Privacy Policy

We know that you care about your personal data and how it is used. We are committed to being open and transparent. We only collect the data that is necessary to provide the requested service. Furthermore, the data you import into our solution remains your data. More generally, we do not use the data on our own behalf, we do not share the data with third parties for any purpose other than providing the service, and we do not trade the data.
This Privacy Policy explains the type of personal data we collect, why we collect it, and how we use it. Please take the time to familiarize yourself with our privacy practices and please let us know if you have any questions by emailing us at dpo@bsoft.fr.
Personal data: any information that can be used to directly or indirectly identify a particular person.

Data processing: A personal data processing is an operation, or set of operations, relating to personal data (collection, extraction, adaptation, storage etc).

Data controller: The person responsible for processing personal data is in principle the person, public authority, company or organization that determines the purposes and means of this file, that decides on its creation.

Purpose: The purpose of processing is the main objective of the use of personal data. The data are collected for a well-defined and legitimate purpose and are not further processed in a way that is incompatible with this initial purpose

Sub-processor: The processor, within the meaning of the GDPR, is the natural or legal person (company or public body) that processes data on behalf of another organization (the controller), in the context of a service or provision

Sensitive data: This is information that reveals the alleged racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning the sex life or sexual orientation of a natural person. The EU Regulation prohibits the collection or use of such data, except, inter alia, in the following cases:

- If the data subject has given his or her express consent (an active, explicit and preferably written step, which must be free, specific, and informed);
- If the information is manifestly made public by the data subject;
- If it is necessary for the safeguarding of human life;
- If its use is justified by the public interest and authorized by the CNIL;
- If it concerns the members or adherents of a political, religious, philosophical, political or trade union association or organization

Data breach: is characterized by the destruction, loss, alteration, unauthorized disclosure of or access to personal data transmitted, stored or otherwise processed, whether accidental or unlawful.

1. Identity and contact details of the data controller

When visiting our site, as the person responsible for processing, may be required to collect your personal data in the context of the execution of your insurance contracts.
All personal data provided to or collected by the company bsoft.fr are controlled by the data protection officer at the address: 4 rue Coste, 69300 Caluire et Cuire, France

2. Why and how is your personal data collected?

We can collect your data by different means:
- That you give us directly
= Website
= Email address
= Phone
- That we collect automatically (cookies)
- That we collect from other sources (canvassing, partners)

Information you give us.
We use this information :
- To provide the requested service.
- To communicate with you by responding to your inquiries about using the solution or billing.
- To administer your account.
- To protect the solution from abuse and fraud.
- To inform you of changes and improvements to our service.

Information we collect.
We
use this information:
- To provide the service in a user-friendly manner.
- To administer the health of the solution.
- To correct problems in the solution.
- To measure the effectiveness and use of the Service.

Participant Information.
Participant information can be used by users:
- To send email or SMS communications related to the solution.
- To track attendance at training sessions individually and collectively.
- To secure access to company data.

table

Data processing on our solutions:

Information you give us:
When you create an account on our solution, you give us the following information: name, first name, address, email, phone number and billing information.

a) Participant data
Participant information:
When using the solution, users (training organizations or facilitators) are required to enter personal data of people interacting with the solution (other users, facilitators, trainees). This data is the property of the client and we do not control what he collects.
This data can be, but is not limited to: name, surname, title, email address, phone number, company, planned trainings. When an attendee signs in, we also collect their signature and attendance information at the training location.

b) For all
Information we collect:
When you use the service we automatically collect the following information:
- Technical information about your browser when you visit the website. This information may include your IP address, the browser you are using and how it is set up (such as language preferences), the dates and times you use the service, and the actions you take on the solution.
- Technical information about the mobile device when you use the application. This information may include your IP address, the device model and its technical information (including a unique device identifier that can only be accessed through our app), dates and times you use the app, and actions taken on the app.
Full diagnostic data is only collected in the event of a malfunction.

How do we determine how long we keep your personal data?

We keep the data for the time necessary for the operations for which they were collected and in compliance with the regulations in force. The length of time we keep data varies and depends on the nature of the data, its purpose and the legal and regulatory aspects to which it is subject. These periods are based on the legal requirements for legal action.
In this case, the first retention period takes into account the duration of your contract. The retention period begins at the end of the contractual break.
The solution offers the customer the possibility of deleting the data on its interfaces at any time. bsoft.fr undertakes in any case not to retain them for more than 3 years after the end of the service, or earlier if the customer so requests.

