Privacy Policy

1. Introduction

1.1. Purpose of the Privacy Policy

This Privacy Policy aims to inform you in a transparent manner about how Algos, as data controller, collects, uses, stores and protects your personal data when you use our website and associated services, including the chatbot and contact forms. We are committed to complying with the provisions of the General Data Protection Regulation (GDPR) (EU) 2016/679 and to ensuring the confidentiality and security of your personal information.

1.2. Scope of application

This policy applies to all personal data collected by Algos through our website, including but not limited to information provided through contact forms, interactions with our chatbot, and the use of cookies and similar technologies. It covers users of our website, potential and current customers, and any other person interacting with our online services.

1.3. Data controller

The data controller is Algos, whose registered office is located at 7 Avenue du Tour de France, 86360 Chasseneuil-du-Poitou. For any questions regarding the protection of your personal data, you can contact our manager at the following email address: data[at]algos.fr or by telephone at +33 5 33 03 00 04.

2. Data Collected

2.1. Personal data collected

We collect different categories of personal data in order to provide and improve our services. This data includes:

2.1.1. Identification data

Identification data includes your first and last name. This information is essential to personalize our interactions with you and to ensure effective communication.

2.1.2. Contact details

Contact data includes your email address and phone number. This information is required to respond to your support requests, to send you marketing communications (with your consent), and for other interactions necessary to provide our services.

2.1.3. Connection data

Login data includes information such as your IP address and connection logs. This data is collected for security purposes, fraud prevention, and statistical analysis to improve user experience on our site.

2.2. Data collection methods

We use several methods to collect your personal data:

2.2.1. Contact forms

Personal data is collected when you fill out contact forms on our website. These forms ask for information such as your name, email address, and any other data necessary to process your request.

2.2.2. Interaction with the chatbot

When you interact with our chatbot and request to be contacted, we collect the information you voluntarily provide, such as your name, email address, and the content of your requests. This data allows us to effectively answer your questions and provide you with the necessary support.

2.2.3. Cookies and similar technologies

We use cookies and similar technologies to collect browsing data. These technologies help us understand how you use our site, improve your user experience and perform traffic analysis. You can manage your cookie preferences when you first visit our site.

3. Purposes of Data Processing

3.1. Provision of services

We collect and use your personal data primarily to provide you with our services and respond to your requests. This includes:

3.1.1. Response to support requests

Your personal data is used to process and respond to your requests for support or information via our contact forms or chatbot. This allows us to identify you, understand your request and provide appropriate and effective assistance.

3.1.2. Improvement of services

We analyze the collected data to improve our services and the user experience on our website. This includes analyzing interactions with our chatbot and using connection data to identify trends and potential issues, and to make continuous improvements to our services.

3.2. Marketing and communications

With your explicit consent, we may use your personal data for marketing and communications purposes. This includes:

3.2.1. Sending newsletters and promotional offers

We may use your email address to send you newsletters, promotional offers and other marketing communications. You have the right to withdraw your consent at any time by contacting us at data[at]algos.fr or by using the unsubscribe link included in our communications.

3.3. Security and Fraud Prevention

We use your login details and other relevant information to ensure the security of our website and services. This includes preventing fraud, detecting and managing security incidents, and protecting against unauthorized access.

3.4. Compliance with legal and regulatory obligations

We may process your personal data to comply with our legal and regulatory obligations, such as data retention requirements, requests from judicial or administrative authorities, and other applicable legal obligations.

4. Legal Basis for Processing

4.1. Consent

The processing of your personal data is based on your explicit consent for certain specific purposes, such as sending newsletters and promotional offers. In accordance with Article 6(1)(a) of the GDPR, you have the right to withdraw your consent at any time by contacting us at the email address data[at]algos.fr or by using the unsubscribe link included in our communications.

4.2. Execution of the contract

We process your personal data where it is necessary for the performance of a contract to which you are party or in order to take pre-contractual steps at your request, in accordance with Article 6(1)(b) of the GDPR. This includes providing services, responding to your support requests and managing your interactions with our website.

4.3. Legal obligations

The processing of your personal data may also be necessary to comply with our legal and regulatory obligations, in accordance with Article 6(1)(c) of the GDPR. This includes retaining data for specific periods, responding to requests from judicial or administrative authorities, and complying with other applicable legal obligations.

4.4. Legitimate interests

We may process your personal data to pursue our legitimate interests, provided that such interests are not overridden by your fundamental rights and freedoms, in accordance with Article 6(1)(f) of the GDPR. Our legitimate interests include the security of our website, preventing fraud, improving our services, and managing our relationship with you.

5. Sharing of Personal Data

5.1. With service providers

We may share your personal data with third party service providers who assist us in providing our services. These providers act as data processors and process your personal data in accordance with our instructions and the provisions of the GDPR. We ensure that these providers implement appropriate security measures to protect your personal data.

5.2. With business partners

Your personal data may be shared with business partners in the context of specific collaborations, subject to your explicit consent. These partners are required to respect the same confidentiality and data protection obligations as we do. We ensure that any data sharing is limited to the information necessary to achieve the agreed objectives.

5.3. With judicial and administrative authorities

We may disclose your personal data to judicial or administrative authorities if required by law. This disclosure is made in accordance with applicable legal and regulatory obligations, and we undertake to limit disclosure to the information strictly necessary to meet these obligations.

6. Data Retention Period

6.1. Criteria for determining retention periods

The retention period of your personal data is determined based on several criteria, including legal and regulatory requirements, the need to retain the data to provide our services, and our data security obligations. We undertake not to retain your personal data for longer than is necessary for the purposes for which it was collected.

