Privacy policy – Qualitadd – The French pioneer of digital governance solutions

Privacy
Policy

Ensuring the confidentiality of the data you send us is a priority for Qualitadd.

The purpose of these commitments is to tell you what personal data we collect when you use our services and to explain how and for what purposes we use such data.

Nature of the data collected

In order to allow you to use our services, we collect some of your personal data, including for example when you download some of our publications, when you request a demo… The collection of this data is meant to ensure an optimal operation of our services.

You are free not to provide us with your personal data. However, if you decide not to enter your data, we will not be able to send you any documents.

Furthermore, even after sharing your data with us, you retain, in accordance with Article 21 of the European Regulation No. 2016/679 known as the "General Data Protection Regulation" (GDPR), the right to object to the processing of your personal data at any time. This opposition will result in the immediate impossibility of continuing to use our services.

Contact form:

In the context of our exchanges via the contact form, we keep your data such as your surname, first name and email address for identification purposes for the duration of the relationship that we are led to maintain (in particular, for example, in the event that you become a customer) or to carry out internal statistics in connection with the development of our offers. In addition, you will also receive an exclusive preview of our latest offers and new products. This storage is subject to your prior consent. If you do not wish it, none of these data will be kept.

Purpose – Legitimate interest in processing the data collected

We process the data collected in the context of the operation of the services we offer you. Beyond personalizing your experience on our site, the collection of your data allows us to provide you with the necessary support related to your use of our services.

We may also use this information to communicate with you.

Transfer of personal data to third parties

In general, the information and data we collect when you use our services may be used by our employees in the course of our business, subject to the terms and conditions set out in this Privacy Policy.

HubSpot:

The personal data you enter when using our services is passed on to our service provider HubSpot, to whom we outsource the analytical management of our customer data.

HubSpot is a company incorporated in the United States with its registered office at the following address: HubSpot, 25 First Street, 2^nd Floor Cambridge, MA 02141 United States of America. HubSpot's privacy policy can be viewed at the following link: https://legal.hubspot.com/fr/privacy-policy.

The transfer of the data necessary for the validation of the payment is carried out in compliance with the European regulation No. 2016/679 (GDPR), the United States being considered as an adequate country by the European Union as established in the "EU-US Privacy Shield" agreement. HubSpot adheres to these principles.

In some cases, personal information may be disclosed to a government agency, by order of a court or under legal process.

Security

Qualitadd
All personal data collected in our forms are transmitted using an encrypted protocol (SSL/TLS) and stored in the European Union in secure databases, in accordance with the provisions of Article 5(1)(f) of the European Regulation No. 2016/679 (GDPR) and our internal charter on the processing of personal data.

Subcontractors
The data collected by our subcontractors (see point 3) is stored in accordance with the provisions of the "EU-US Privacy Shield" agreement.

Storage duration

In accordance with European Union regulations and national legislation, we store personal data according to the following types of data:

Accounts and customer data: 3 years after the end of the business relationship in the operational database/10 years archived in a "final archive" in order to comply with the obligations to keep accounting data⁷ ;
Data archives (backups): 3 years ("intermediate archives")/10 years ("final archives").

Access

You may request access to your personal data from the Data Controller at any time. The Data Controller will do everything necessary to provide you with the information you request. For example, you can find out for which purposes your data is processed or to whom it has been or will be disclosed.

Rectification

You have a right of rectification which allows you to obtain from the Data Controller, as soon as possible, the rectification of personal data concerning you which are inaccurate.

Opposition

You have the right to object at any time to the processing of your personal data. To do so, you can make a request to the Data Controller who, once the request has been received, will stop processing your personal data. However, the Data Controller may continue to process your personal data if there is a legitimate and compelling reason to do so. He will then inform you of this.

Limitation

You have the right to limit the processing of your data. You can request this from the Data Controller in the following situations:

If you dispute the accuracy of your personal data;
In case of unlawful processing, if you wish to obtain a limitation instead of an erasure of your data;
When the Data Controller no longer needs your personal data for the purposes of processing, but they are still needed by you for the establishment, exercise or defense of your legal rights;
Where you have objected to the processing under Article 21(1) of the European Data Protection Regulation, during the verification as to whether the legitimate grounds pursued by the Data Controller override your own.

Erasure

You have the right to have your personal data erased. You may request this at any time from the Data Controller, who is obliged to delete it as soon as possible when:

These data are no longer necessary for the purposes for which they were collected or otherwise processed;
You withdraw your consent on which the processing is based and there is no other legal basis for the processing;
Where you object to the processing and there is no compelling legitimate reason for the processing;
Your data has been processed unlawfully;
Your data must be erased in order to comply with a legal obligation under Union law or the law of the Member State to which the Controller is subject.

Portability

You have a right to the portability of your personal data: you can ask the Data Controller to provide you with all your data in a structured, commonly used and machine-readable format. You may transfer this data to another controller without the controller to whom the personal data was transferred having any objection. This is particularly the case for automated processing.