3. Cookie Policy

When you visit our website, cookies are sent to your computer, tablet or mobile. Our policy on cookies allows you to better protect yourself against cookies while understanding their usefulness.
You can accept or refuse cookies directly from our site by expressing your choice using the banner that appears at the bottom of your screen.

What is a cookie?

A cookie is a text file that the site you are visiting stores on your hard drive or in your browser's RAM. It allows your computer to store various technical data such as the number of visits, the frequency of exposure to an advertising banner, the connection to other sites. It also allows you to personalize your future connections by memorizing the choice of language of the site, your connection information, your preferences.

Why does our site use cookies?

We use cookies to provide a secure connection and authentication of the user once logged in. If the user activates the "Remember me" option another cookie will be added, in order to allow the user to stay logged in to the solution.
We do not use cookies to collect information about you and no advertising or commercial incentives are present.
If you wish to prevent cookies from being saved, you can select the "Do not accept cookies" option in your browser settings. You can find detailed information about this in your browser instructions. You can also delete cookies, which have already been saved on your computer. However, without cookies, the solution can only be used to a limited extent.
Our website collects cookies in order to ensure its proper functioning and to facilitate your browsing.
- Technical and navigation cookies: These cookies facilitate your navigation between the pages of our site and are necessary to allow you to benefit from certain functionalities such as using your user account. These cookies expire when you close your web browser.
- Audience measurement cookies: To measure the audience of our website, we collect information such as the amount of time you spend on our website, which buttons you clicked, how you arrived on the website (referral sites, social networks, search engines, etc.). With these cookies, we measure the effectiveness of our interactive content and improve our services

How long cookies are kept

The cookies we collect are kept for a maximum of 13 months.

4. With whom do we share your personal data?

The may share your personal information internally and with selected third parties. For example, we may share your personal information with third party service providers, other third parties, partners or legal disclosures.
- Third Party Service Providers: In order to fulfill your requests, respond to your inquiries, process your contracts, enable you to participate in contests, and provide you with other features, services and materials on our sites, we share your personal data with third party service providers who perform functions on our behalf. These are companies that: host or operate sites; process payments; analyze data; provide customer service, postal or delivery services. They have access to personal information needed to perform their functions but may not use it for any other purpose. In addition, they are required to treat such personal information in accordance with this Privacy Policy and in compliance with applicable data protection laws and regulations.
- List of Providers :
clever cloud
Hosting
Clever Cloud SAS
3 rue de l'Allier
44000 Nantes
FRANCE
Transfer of data to a third country: no
Privacy policy: https://www.clever-cloud.com/en/privacy-policy
https://www.clever-cloud.com/en/security
Iroquois
Sending emails and SMS
Iroquois SAS
65 rue du Bourbonnais
69009, Lyon
FRANCE
Transfer of data to a third country: no
Privacy policy: https://www.iroquois.fr/mentions-legales/

blowpipe
Sending emails
Sarbacane software
Parc d'activités des 4 vents - 3 avenue Antoine Pinay
59510 Hem
FRANCE
Transfer of data to a third country : no
Privacy policy : https://www.tipimail.com/rgpd
crisp
Support Center
Crisp IM
2 Boulevard de Launay
44100 Nantes
FRANCE
Transfer of data to a third country: Yes - Netherlands, Germany
Privacy Policy:
- https://crisp.chat/fr/privacy/
- https://docs.crisp.chat/guides/others/security-practices/
noticeable
Change log
Noticeable
28 Avenue Ziem
06800 Cagnes-sur-mer
FRANCE
Transfer of data to a third country: Yes - USA
Privacy policy:
- https://noticeable.io/privacy
- https://noticeable.io/service-providers
ably
Sending real time information
Ably RealTime
Ltd. Labs Atrium The Stables Market
Chalk Farm Road
London, UK NW1 8AB
Transfer of data to a third country: Yes - UK
Privacy Policy:
- https://www.ably.io/privacy
- https://www.ably.io/data-protection
api2pdf
PDF generation
api2pdf
4401 Fairfax Drive STE 200
Arlington VA 22204
USA
Data transfer to a third country: Yes - USA
Privacy policy:
https://www.api2pdf.com/privacy-policy/
Bugsnag
Application Error Handling
Bugsnag
Inc.
110 Sutter St, Suite 1000, San Francisco, CA 94104
USA
Transfer of data to a third country: Yes - USA
Privacy Policy:
https://docs.bugsnag.com/legal/privacy-policy/

