Privacy policy

Personal data management policy

www.sweego.io

1. Introduction

MINDBAZ, a simplified joint-stock company located at 59 rue Nationale, 59800 LILLE, recorded in the LILLE MÉTROPOLE trade and companies register under number 893278382 and represented by its Chairman, Mr Sébastien LEMIRE (hereinafter referred to as “THE COMPANY”), is committed to a policy of respecting and maintaining high personal data protection standards.

In the course of its activities, THE COMPANY collects and processes personal data relating to its clients, its clients’ clients, prospective clients, and its personnel.

With a desire to promote innovation while at the same time building a lasting relationship of trust based on the sharing of responsible social values ​​and respect for people, THE COMPANY has put in place the technical and organisational resources needed to protect the personal data it collects and processes.

The purpose of this policy is to set out the commitments made by THE COMPANY as regards the protection of personal data.

2. Fair and transparent collection

In the interests of transparency, THE COMPANY takes care to inform its clients, users, internet users, employees, and its economic partners of each of the processing operations that are of concern to them.

THE COMPANY is available at the address below to provide any necessary clarification regarding its personal data protection policy:

dpo@mindbaz.com

The main purpose of the collection of personal data is to ensure an optimal management of routing solutions of THE COMPANY and the management of its professional dealings with its clients, its clients’ clients, prospective clients, and its personnel.

3. Lawful and proportionate data processing

When THE COMPANY is required to process data, it does so for specific purposes: each instance of data processing by THE COMPANY has a legitimate, specific, and explicit purpose.

When you request our services or are the end recipient of our e-mail routing solutions you voluntarily provide personal data, in particular when subscribing to our purchase orders, as part of the relationship between you and our clients, or even when an online contact request at www.sweego.io, In view thereof, you therefore give us your consent to process your personal data, as defined exhaustively in article 4.

Respecting the right to be forgotten, THE COMPANY ensures that data are only stored in a form that allows the identification of the persons concerned for a period necessary for the purposes for which they are processed.

4. A processing of accurate and minimalist data

For each instance of data processing, THE COMPANY promises to only collect and process data that are appropriate, relevant, and limited to what is necessary with regard to the purposes for which they are processed.

When you sign THE COMPANY’s online contact forms or order forms, or when entering into any other contractual commitment with THE COMPANY, you are informed of the processing of personal data that are essential to the provision of THE COMPANY’s services.

Data collected by THE COMPANY are processed by computer and are subject to in-depth analysis (nature of the data collected, purposes of processing, data retention and transfer period) by THE COMPANY with regards to the persons concerned.

The data collected are retained for the duration of the relationship with THE COMPANY. If not, said data are stored for the following periods:

  • For prospective clients, three months after their most recent contact with THE COMPANY;
  • For clients, three years after the end of their contractual relationship with THE COMPANY;

The length of time data collected from clients of THE COMPANY are retained by the latter is determined by these clients, who remain responsible for processing as regards the use of e-mail routing solutions.

However, an exception is made to the retention periods referred to above in the case of information required to fulfil legal obligations.

An exception is also made to said retention periods in relation to trackers, as described in article 5 of this policy.

THE COMPANY ensures that where necessary, data are updated and that processes are implemented to ensure that inaccurate data are erased or corrected.

5. Tracer management

To ensure optimal operation, THE COMPANY has developed a website that uses analytical tracers to measure the audience of the website in order to meet different requirements (performance measurement, the detection of browser problems, optimisation of technical performance or ergonomic performance, assessment of the power of the necessary servers, analysis of content consulted). These tracers are required for the day-to-day operations and functioning of a website.

THE COMPANY ensures that it provides internet users with all the necessary prior information required for the informed, free, specific, and unequivocal consent of internet users and, in particular, for all of the distinct purposes of each tracer and the identity of the party jointly responsible for processing, as defined in deliberation no. 2020-091 of 17 September 2020 adopting guidelines relating to the application of article 82 of the Law of January 6, 1978, as amended, to reading and writing operations on a user terminal (in particular “cookies and other tracers”) of the CNIL. https://www.cnil.fr/sites/default/files/atoms/files/lignes_directrices_de_la_cnil_sur_les_cookies_et_autres_traceurs.pdf

THE COMPANY does not use tracers without the express consent of the persons concerned except for tracers that do not require such consent, i.e:

  • Tracers intended for authentication with a service
  • Tracers that retain the choice made by users on the installation of tracers
  • Tracers whose purpose is strictly limited to the calculation of user numbers on the website or application on the sole behalf of the publisher, and which serve only to produce anonymous statistical data, with personal data collected unable to be cross-referenced with other processing operations or transmitted to third parties.

