What is the purpose of this policy ?
We attach great importance to the protection and confidentiality of your personal data, which represent for us a pledge of seriousness and trust.
The data confidentiality policy is a clear demonstration of our desire to ensure compliance with the applicable rules on data protection and, in particular, those of the General Data Protection Regulation ("GDPR").
To whom is this policy addressed ?
The policy applies to you, regardless of where you live, as long as you are a user of the Fabriq platform.
The policy only addresses the processing that we carry out ourselves to provide you with the Fabriq service and not the processing that you carry out using our platform for which you are the only and unique responsible.
Why do we process your data ?
As part of the services we offer, we may need to process your personal data for the following reasons and purposes :
To guarantee and reinforce the security and quality of our services on a daily basis (e.g. statistics, data security, etc.) based on our legal obligations, our general terms and conditions of sale and our legitimate interest in ensuring the proper functioning of our services.
To communicate with our support department via our internal messaging system on the basis of our general conditions of use.To receive our technical emails (e.g. modification of passwords, etc.) essential to the proper functioning of our service on the basis of our general conditions of use.
Finally, we may also install "Cookies" on your terminal. For more information on the use of "Cookies", we invite you to consult our "Cookies Policy".
Your data is collected directly from you when you use our platform and we undertake to process your data only for the purposes described above.
What data do we process and for how long ?
We have summarized the categories of personal data we collect and the respective retention periods.
Professional identification data (e.g. name, first name, position, company, etc.) and contact information (e.g. personal or professional email address, Linkedin, etc.) kept for the entire duration of the provision of the service, in addition to the legal statute of limitations, which is generally 5 years.
Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.
If you would like to know more about the retention periods applicable to your data, you can contact us at: [email protected]. In any case, all your data is deleted when you request the deletion of your account with a maximum of 30 days.
The deletion of your personal data is irreversible and we will not be able to communicate them to you after this period. At most, we can only keep anonymous data for statistical purposes.
Please also note that in the event of litigation, we are obliged to keep all data concerning you for the entire duration of the processing of the case, even after the expiry of the retention periods described above.
What rights do you have to control the use of your data ?
The applicable data protection regulations provide you with specific rights that you can exercise, at any time and free of charge, to control the use we make of your data.
Right of access and copy of your personal data as long as this request is not in contradiction with business secrecy, confidentiality, or the secrecy of correspondence.
Right to rectify personal data that are erroneous, obsolete or incomplete.
The right to object to the processing of your personal data for commercial prospecting purposes.
Right to request the deletion ("right to be forgotten") of your personal data that are not essential to the proper functioning of our services.
Right to the limitation of your personal data which allows to photograph the use of your data in case of dispute on the legitimacy of a processing.
Right to the portability of your data which allows you to recover part of your personal data in order to store them or transmit them easily from one information system to another.
The right to give instructions on what to do with your data in the event of your death, either through you or through a trusted third party or a beneficiary.
For a request to be taken into account, it is imperative that it be made directly by you at [email protected]. Any request that is not made in this manner cannot be processed.
Requests cannot be made by anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the requester.
We will respond to your request as soon as possible, but no later than three months after receipt, if the request is technically complex or if we receive many requests at the same time.
Please note that we can always refuse to respond to any excessive or unfounded request, particularly with regard to its repetitive nature.
Who can access your data ?
WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS. ALL YOUR PERSONAL DATA IS USED EXCLUSIVELY BY OUR STAFF OR BY OUR IT SERVICE PROVIDERS.
More specifically, we only pass on your data to people who are duly authorized to use it to provide you with our service, such as our IT department or our customer relations department.
Your personal data is also transferred to our IT service providers, who are used solely to operate our service, such as our data hosting provider or our technical e-mailing tool.
We would like to point out that we check all our IT service providers before hiring them, to ensure that they comply scrupulously with the rules applicable to the protection of personal data.
How do we protect your data?
We implement all the technical and organizational means required to guarantee the security of your data on a daily basis and, in particular, to fight against any risk of destruction, loss, alteration, or disclosure of your data that would not be authorized (e.g.: secure passwords, data encryption, secure servers, training, access control, antivirus, etc.)
Can your data be transferred outside the European Union ?
Unless strictly necessary and on an exceptional basis, we never transfer your data outside the European Union and your data is always hosted in the European Union. In addition, we make every effort to use only service providers who host your data within the European Union.
Should our service providers nevertheless transfer your personal data outside the European Union, we take great care to ensure that they implement appropriate safeguards to ensure the confidentiality and protection of your data.
Who can you contact for more information ?
Our Data Protection Officer ("DPO") is always available to explain in more detail how we process your data and to answer your questions on the subject at the following address: [email protected].
How can you contact the CNIL ?
You may at any time contact the French data protection supervisory authority (the "Commission nationale de l'informatique et des libertés" or "CNIL") at the following address CNIL Complaints Department, 3 place de Fontenoy - TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.
Can the policy be changed ?
Certified compliant by Dipeeo ®