Last update: January 2023

Preamble

Didomi’s services are aimed at professionals who wish to respect the protection of personal data through the use of Didomi’s services de Didomi. Didomi therefore attaches particular importance to the processing, confidentiality and security of your personal data. 
 
The purpose of this privacy policy is to inform you in a clear, simple and comprehensive manner about the processing carried out on your personal data, as well as the rights you can exercise to control your personal information and protect your private life.
 
For informational purposes, personal data is any information regarding a physical person who is identifiable or can be identified, directly of indirectly, by reference to an identification number or one or more elements that are specific to him or her, such as surname, name, date of birth, customer or order number, photo, etc…


Identity and contact details of the data controller 

Didomi, a simplified joint-stock company, whose headquarter is located at 137 Boulevard de Sébastopol in Paris, registered with the Paris RCS under the number B 831 722 756, is responsible for processing your personal data collected on the website www.didomi.io, and when using our services, within the meaning of the regulations applicable to personal data and in particular the EU Regulation 2016/679 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR”).


Purpose of processing, legal basis and personal data collected

Below, you will find the purposes of processing for which we process your personal data, as well as each legal basis for processing and the categories of personal data collected. 

Purposes of processing

- Recovery of prospects’ contact information
- Management of communication with the prospects
- Qualification of prospect information
- Performing statistical analysis on prospects 
- Qualification of customer information
- Management of communication with customers
- Performing statistical analysis on customers 
- Management of the information letter
- Management of the appointment request via the website www.didomi.io
- Management of forms hosted within social media
- Online events management
- Management of digital advertising for Didomi
- Management of marketing communication
- Management of content downloading on the website
- Customer invoicing
- Statistical analysis for the purpose of improving Didomi’s products and services
- Establishing the amount for customer invoices

Legal basis for processing

- Legitimate interest of Didomi 
- Performance of a contract 
- Pre-contractual measures 
- Consent of data subjects

Data subjects

- Didomi’s prospects 
- Didomi’s customers 
- Didomi’s partners 
- End users of Didomi’s customers

Categories of personal data collected

- Identity data 
- Professional contact information
- Business information 
- Login data
- Social network data (Linkedin account URL) 
- Language used for communications 
- Communication preferences
- Customer interaction history
- Customer ID
- Other information voluntarily shared with Didomi
- Consent choices
- Timestamp

Personal data retention duration

For the purposes of processing mentioned above, we collect the personal data of our customers’ employees (in particular, their professional email address). This data is stored for the duration of the contract agreed on with our customers.

As far as the personal data of prospects is concerned, it is stored for the duration indicated at the time of collection or for the duration of the applicable legal requirement.


Categories of recipients of your personal data 

Your personal data is processed by Didomi’s employees. We ensure that only the authorised employees within Didomi can access your personal data when necessary for carrying out their mission and in order to manage our commercial relationship or to achieve our legitimate interest. 

We may also be required to share your personal data with our subprocessors:

- Our service providers supplying  client relation management tools,
- Our service providers supplying prospect’s telephoning management tools, 
- Our social media provides, 
- Our service providers supplying productivity tools, and cloud computing and groupware softwares for professionals,
- Our service providers supplying a tool allowing to view and manage data in the Didomi console,
- Our service providers supplying a tool to plan, prepare and follow external meetings,
- Our service providers supplying a data visualization tool for analysts,
- Our service providers supplying a tool for hosting our online events and registering for said events,
- Our service providers supplying email and electronic communication solutions.

Finally, Didomi may be required to share your data with third parties to satisfy legal, regulatory, contractual obligations, or to respond to questions from legal authorities.

Personal data transfers outside the EEA

Certain recipients of your personal data could be outside the European Economic Area or in countries deemed adequate by the European Commission. 

Said personal data transfers will be carried out through the appropriate guarantees, in particular, contractual, technical and organizational, conforming with the applicable regulation regarding personal data protection. 


Your rights regarding your personal data 

According to the applicable regulation, in particular the GDPR, you have the right to access and rectify your personal data, as well as, the right to request its erasure, to oppose their processing for legitimate reasons and to obtain their limitation or portability to the applicable extent. 

You also have the right to formulate specific or general indications concerning the storage, erasure and communication of your data post-mortem. 
These rights can be exercised directly with the DPO of Didomi by email at the address dpo@didomi.io or by post at the following address:

DIDOMI SAS
A l’attention du DPO - Délégué à la protection des données
137 boulevard de Sébastopol 75002 PARIS

You can at any time ask to no longer receive our communications relating to our products and services, our newsletter and our events by using the hypertext link provided for this purpose in every email that we send you or by visiting the Didomi preference center by clicking here. 

You also have the right to lodge a complaint with the CNIL in the event that you are not satisfied with our answers.

Contact details of our Data Protection Officer

For any question related to the collection and processing of your data by Didomi, you can contact our data protection officer by email at the following address dpo@didomi.io. 

Modification of the personal data protection policy 

This personal data protection policy may be modified according to changes in Didomi’s practices and applicable legislation. This is why we advise you to consult it regularly, you can easily check the last update at the top of the document.

Consumers located in the USA (for example in California, Virginia, Colorado, Utah, and/ or Connecticut) will find below the additional information required by the law.

Categories of source from which the personal data is collected 

The personal information is collected by Didomi mainly directly from its customers or prospects. However, Didomi can also collect personal information from suppliers who provide solutions that allow companies like Didomi to find phone numbers and email addresses, including via Linkedin.


Categories of personal information that Didomi has shared to third parties in the last 12 months.

Firstly, please note that Didomi does not sell any of the personal information it collects. Moreover, Didomi also does not share your data for cross-context behavioural advertising purposes with any third party.

Didomi does not sell or share personal information of consumers under 16 years of age.

Information about the use or disclosure of sensitive information 

Didomi does not use or disclose sensitive personal information as defined by the California Privacy Right Act.


Your rights regarding your personal information

According the privacy laws, you have different rights regarding your personal information :

- The right to know what personal information Didomi has collected about you,
- The right to delete personal information that Didomi has collected from you, subject to certain exceptions
- The right to correct inaccurate personal information that Didomi maintains about you,
- The right to opt-out of Didomi sharing your personal information,
- The right not to receive discriminatory treatment by the Didomi for the exercise of privacy rights conferred by the law.

As mentioned above in this privacy policy, you can exercise the different rights described here in above by writing an email to dpo@didomi.io or sending your request to the following address : 

DIDOMI SAS
A l’attention du DPO - Délégué à la protection des données
137 Boulevard de Sébastopol 75002 PARIS