- Legal Disclosure. We may transfer and disclose your personal data to third parties
- In order to comply with a legal obligation;
- When we believe in good faith that the law requires it;
- At the request of government authorities conducting an investigation;
- To audit or enforce our "Terms of Use" or other applicable policies;
- To detect and protect against fraud, or technical or security vulnerabilities;
- To respond to an emergency; to protect the rights, property, safety or security of others.

International Data Transfers

Sharing personal data internally or with third parties for the purposes described in this Privacy Policy.
bsoft.co.uk will only transfer personal data collected in the European Economic Area (EEA) to foreign countries in situations such as:
- Following your instructions;
- Complying with a legal obligation
- Working with our employees and advertisers that we use to help us run our business and services

If we need to transfer personal data outside the EEA, bsoft.co.uk will ensure that it is protected in the same way as it is in the EEA. We will use one of the following safeguards:

- Transfer to a country outside the EEA whose privacy legislation ensures an appropriate level of protection for personal data as in an EEA country;
- Put in place a contract with the foreign third party that means they must protect personal data to the same standards as the EEA
- Transfer personal data to organizations that are part of specific agreements relating to cross-border data transfers with the European Union (e.g., the Privacy Shield or Bouygues International). (e.g., the Privacy Shield is a framework that defines privacy standards for data transferred from EU countries to the United States).

5. How do we protect your personal data?

Bsoft.co.uk takes the security of your personal data very seriously. We strive to protect your personal data from data breaches such as misuse, interference, loss, unauthorized access, alteration or disclosure.
Our measures include implementing appropriate access controls, investing in the latest information security capabilities to protect the computing environments we operate.

Non-exhaustive list of security measures implemented:

Access to your personal data is only allowed among our employees and agents on a need-to-know basis and is subject to strict contractual confidentiality obligations when data is processed by third parties.
Our data is hosted in France via a chain of French providers. In the context of the use of the service, some data are sent to providers located outside the European Union (see point III.)
The personal information we collect is kept in a secure environment. The people working for us are required to respect the confidentiality of your information. To ensure the security of your personal information, we use the following measures:

- SSL (Secure Sockets Layer) protocol
- Network monitoring software
- Computer backup
- Strong login/password
- Firewalls

We are committed to maintaining a high degree of confidentiality by incorporating the latest technological innovations to ensure the privacy of your data. However, as no mechanism offers maximum security, there is always a degree of risk involved when using the Internet to transmit personal information.
Furthermore, we can only advise users to choose secure passwords. The use of a password manager is an excellent way to secure and remember all its accesses.
bsoft.fr undertakes to communicate to the customer, the occurrence of any security breach, having direct or indirect consequences on the treatment, as well as any complaint which would be addressed to him by any person concerned by the treatment carried out under the licence of use of our solution. This information or request must be made as soon as possible and no later than 72 hours after the discovery of the security breach or following receipt of a complaint.

6. What are your rights?

In accordance with the amended "Informatique et Libertés" law of January 6, 1978 and the European regulation n°2016/679/EU of April 27, 2016, you can access your data, rectify it, request its deletion or exercise your right to portability or limitation of the processing of your data. You may also withdraw your consent at any time. To exercise these rights or for any questions about the processing of your data in this system, you can contact our Data Protection Officer (DPO) by e-mail: dpo@bsoft.fr
If you feel, after having contacted us, that your data protection rights have not been respected, you can submit a complaint to the Commission Nationale de l'Informatique et des Libertés (CNIL) either via the following URL: https://www.cnil.fr/fr/plaintes, or via e-mail to the following address: 3 place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07

7. How do we update this privacy policy?

Updates to this Privacy Policy will incorporate customer feedback and changes to our products and services as appropriate. When we make changes to this statement, we will correct the "last updated" date at the top of this document. If the changes are substantial, we will provide a more extensive Privacy Policy (including, for some services, email notification of changes to the Privacy Policy). We will also archive previous versions of this Privacy Policy for your review, and we will post any changes to the privacy rules on this page and send you a notice to review the new rules.
Copyright @2023 bsoft.com