security and confidentiality

The data controller takes appropriate steps to preserve the security and confidentiality of your personal data, including to prevent them from being distorted, damaged, or disclosed to unauthorized third parties.

5. Cookies management

A cookie is a file which enables a website to save information relating to your computer’s browsing of the website to make your visits to the website smoother.

Cookies are text files that are stored on yourcomputer’s browser. They allow access to various information about you. Some of them belong to the publisher of the website (First party) and some to third parties. The table below details each cookie on the website.

We enable cookies once you have given your consent, except for technical cookies that are necessary to provide the service you request on website.

The cookies proposed by the data controller

The cookies proposed by the data controller
Cookie Description Duration
Site (has_js) Contains information about the browsing session and allows the user to access the site Deleted at the end of the browsing
Site (cookie_agreed) Stores a user's choice regarding cookies 13 months
Drupal.language Drupal configuration cookie (redirection by language) 7 days
Drupal_language_redirection Drupal configuration cookie 1 year
Drupal.tableDrag.showWeight Drupal configuration cookie 1 year
authorized_config Allows to know which services have been refused or accepted by the user 1 year
getaquote In a Find My Product form, records user input 1 year
cookie-agreed Cookie created by Smile to remember the user's choice regarding cookies in the context of the RGPD 1 year 1 day

 

Cookies offered by third parties 

Cookies offered by third parties
Cookie Description Duration
__unam Cookie set by ShareThis to enable content sharing 9 months
_trossion Allows the presentation of offers adapted to the user's interests on the Internet (doubleclick.net) 1 year and 1 month
_troRUID Allows to present offers adapted to the user's interests on the Internet (doubleclick.net) 6 months
_troSYNC Allows to present offers adapted to the user's interests on the Internet (doubleclick.net) 6 months

 

Statistics cookies

Statistics cookies
Cookie Description Duration
xtant Cookie set by AT Internet (Analytics) containing a technical value related to the management of identified visitors. Used by XITI 6 months
xtat Cookie set by AT Internet (Analytics) containing a textual identifier of the visitor. Used by XITI 6 months
xtvrn Cookie set by AT Internet (Analytics) listing the numsites (unique site identifier) encountered by the visitor. Used by XITI 6 months
atuserid Cookie set by AT Internet (Analytics) to identify visitors to sites in first-party cookie (nb. Cookie does not use a different domain name than the site). Used by XITI 1 year 1 day
atidvisitor Cookie set by AT Internet (Analytics) to count the numsites (unique identifiers of a site) seen by the visitor and store the visitor's identifiers. Used by XITI 6 months

How to withdraw your consent?


When you first connect to the website, you may or may not give your consent to the use of cookies and/or proceed to a parameterization. If afterwards you wish to change your choices, you can manage your cookies by going to the footer of our website or application or via a reminder button named "cookies".

To delete the cookies already installed, please refer to the operating instructions provided by your operating system (Windows, OS...).

6. Your rights / Contact

In accordance with the regulations in force, you have the right to access, rectify, portability, and deletion of data concerning you. You may also request the limitation of the processing, the portability of your personal data if necessary and/or lodge a complaint with the competent supervisory authority.

You can exercise your rights and ask us about the processing of your personal data by contacting: [email protected] 

If you believe, after having contacted us, that your rights have not been respected, you may lodge a complaint with the competent supervisory authority.

Appendix 1 : List of legal basis for data processing activities

List of legal basis for data processing activities
  Possible legal basis Explanations and examples
The legal basis for the processing of personal data Legitimate interest

Legitimate interest may be a legal basis when you can answer ‘yes’ to this question: “might the data subject reasonably expect this data processing operation?” If so, you should specify the legitimate interests pursued by the controller or by a third party.

Examples: safety and security of people and goods, protection and fight against fraud; prevention for the sake of safety and security (including IT security); protection of privacy, statistics etc.

Contractual nature

The performance of a contract (processing of personal data is strictly necessary for the performance of a contract) or the intention to conclude a contract may be a legal basis for processing. If so, you should specify whether the requirement to provide data is necessary for the conclusion of this contract, and any consequences of not providing these data.

Examples: service performance ; processing of employees’ data to send out payslips ; employee management ; processing of data so that purchases can be delivered, etc.

Consent of the data subject

Consent is defined as “any freely given specific and informed indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.” If consent is the legal basis for processing, it must be possible to withdraw it at any time, it being made clear that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. NB: for children below the age of 16, 15 (in France) or 13 in some States, it is necessary to obtain the consent or authorization “of the holder of parental responsibility”. IN PRACTICE for valid consent: provide a (not pre-ticked) check box; or a choice of technical settings; or a statement or conduct which clearly indicates in this context the data subject's acceptance of the proposed processing.

Examples: the use of visitors’ photographs for the in-house magazine, etc.

Legal obligation

Data processing is required by law; in this case, legal obligation is the legal basis for processing.

Examples: fight against money laundering and anti-terrorism financing procedures ; processing of remuneration data for social security; processing of remuneration data for the tax authorities; legal requisitions etc.

Vital interest

Data processing is required by the fact that the vital interest of the data subject or another natural person is at stake. Vital interest is equivalent to a question of life or death, or threats entailing a risk of injury or harm to the health of the data subject or a third party.

Examples: processing of an employee's data for the purposes of repatriation.

Public interest Examples: Pandemic management etc This case is quite rare, so it is not mentioned here. Contact the legal department if necessary.