PRIVACY POLICY
At My Keeper, respecting your privacy and protecting your personal data are our top priorities.
This Privacy Policy (hereinafter the “Privacy Policy”) is intended to inform you about how your personal data is processed when you use the mykeeper.fr website (the “Website”) in accordance with Regulation (EU) 2016/679 of April 27, 2016 on the protection of natural persons withregarding the processing of personal data and on the free movement of such data (the “GDPR”) and Law No. 78-17 of January 6, 1978, on information technology, files, and civil liberties, as amended (collectively, the “Applicable Regulations”).
This Privacy Policy does not describe how we collect and process your data through cookies and other tracking technologies (“Cookies”) on the Site. For more information, please see our Cookie Policy.
1. Who is the data controller?
When you browse and/or register on our Site, or more generally in the context of managing our contractual relationship with you, the data controller is My Keeper, a simplified joint-stock company, registered with the Grasse Trade and Companies Register under No. 821 064 474, with its registered office located at 154 Chemin de Saint Michel, 06620 Le Bar-sur-Loup, France (“We,” “Us,” “Our”).
However, when our services are used by client entities, we collect and process personal data on their behalf and for their account. Our client companies are therefore the data controllers, and we act as a data processor on their behalf.
2. What data do we collect?
Personal data is data that can be used to identify an individual either directly or by cross-referencing it with other data.
We collect personal data that falls into the following categories:
• Personal information (last name, first name, email address, mailing address, and phone number);
• Information related to your professional background (name of the company or organization, department within the company or organization, resume, job title/position, LinkedIn URL);
• Login credentials (including login logs and passwords);
• Browsing data (IP address, pages viewed, date and time of connection, browser used, operating system, user ID, MAID);
• Data from recordings of phone calls and video conferences between you and our sales department (the content of the calls, their dates);
• Economic and financial data (including bank account information);
• Data related to your transactions and your business relationship with us;
• Any information provided as part of your contact request.
Required fields are indicated when you provide us with your information. They are marked with an asterisk in our data collection forms.
3. Details on the processing of your personal data
|
Objectives
|
Legal Basis
|
Shelf life
|
|
Provide you with a demonstration of our services
|
Carrying out pre-contractual measures requested by you
|
Your data is retained for a period of 3 years from the date of collection or the last active contact.
In addition, your data may be retained for evidentiary purposes for a period of 5 years.
|
|
Handle customer management tasks related to contracts, orders, and quotes, and ensure that contractual relationships with our customers are properly maintained
|
Performance of the contract that you or your company has entered into with us
|
Personal data is retained for the duration of the contractual relationship.
In addition, your data (with the exception of your bank details) is retained for evidentiary purposes for a period of 5 years.
|
|
To analyze your use of our services, understand your expectations, and improve the features we offer (including by analyzing interactions or compiling statistics on website traffic and audience)
|
Our legitimate interest in improving our services
|
Recordings of phone calls and video conferences are retained for 6 months from the date they are collected.
Records of the content of telephone calls and video conferences are retained for one year from the date of recording.
Personal data collected via cookies and trackers to improve the user experience is retained for 2 years. Cookies and trackers remain active for 13 months.
|
|
Build a list of potential customers
|
Our legitimate interest in developing and promoting our business
|
Your data is retained for a period of 3 years from the date of your last contact with us.
|
|
Send newsletters, solicitations, and promotional messages via email
|
Our legitimate interest in building customer loyalty and keeping our customers and prospects informed of our latest news |
Data is retained for 3 years from the date of your last contact with us. |
|
Responding to your inquiries and contact requests
|
Our legitimate interest in responding to your requests |
Data is retained for a period of 3 years from the date of your last contact. |
|
Retain administrative information and documents related to our business
|
Comply with our legal and regulatory obligations
|
Invoices are retained for a period of 10 years.
Data related to your transactions (excluding banking information) is retained for 5 years.
Data related to your contract and information regarding the signing of the contract are retained for 5 years. |
| Process applications and manage the recruitment process (screening candidates, contacting candidates to assess their suitability for the position, conducting interviews, and finalizing the recruitment process) |
Carrying out pre-contractual measures requested by you |
Your data will remain in our active database throughout the recruitment process until a hiring decision is made.
If your application is rejected, your data may be retained for three months after the recruitment process ends so that we can explain the reasons for the rejection.
