As part of its business activities, DATASOLUTION collects and processes personal data from its users (hereinafter referred to as “Users”).

The purpose of this privacy policy, established by DATASOLUTION, is to provide Users with a concise and comprehensive understanding of the processing of personal data carried out by DATASOLUTION.

DATASOLUTION places significant importance on respecting the privacy of Users and the confidentiality of their personal data, and therefore undertakes to process data in compliance with applicable laws and regulations, including Law No. 78-17 of January 6, 1978, relating to computers, files, and freedoms (hereinafter the “Data Protection Act”), and Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the “GDPR”).

Personal data: any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Processing of personal data: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Cookie: a cookie is information deposited on the hard drive of an internet user by the server of the site visited. It contains several data: the name of the server that deposited it, an identifier in the form of a unique number, possibly an expiration date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and record information.

The data controller for the personal data referred to herein is the company DATASOLUTION SAS, registered with the RCS of PARIS under number 445 223 852 and whose registered office is located at 224, rue du Faubourg Saint-Antoine, 75012 Paris.

DATASOLUTION has designated a Data Protection Officer/Delegate for the Protection of Personal Data with the CNIL (Designation No. DPO 8844) who can be contacted at any time and for any request concerning the processing of personal data by the company at the following address: dpo@datasolution.fr.

DATASOLUTION collects User data in order to make the services for which they have subscribed to the platform available to them.

The mandatory or optional nature of the data provided (in order to finalize the User’s registration and provide DATASOLUTION’s offers and services) is indicated at the time of collection by an asterisk.

In addition, certain data is collected after obtaining the user’s consent as a result of the actions taken by the User on the site (see our specific cookie policy).

The personal data collected by DATASOLUTION in the context of the provision of services is necessary for the performance of contracts concluded with the User, or to allow DATASOLUTION to pursue its legitimate interests in respect of the rights of the User. All of this personal data is processed on the legal basis of obtaining the User’s consent.

The purposes for which DATASOLUTION processes data are as follows:

• Commercial and accounting management of the contract

• Management of marketing activation and animation

• Detection of malicious behavior (fraud, phishing, spam

• Improvement of user experience on the website

The personal data collected are intended for the commercial, marketing, and accounting services of DATASOLUTION. They may be transferred to DATASOLUTION’s subsidiaries or subcontractors that DATASOLUTION may call upon in the execution of its services.

In this context, personal data may be transferred to a member or non-member country of the European Union. The user will be systematically informed and their consent will be explicitly collected, and DATASOLUTION will implement safeguards to ensure the protection and security of this data in compliance with the regulations.

DATASOLUTION does not sell or rent personal data to third parties for marketing purposes. However, disclosure of personal data to third parties may occur in the following cases:

• With their authorization

• At the request of legally competent authorities, on judicial requisition, or as part of legal proceedings.

To fulfill its legal obligations or to have the necessary elements to assert its rights, DATASOLUTION may archive data under the conditions provided by regulations.

Thus, personal data collected by DATASOLUTION concerning the identity and contact details of its Users are archived for a maximum period of ten years after the termination of contractual relations for client Users or from their collection by the data controller or the last contact from the prospect User for data relating to them.

The termination of contractual relations is understood as the express termination of the contract by the User.

In accordance with the regulations, the User has the rights of access and rectification of personal data concerning him/her, which allow him/her to have inaccurate, incomplete, equivocal, outdated data corrected, completed, updated, or deleted, and whose collection, use, communication, or storage is prohibited.

The User also has the right to request the limitation of processing and to object to the processing of his/her personal data. The User may also communicate instructions on the fate of his/her personal data in case of death.

When applicable, the User may request the portability of his/her data or, when the processing is based on consent, withdraw his/her consent at any time.

The User may exercise his/her rights by contacting dpo@datasolution.fr directly by email.

The DATASOLUTION website uses cookies to facilitate navigation on the site, to execute the service provided by DATASOLUTION, to measure the audience of the site and the performance of advertising devices, or to allow the sharing of pages from the site.

Users have the option to accept or refuse cookies by clicking directly on the banner displayed at the bottom of the page during their first visit to the DATASOLUTION site. The user can modify their consent at any time by accessing the dedicated cookies page.

Regarding the nature of the cookies used by DATASOLUTION on its website, users can directly access our dedicated cookies page for detailed and regularly updated information.

DATASOLUTION has taken all necessary precautions to preserve the security of personal data, in particular to prevent them from being distorted, damaged or accessed by unauthorized third parties. These measures include, in particular:

• Multi-level firewalls,

• Proven anti-virus and intrusion detection systems,

• Encrypted data transmission using SSL/https/VPN technology

• Tier 3 and PCI DSS certified data centers

In addition, access to DATASOLUTION’s services by authorized recipients requires authentication of the persons accessing the data, using individual access codes and passwords that are sufficiently secure and regularly renewed.

Data transmitted over unsecured communication channels are subject to technical measures to render them incomprehensible to any unauthorized person.

Any questions regarding the security of the DATASOLUTION website can be addressed by email to dpo@datasolution.fr.

DATASOLUTION reserves the right to evolve this Privacy Policy to comply with changes in applicable laws and regulations. The changes will be notified via our website or by email.

Last update of the privacy policy: May 2, 2022

Any questions regarding DATASOLUTION’s Privacy Policy can be addressed by email to dpo@datasolution.fr.