.svg)
Privacy Policy
Protection of property and people - management of personal data
The personal data controller is KLARYS, domiciled at: Procsea SA - 4 rue Jean Lemaistre, 35000 Rennes, FRANCE. KLARYS has appointed a Data Protection Officer (DPO), who can be contacted at the email address privacy@klarys.io . The latter's mission is to ensure compliance with the provisions of the regulations on the protection of personal data. It must be consulted by KLARYS prior to the implementation of data processing. It lists in a register the list of all personal data processing by KLARYS as they are implemented. The Data Protection Officer ensures respect for the rights of individuals (right of access, rectification, opposition, erasure, limitation of processing and portability). In the event of difficulties encountered during the exercise of these rights, the persons concerned may contact the Data Protection Officer by e-mail at the address privacy@klarys.io .
KLARYS takes care to collect only the data strictly necessary for the purpose of the processing implemented. Depending on the case, personal data may be collected in two ways:
● Directly: the Internet user, prospect, user and/or customer freely communicates their personal data to KLARYS, in particular via:
- the Platform, and more specifically through the collection forms completed by the data subject (access request, Account creation, service subscription, etc.); - commercial documents (quote, purchase order, etc.)
- the conclusion of General Conditions of Service;
The User who is a natural person is informed that the information collected is subject to computer processing intended to carry out operations relating to the creation of an Account and the management of the Services ordered by the Customer, namely contracts, orders, invoices, accounting and account management, relationship monitoring.
KLARYS indicates to the User the data required to provide its Services by affixing the following sign:"*";. In the absence of a response from the User on the fields mentioned as mandatory, the latter will not be able to benefit from the Services provided by KLARYS.
● Indirectly/automatically: the data of the Internet user, the prospect, the User and / or the customer are collected via the software and / or technologies implemented on the Platform
Who are the recipients of the data?
● Internally, within KLARYS
Personal data is communicated within KLARYS in order to perform its contractual obligations, comply with its legal obligations, prevent fraud and/or secure its services, improve its services or after have obtained the consent of the person concerned. The recipients of the data are the persons in charge of the marketing department, the sales department, the departments responsible for handling customer relations and prospecting, the administrative departments, the IT and technical departments as well as their line managers.
● Externally
In the event of restructuring, merger, acquisition by a third party, sale of an activity or assets in particular, KLARYS may communicate personal data to the buyer or the potential buyer. In such cases, personal data held about prospects may be one of the transferred assets. The acquirer who will act as the new data controller will then process the data and its personal data protection policy will govern the processing of personal data.
KLARYS does not rent or sell the personal data of its Customers, including for commercial prospecting purposes. Personal data may be processed in the name and on behalf of KLARYS by trusted service providers. In this case, KLARYS ensures that all the service providers with which it works preserve the confidentiality and security of the data. KLARYS may, for example, request to provide services that require the processing of its Customers' personal data to:
- service providers who assist in customer relationship management (CRM) and web analytics (audience analysis); - third parties who assist and help KLARYS to provide the Services (hosting services, maintenance and technical support services for databases as well as for software and applications that may contain data concerning KLARYS customers or prospects (these services may sometimes require access to data in order to perform the requested tasks);
- service providers who provide an advisory function to KLARYS (auditor, chartered accountant, lawyer, etc.). Finally, KLARYS may communicate the data to third parties if it is forced to disclose or share the data for:
- to comply with a legal obligation,
- enforce or apply its general conditions of use and / or services, - protect its rights, its intellectual property or its security, or those of its customers or employees,
- if it has the consent of the data subject,
- if permitted by law.
What is the retention period for personal data?
KLARYS only retains personal data for the time necessary for the operations for which it was collected and in compliance with the regulations in force. The natural person is also informed that KLARYS will keep the data transmitted according to the criteria and recommendations of the CNIL available in its reference standard: simplified standard n°48.
What physical and logical security for your personal data?
KLARYS determines and implements the means necessary to protect personal data processing systems to avoid any malicious intrusion and prevent any loss, alteration or disclosure of data to unauthorized persons.
Thus, KLARYS has established and regularly updates its personal data processing registers which list the technical and operational security measures taken.
KLARYS determines and implements measures to guarantee the confidentiality of data, in particular through awareness-raising actions for employees and recommendations for good practices regarding the use of their computer workstations.
KLARYS requires its IT service providers to provide sufficient guarantees to ensure the security and confidentiality of personal data.
KLARYS ensures that IT service providers take all measures to prevent the disclosure or alteration of data, do not carry out remote maintenance operations without its control and return the data at the end of the contract.
Where is the data stored? Is there a data transfer?
KLARYS does not transfer data outside the European Union.
What are the data subject rights?
Right of access, rectification, limitation and erasure In accordance with the law "Informatique et Libertés"; of January 6, 1978 as amended and the General Regulations on Data Protection, any natural person has a right:
- access to data (limited to two access requests per year and subject to proof of identity),
- rectification of data;
- the erasure of information concerning him under the conditions set out in Article 17 of the General Data Protection Regulations;
- restriction of processing;
- to define general and specific directives defining the manner in which it intends to exercise these rights after its death.
Right of opposition
The natural person also has a right to object to the processing of their personal data as well as a right to object to this data being used for commercial prospecting purposes.
Right to data portability
The data subject also has a right to the portability of his data. In accordance with Article 20 of the GDPR, the data subject has the right to receive the personal data relating to him that he has provided to KLARYS, in a structured, commonly used and machine-readable format, and has the right to transmit this data to another controller without KLARYS, to whom the personal data has been communicated, obstructing it.
Right to lodge a complaint with the CNIL
Finally, the data subject may, if necessary, file a complaint with the CNIL services ( https://www.cnil.fr/fr/plaintes).
To do this, they can contact the Cnil by mail or by telephone (information available here: https://www.cnil.fr/fr/vous-souhaitez-contacter-la-cnil). She can exercise these rights by proving her identity and by contacting KLARYS at the email address support@klarys.io or by post at the following address:
Procsea SA - Klarys, 4 rue Jean Lemaistre, 35000 Rennes, France.