Privacy Policy & Terms
Article 1: Definitions
“Personal data” : any information relating to an identified or identifiable natural person, as defined by Regulation (EU) 2016/679 of 27 April 2016 and any other subsequent equivalent regulation.
“Purpose of Treatment” : refers to the purposes pursued by the Processing of Personal Data implemented by the Data Controller.
“Applicable Data Protection Laws” or “Applicable Laws” : refers to Law No. 78-17 of January 6, 1978 relating to information technology, files and freedoms amended by Law No. 2004-801 of August 6, 2004 relating to the computerized processing of personal data, by the Law for a Digital Republic No. 2016-1321 of October 8, 2016, as well as the European General Data Protection Regulation (EU) No. 2016-1321 of October 8, 2016, as well as the European General Data Protection Regulation (EU) 2016/679 and Law No. 2018-493 of June 20, 2018 relating to the protection of personal data and any other subsequent equivalent regulation, and/or any applicable law or applicable regulation and in force relating to data protection.
“Third countries” : refers to any country that does not belong to the European Union and does not have adequate legislation concerning the processing of Personal Data as decided by the European Commission.
“Data Controller” : refers to DIGITALKIN, a simplified joint stock company registered in the Lyon Trade and Companies Register under number 980 136 626, whose head office is located at 1, place Giovanni Da Verrazzano, in LYON (69009).
“Treatment” : any operation or set of operations carried out or not carried out using automated processes and applied to data or sets of Personal Data data, such as, for example, the collection, registration, organization, structuring, conservation, communication by transmission, communication by transmission, dissemination, dissemination, extraction, consultation of Personal Data and defined by Regulation (EU) 2016/679 of 27 April 2016 and any other subsequent equivalent regulation.
“Subcontractor” : refers to the third party who processes Personal Data on behalf of the Data Controller.
“User” : refers to the natural person whose Personal Data is collected to be processed hereunder.
Article 2: Purpose
This privacy policy (hereinafter the” Politics ”) applies to the Treatments implemented by the Data Controller in order to ensure the proper functioning of the DIGITALKIN Solution, as defined in the Conditions
General Services Provision (hereinafter “) CGPS ”) of the company and on the website accessible at the following address: https://digitalkin.ai/ (hereinafter the” Site ”).
The Data Controller undertakes to comply with Applicable Data Protection Laws.
Personal Data is processed in a lawful, loyal and transparent manner.
The Personal Data collected is adequate, relevant and limited to what is strictly necessary for the Processing Purposes.
Article 3: Purposes of the Processing of Personal Data
The Data Controller collects the User's Personal Data to:
- Execute the contract whose purpose is to provide the User with the DIGITALKIN Solution, in its standard or personalized version and, in particular, in order to:
o Perform the services covered by the aforesaid contract;
o Follow up and manage the commercial relationship;
o Follow up and manage outstanding payments and disputes. - Manage requests for the right of access, correction and opposition from the User;
- Carry out operations relating to commercial prospecting for the User concerning the commercial offers offered by DIGITALKIN.
Article 4: Personal data collected
The User is informed that the Data Controller collects and processes his Personal Data and in particular:
- When the User contacts the Data Controller via the contact form on the Site or by email, using the email indicated on the Site, for an information request: email address, last name, first name, if applicable, the telephone number and, more generally, any data transmitted by the User;
- For the execution of the contract and, in particular, the performance of services, the monitoring and management of the commercial relationship, unpaid invoices and disputes: name, first name, postal address, function, e-mail address, e-mail address, telephone number, telephone number, if applicable, telephone number, if applicable, telephone number, if applicable, bank details and any data transmitted by the User;
- When the User makes a request to exercise rights: identity data, the subject of the request, the email address.
Article 5: Personal Data Retention Period
The Data Controller will keep Personal Data for as long as necessary for the purposes for which they were collected and processed. Personal Data is then archived for the purposes and retention periods as defined below:
- For the commercial prospecting, 2 years from the end of the commercial relationship between the Data Controller and the User or from the last contact with the User;
- For the execution of the contract and, in particular, the performance of services, the monitoring and management of the commercial relationship, the monitoring and management of unpaid invoices and disputes: for the entire duration of the contract, plus 5 years from the end of the contract for probationary purposes;
- For respond to requests of the right of access, correction and opposition, i.e. the calendar year of the request plus 5 years.
Article 6: Legal Basis for the Processing of Personal Data
The Data Controller processes Personal Data on a precisely identified legal basis, namely:
- The legitimate interest of the Data Controller in processing Personal Data;
- The execution of pre-contractual measures or the contract that the Data Controller concluded with the User, when he entered into a contractual relationship;
- Compliance with legal obligations, in particular when managing billing or managing requests to exercise rights.
Article 7: Commitments of the Data Controller
The Data Controller is committed to:
- Process Personal Data only for the sole Processing Purposes described above;
- Process Personal Data in accordance with Applicable Laws; - In case of transfer of Personal Data to a third country or to an international organization, inform the User in advance;
- Guarantee the confidentiality of Personal Data by taking all appropriate technical and organizational measures to (i) prevent access to Personal Data by unauthorized persons, (ii) by carrying out identity and access controls via an authentication system as well as a password policy, (iii) by opting for an authorization management system and (iv) processes and devices to trace all the actions carried out on its information system and perform in accordance with regulations in force, reporting actions in the event of an incident affecting Personal Data;
- Ensure that persons authorized to process Personal Data are committed to respecting confidentialitý or are subject to an obligation to confidentialitý and receive the necessary training in the protection of Personal Data;
- Take into account, when it comes to its tools, applications or services, the principles of data protection, from the design stage;
- Erase, anonymize or archive Personal Data at the end of the retention period.
The Data Controller will in no way be responsible for security incidents related to the use of the Internet, in particular in the event of loss, alteration, destruction, disclosure or unauthorized access to data or information of the User.
Article 8: Subcontractors/Transfers of Personal Data
The User accepts that the Personal Data concerning him collected by the Data Controller will be transmitted to the Subcontractors/Service Providers with whom he is in a contractual relationship for the sole purpose of carrying out the above-mentioned Processing Purposes, provided that these third party recipients of Personal Data are subject to regulations guaranteeing an appropriate and appropriate level of protection, as defined by Applicable Laws.
In the event of transfer of all or part of the Personal Data subject to Processing to a Third Country or to an international organization, the Data Controller undertakes to provide appropriate guarantees, in accordance with Applicable Laws, and to have them respected by its Subcontractors.
Under no circumstances does the Data Controller sell, rent or use the Personal Data of which he is a recipient other than for the above Processing Purposes.
The disclosure of Personal Data to third parties is carried out by the Data Controller only for the purposes of carrying out the Processing Purposes and to third parties acting as Data Processors under the conditions referred to herein.
Article 9: Exercise of the User's rights
The following rights are guaranteed by the Data Controller to the User: right of access, rectification, deletion and opposition, right to limitation of processing, right to data portability, right not to be the subject of an automated individual decision (including profiling).
The User may obtain a copy of his Personal Data, upon written request and addressed to the Data Controller.
By sending a written request, and at any time, the User may obtain a correction or deletion of his Personal Data, within the limits of the rights of the Data Controller.
Any request must be sent to the Data Controller in writing at the following address: contact@digitalkin.ai
If the User considers that the Data Controller has not respected his rights in terms of the protection of Personal Data, he may file a complaint with the CNIL.
Article 10: Updating the Privacy Policy
The Data Controller regularly updates this Policy, which remains available on the Site at any time.