This information can be held for up to 13 months. You have the option to oppose the collection of tracers on your web browser.

You can delete tracers on your computer via your web browser.

Below are the different procedures to be followed after opening the web browser:

If you use FirefoxIf you use Internet Explorer:
– Click on the icon with three bars in the top-right corner of the screen
– Click on “Options”
– In the “Private life” tab, click on “Delete specific cookies”
– Click on “Delete all cookies” or select the desired cookies, then click on “Delete cookies”		– Click on the “Gear” icon in the top right-hand corner
– Click on “Internet option”
– In the “Confidentiality” tab, click on the “Sites” button
– Click on the “Delete all” button or select the desired cookies, then click on “Delete”

If you use Firefox

  • Click on the icon with three bars in the top-right corner of the screen
  • Click on “Options”
  • In the “Private life” tab, click on “Delete specific cookies”
  • Click on “Delete all cookies” or select the desired cookies, then click on “Delete cookies”

If you use Internet Explorer:

  • Click on the “Gear” icon in the top right-hand corner
  • Click on “Internet option”
  • In the “Confidentiality” tab, click on the “Sites” button
  • Click on the “Delete all” button or select the desired cookies, then click on “Delete”

If you use Chrome:

  • Click on the icon with three small dots in the top right-hand corner
  • Click on “Parameters”
  • Select “Advanced parameters” at the bottom of the page
  • “Confidentiality and security” paragraph
  • Click on “Content parameters”
  • Click on “Cookies”
  • Select “Display all website cookies and data”
  • Click on “Delete all” or delete the desired cookies by clicking on the recycling bin icon on the corresponding line.

If you use Safari:

  • Click on Safari in the menu bar
  • Select “Preferences”
  • Select the “Confidentiality” tab
  • Click on “Delete all website data” in the “Cookies and other website data” field
  • Click on “Delete” to confirm
  • Restart Safari

6. Data protection guaranteed

THE COMPANY attaches particular importance to the security of personal data.

Technical and organisational measures adapted to the sensitivity of data have been put in place to protect data against malicious intrusions or loss or accidental destruction or damage that could compromise their confidentiality or integrity.

During the development, design, selection, and use of the various tools used in the processing of personal data, THE COMPANY, where applicable, ensures with the publishers of such tools that they provide an optimal protection for processed data.

To this end, THE COMPANY has put in place measures that respect the principles for the protection by design and protection by default of processed data. As a result, THE COMPANY can use pseudonymisation or data encryption techniques when it proves possible and/or necessary to do so.

When using a service provider, THE COMPANY only discloses personal data to the former once it has required the latter to comply with the security principles of the latter.

THE COMPANY also audits its own services and the services of its service providers on a regular basis in order to confirm the application of data security regulations.

7. Controlled access to data

THE COMPANY applies strict authorisation policies that allow the data it processes to be transmitted only to those authorised to access said data.

When THE COMPANY needs to transfer data outside the European Union, it only does so within the framework of specific contractual provisions and in accordance with the requirements of the competent supervisory authorities.

8. The rights of data subjects respected

THE COMPANY is concerned in particular with respecting the rights of the people affected by its data processing activities. In view thereof, it recognises the existence of the following rights:

  • The right to information and transparency;
  • The right of access;
  • The right of correction;
  • The right to erasure (“the right to be forgotten”);
  • The right to limit processing;
  • The right to portability;
  • The right to object;
  • The right to set out guidelines relating to the retention, erasure, and disclosure of personal data after death.

THE COMPANY also recognises that, except in specific cases listed in the applicable regulations, individuals have the right not to be the subject of a decision based exclusively on automated processing, including profiling, that could produce legal effects on the individuals concerned or affect them in a similar significant way.

9. Easy contact

THE COMPANY is able to respond to requests from the persons concerned to exercise their rights throughout the data handling process, in accordance with the conditions and deadlines set by the applicable regulations.

Unless otherwise requested, requests from the subject of personal data to exercise their rights are made by e-mail to the following address:

dpo@mindbaz.com

The person concerned must clearly indicate their forename and surname(s), attach a copy of an identification document, and indicate the address to which they wish the response to be sent.