Your data may be retained in an interim archive for evidentiary purposes for a period of 5 years from the date of the hiring decision.
|
|
Create a resume database
|
Your consent
|
Data is retained for two years from the date of the last contact with the individual concerned.
|
|
Responding to requests from data subjects to exercise their rights
|
Comply with our legal and regulatory obligations
|
If we ask you to provide proof of identity, we will retain it only for as long as necessary to verify your identity. Once the verification is complete, the proof of identity will be deleted.
If you exercise your right to opt out of receiving marketing communications: we will retain this information for 3 years.
|
|
Track requests from data subjects to exercise their rights
|
Our legitimate interest in tracking your requests to exercise your rights
|
Information used to process your requests to exercise your rights under the GDPR will be retained for 3 years from the date of your request.
|
4. Who receives your data?
The following will have access to your personal data:
(i) Our company's employees;
(ii) Our subcontractors: web hosting provider, newsletter distribution provider, website development provider, audience measurement and analytics provider, email service provider, billing tool, CRM tool, customer support and after-sales service tool; call recording and note-taking tool for video conferences;
(iii) Our partners acting as independent data controllers. We assume no responsibility for the processing of personal data carried out by our partners, and we encourage you to review their terms of service and privacy policy;
(iv) To any authority legally authorized to receive such information, in particular judicial, law enforcement, or administrative authorities, if they so request.
5. Is there a possibility that your data will be transferred outside the European Union?
Your data is retained and stored on Amazon Web Services servers located in Ireland for the entire duration of the processing.
Depending on the tools we use (see the section on recipients regarding our subcontractors), your data may be transferred outside the European Union. The transfer of your data in this context is secured using the following measures:
- either the data is transferred to a country for which the European Commission has issued an adequacy decision in accordance with Article 45 of the GDPR: in this case, that country ensures a level of protection deemed sufficient and adequate under the provisions of the GDPR;
- either the data is transferred to a country whose level of data protection has not been recognized as adequate under the GDPR: in this case, such transfers are based on appropriate safeguards as set forth in Article 46 of the GDPR, tailored to each service provider, including, but not limited to, the use of standard contractual clauses approved by the European Commission, the application of binding corporate rules, or pursuant to an approved certification mechanism;
- or the data is transferred on the basis of one of the appropriate safeguards described in Chapter V of the GDPR.
You can obtain a copy of the tools used to transfer your data outside the European Union by contacting us using the contact information provided in the section titled “What are your rights regarding your data?” below.
6. What are your rights regarding your data?
You have the following rights regarding your personal data:
– Right to information: this is precisely why we have drafted this Privacy Policy. This right is provided for in Articles 13 and 14 of the GDPR.
– Right of access: You have the right to access all of your personal data at any time, pursuant to Article 15 of the GDPR.
– Right to rectification: You have the right to have your inaccurate, incomplete, or outdated personal data corrected at any time, in accordance with Article 16 of the GDPR.
– Right to restriction of processing: You have the right to obtain the restriction of the processing of your personal data in certain cases specified in Article 18 of the GDPR.
– Right to erasure: You have the right to request that your personal data be erased and to prohibit any future collection of such data for the reasons set forth in Article 17 of the GDPR.
– The right to establish guidelines regarding the retention, deletion, and disclosure of your personal data after your death.
– Right to withdraw your consent at any time: For processing based on consent, Article 7 of the GDPR states that you may withdraw your consent at any time. Such withdrawal will not affect the lawfulness of processing carried out prior to the withdrawal.
– Right to data portability: Subject to certain conditions specified in Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a standard, machine-readable format and to request that it be transferred to a recipient of your choice.
– Right to object: Under Article 21 of the GDPR, you have the right to object to the processing of your personal data. Please note, however, that we may continue to process your data despite your objection, for legitimate reasons or to defend our legal rights.
You may exercise these rights by writing to us at the following address: dpo@mykeeper.fr / 154 Chemin de Saint Michel, 06620 Le Bar-sur-Loup, France.
In such cases, we may ask you to provide additional information if we have reasonable grounds for doubt, or even any documents that can verify your identity if the doubt persists.
If you have any questions or concerns that have not been resolved, you have the right to file a complaint with the competent supervisory authority, which in France is the Commission Nationale de l’Informatique et des Libertés (“CNIL”), located at 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07.
7. Changes
We may amend this policy at any time, in particular to comply with any regulatory, legal, editorial, or technical changes. These amendments will take effect on the date the revised version becomes effective. We therefore encourage you to review the latest version of this policy regularly. However, we will notify you of any significant changes to this privacy policy.
Effective date: April 1, 2025
