PRIVACY POLICY

What's the point of this policy?

CAPIOTEC, which manages CAPLOCK.app, places great importance on the protection and confidentiality of your personal data, which represents for us a guarantee of seriousness and trust.

The data privacy policy clearly demonstrates our desire to ensure that CAPIOTEC and CAPLOCK comply with the applicable data protection rules , and more specifically, those of the General Data Protection Regulation (“GDPR”).

In particular, the Privacy Policy aims to inform you about how and why we process your data in connection with the services we provide.

Who is this policy for?

The policy applies to you , regardless of your place of residence, as long as you are a customer or visitor of the Caplock.app or capiotec.fr website.

If you are a candidate for a position at CAPIOTEC or CAPLOCK , you can check the "candidate" policy which is, where possible, always published on the recruitment sites we use. Otherwise, you can request it from us at any time at dpo@capiotec.fr

Why do we process your data?

As part of the services offered, we are necessarily required to process your personal data for:​

  • browse our website , benefit from our services and so that we can respond to your requests (e.g. requests for information, complaints, etc.) on the basis of our general conditions of use and our legitimate interest in providing you with the best possible service.
  • follow us and comment on our social media posts based on our legitimate interest in having a dedicated social media page.
  • use our instant messaging based on our legitimate interest in communicating easily with you.
  • receive our newsletter which informs you about all the news concerning our services based on your consent.
  • operate videos on our site based on our legitimate interest in providing you with content in video format.
  • make an appointment with our teams based on our legitimate interest in providing you with an easy way to make an appointment with us.
  • display public reviews written by users of our service based on our legitimate interest in promoting our service.

Your data is collected directly from you when you use our website and we undertake to only process your data for the reasons described above .

On the other hand, as soon as you voluntarily publish content on the pages that we edit on social networks, you acknowledge that you are entirely responsible for any personal information that you may transmit, regardless of the nature and origin of the information provided.

For cookies, please consult our dedicated Cookie Policy accessible on our website.

What data do we process and for how long?

We have summarized the categories of personal data we collect and their respective retention periods .

If you would like to obtain even more details on the retention periods applicable to your data, you can contact us at: dpo@capiotec.fr.

  • Professional identification data (e.g.: surname, first name, position, company, etc.) and contact details (e.g.: professional email address and telephone number, etc.) kept for the entire duration of the provision of the service, to which are added the legal limitation periods which are generally 5 years.
  • When there is confusion between the name of your structure and your personal name (e.g.: self-employed, small business, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) are kept for the duration necessary for the transaction and the management of invoicing and payments, to which are added the legal limitation periods which are generally 5 to 10 years.
  • Email address as part of our commercial prospecting campaigns by email kept for a maximum period of 3 years from the last contact we had with you.
  • Phone number as part of our commercial prospecting campaigns by telephone kept for a maximum period of 3 years from the last contact we had with you.
  • Email to receive our newsletter kept until the end of your newsletter subscription.
  • Video surveillance images collected using our video surveillance cameras and stored for a maximum period of one month.
  • Statistical data relating to the viewing of our videos which are anonymized and stored indefinitely.
  • Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.
  • Cookies are generally stored for a maximum period of 13 months. For more details on how we use your cookies, you can consult our cookie policy, which is accessible at any time on our website.

Once the retention periods described above have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate them to you after this period. At most, we can only keep anonymous data for statistical purposes .

Please also note that in the event of litigation , we are obliged to keep all data concerning you for the entire duration of the processing of the file, even after the expiry of their retention periods described above.

What rights do you have to control the use of your data?

The applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge , in order to control the use we make of your data.

  • Right to access and copy your personal data provided that this request does not conflict with business secrecy, confidentiality, or the secrecy of correspondence.
  • Right to rectify personal data that is erroneous, obsolete or incomplete.
  • Right to object to the processing of your personal data carried out for commercial prospecting purposes.
  • Right to request the erasure (“right to be forgotten”) of your personal data which is not essential to the proper functioning of our services.
  • Right to limit your personal data which allows you to photograph the use of your data in the event of a dispute over the legitimacy of processing.
  • Right to the portability of your data which allows you to recover part of your personal data in order to store it or transmit it easily from one information system to another.
  • Right to give instructions on the fate of your data in the event of death either through you, a trusted third party or a beneficiary.

For a request to be considered , it is imperative that it is made directly by you to the address dpo@capiotec.fr. Any request that is not made in this way cannot be processed .

Requests cannot come from anyone other than you. We may therefore ask you for proof of identity if there is any doubt about the identity of the requester.

We will respond to your request as soon as possible , within one month of receipt, unless the request is complex or repeated. In this case, the response time may be up to three months .

Please note that we may always refuse to respond to any excessive or unfounded request , particularly in view of its repetitive nature .

Who can access your data?

WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS. ALL OF YOUR PERSONAL DATA IS USED EXCLUSIVELY BY OUR TEAMS OR OUR IT SERVICE PROVIDERS.

More specifically, we only share your data with people who are duly authorized to use it to provide you with our service, such as our IT department or our customer relations department.

Your personal data is also transferred to our IT service providers for the sole purpose of technically operating our service (e.g. data host).

We would like to point out that we monitor all our IT service providers before hiring them to ensure that they scrupulously comply with the applicable rules regarding the protection of personal data.

How do we protect your data?

We implement all the technical and organizational means required to guarantee the security of your data on a daily basis and, in particular, to combat any risk of destruction, loss, alteration, or disclosure of your data that would not be authorized (e.g.: training, access control, passwords, antivirus, backup servers, "https", etc.).

Can your data be transferred outside the European Union?

Unless strictly necessary and exceptionally, we never transfer your data outside the European Union and your data is always hosted on European soil . In addition, we do our utmost to only recruit service providers hosting your data within the European Union.

In the event that our service providers are nevertheless required to transfer personal data concerning you outside the European Union, we scrupulously ensure that they implement the appropriate guarantees to ensure the confidentiality and protection of your data .

Who can you contact for more information?

To best ensure the protection and integrity of your data, we have officially appointed an independent Data Protection Officer (“ DPO ”) with our supervisory authority.

You can contact our DPO at any time and free of charge at dpo@capiotec.fr to obtain more information or details on how we process your data.

How can you contact the CNIL?

You can contact the “National Commission for Information Technology and Civil Liberties” or “CNIL” at any time using the following contact details: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

Can the policy be changed?

We may modify our privacy policy only to strengthen it and adapt it to new legal requirements as well as to new processing that we may implement in the future.