6.2. Specific duration by data type

6.2.1. Identification data

Identification data, such as your first and last name, are kept for a period of three years after the end of the contractual relationship or after the last contact from you, in accordance with our legal obligations and for customer relationship management.

6.2.2. Contact details

Contact data, such as your email address and telephone number, are retained for a period of three years after the end of the contractual relationship or after the last contact from you. This allows us to communicate with you and send you newsletters and promotional offers, subject to your consent.

6.2.3. Connection data

Connection data, such as your IP address and connection logs, are kept for a period of one year after their collection, in accordance with the recommendations of the CNIL. This data is used for security, fraud prevention and statistical analysis purposes.

6.2.4. Other data

Browsing data collected via cookies are stored for a variable period depending on the type of cookie, generally between six months and thirteen months. Data collected via surveys or polls are stored for a period of two years after their collection, in order to analyze and improve our services.

7. User Rights

7.1. Right of access

In accordance with Article 15 of the GDPR, you have the right to access the personal data we hold about you. You can ask us for a copy of this data as well as information on how it is processed. To exercise this right, please contact us at the email address data[at]algos.fr.

7.2. Right of rectification

Under Article 16 of the GDPR, you have the right to request the rectification of inaccurate or incomplete personal data concerning you. If you find that the information we hold is incorrect, please contact us at data[at]algos.fr so that we can update your data.

7.3. Right to erasure (right to be forgotten)

According to Article 17 of the GDPR, you have the right to request the erasure of your personal data in certain circumstances, such as when the data is no longer necessary in relation to the purposes for which it was collected or when you withdraw your consent. To exercise this right, please contact us at data[at]algos.fr.

7.4. Right to restriction of processing

In accordance with Article 18 of the GDPR, you can request the restriction of the processing of your personal data. This means that we can retain the data but not use or process it, except in certain circumstances. To exercise this right, please contact us at data[at]algos.fr.

7.5. Right of opposition

Under Article 21 of the GDPR, you have the right to object to the processing of your personal data on legitimate grounds, including processing for direct marketing purposes. To exercise this right, please contact us at data[at]algos.fr.

7.6. Right to data portability

In accordance with Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and to transmit it to another controller. To exercise this right, please contact us at data[at]algos.fr.

7.7. Right to withdraw consent

If the processing of your personal data is based on your consent, you have the right to withdraw this consent at any time, in accordance with Article 7(3) of the GDPR. To withdraw your consent, please contact us at data[at]algos.fr.

8. Data Security

8.1. Technical security measures

We implement rigorous technical security measures to protect your personal data from loss, misuse, unauthorized access, disclosure, alteration or destruction. These measures include, but are not limited to, the use of encryption technologies to protect data in transit and at rest, and security protocols to secure communications and transactions on our website.

8.2. Organizational security measures

In addition to technical measures, we have implemented organizational security measures to ensure the protection of your personal data. This includes regularly training our staff on data protection best practices, implementing strict internal data management policies, and limiting access to personal data to only those employees who need it to perform their duties. We also conduct regular audits to monitor and continually improve our security practices.

9. International Data Transfers

9.1. Transfers within the European Union

Your personal data is mainly processed and stored within the European Union (EU). We ensure that all processing operations comply with the requirements of the GDPR and that your data benefits from an adequate level of protection in accordance with European standards.

9.2. Transfers outside the European Union

We do not transfer your personal data outside the European Union. However, in the event that such a transfer is necessary in the future, we undertake to put in place appropriate safeguards to ensure the protection of your personal data, in accordance with Articles 44 to 50 of the GDPR.

9.2.1. Standard contractual clauses

If a transfer of data to a third country is envisaged, we will use the Standard Contractual Clauses (SCCs) adopted by the European Commission as a transfer mechanism to ensure that your personal data benefits from an adequate level of protection.

9.2.2. BCR (Binding Corporate Rules)

Alternatively, we may use Binding Corporate Rules (BCRs) that have been approved by a relevant data protection authority to govern international data transfers within our group of companies. These BCRs ensure that your personal data is adequately protected, even when transferred outside the EU.

10. Changes to the Privacy Policy

10.1. Modification process

We reserve the right to modify this Privacy Policy at any time in order to reflect changes in our data processing practices, legislative or regulatory developments, or for any other reason deemed necessary. Each modification will be made in accordance with the provisions of the GDPR and other applicable regulations. We undertake to keep this policy up to date and to inform you of any significant changes.

10.2. Notification of changes

If we make any material changes to this Privacy Policy, we will notify you by changing the Privacy Policy update date on our website. We encourage you to review this policy periodically to stay informed of any updates. Your continued use of our services following notification of changes constitutes your acceptance of these changes.

11. Contact

11.1. Contact details of the Data Protection Officer (DPO)

Algos is responsible for protecting your personal data. For any questions regarding this Privacy Policy or to exercise your data protection rights, you can contact our Data Protection Officer at the following contact details:

• E-mail : data[at]algos.fr
• Phone : +33 5 33 03 00 04
• Mailing address : Algos, 7 Avenue du Tour de France, 86360 Chasseneuil-du-Poitou

11.2. Contact procedure for questions and requests

If you have any questions, concerns or requests regarding this Privacy Policy or the processing of your personal data, we encourage you to contact us using the contact information provided above. We are committed to responding to your requests in a timely manner and providing you with any assistance necessary to exercise your data protection rights.