I. Purpose
The purpose of these terms is to define the conditions under which My Keeper undertakes to process the personal data described below on behalf of users of the MyKeeper SOS app.
In accordance with the requirements of the GDPR, we place the utmost importance on protecting your personal data. For more information about our data processing practices and your rights, please review My Keeper’s comprehensive privacy policy at the following address: https://mykeeper.fr/mentions-legales-politique-de-confidentialite/
II. Description of the treatment
The purpose(s) of the processing are:
X Hosting
The personal data processed are:
X Access to SMS messaging ONLY FOR ALERTS
X Location data ONLY FOR ALERTS
X Automatic call answering ONLY FOLLOWING AN ALERT
The categories of individuals concerned are:
X User
III. My Keeper's Obligations
A. My Keeper's Obligations
My Keeper undertakes to:
1. Process data solely for the purpose(s) covered by the application’s function, namely the sending of an SMS alert.
2. Ensure the confidentiality of personal data processed under this agreement.
3. Ensure that persons authorized to process personal data under this contract:
◦ Undertake to respect confidentiality or are subject to an appropriate legal obligation of confidentiality.
◦ Receive the necessary training regarding the protection of personal data.
4. Process the data in accordance with the documented instructions of the data controller set forth in this contract. If My Keeper considers that an instruction constitutes a violation of the European General Data Protection Regulation or any other provision of Union law or the law of Member States relating to data protection, it shall immediately inform the user and reserves the right not to apply said instruction until its lawfulness is demonstrated by the Party acting in good faith.
5. Take into account, with regard to its tools, products, applications, or services, the principles of data protection by design and data protection by default.
6. Furthermore, if My Keeper is required to transfer data to a third country or an international organization under Union law or the law of the Member State to which it is subject, it must inform the controller of this legal obligation prior to processing, unless the relevant law prohibits such information on important grounds of public interest.
B. Data subjects’ right to information
It is My Keeper’s responsibility to provide information to the individuals affected by data processing activities at the time the data is collected.
C. Exercise of Individual Rights
My Keeper is designed to help users fulfill their obligation to respond to requests from data subjects to exercise their rights: the right of access, rectification, erasure, and objection; the right to restrict processing; the right to data portability; and the right not to be subject to automated individual decision-making (including profiling).
D. Notification of Personal Data Breaches
My Keeper notifies the user of any personal data breach as soon as possible after becoming aware of it, by contacting the user’s Data Protection Officer. This notification is accompanied by any relevant documentation to enable the data controller, if necessary, to report the breach to the competent supervisory authority.
The notification shall include at least the following:
• A description of the nature of the personal data breach, including, where possible, the categories and approximate number of data subjects affected by the breach and the categories and approximate number of personal data records affected;
• The name and contact details of the data protection officer or another contact point from whom further information may be obtained;
• A description of the likely consequences of the personal data breach;
• A description of the measures taken or proposed by the controller to address the personal data breach, including, where appropriate, measures to mitigate any potential adverse consequences.
If, and to the extent that it is not possible to provide all this information at the same time, the information may be provided in stages without undue delay.
E. Data Location
My Keeper undertakes to process and host this data in France or within the European Union and to take all necessary administrative and technical steps to ensure that such processing complies with applicable laws. My Keeper may add other sites located in France or the European Union without requiring the user’s consent, provided that this change does not affect the service.
Data must remain stored on servers located exclusively within the European Union.
These new sites will be located exclusively in France or within the European Union.
F. Security Measures
My Keeper is committed to taking all necessary precautions to ensure the security of information, including protecting it against accidental or unlawful destruction, accidental loss, alteration, unauthorized disclosure or access—particularly when processing involves the transmission of data over a network—as well as against any other form of unlawful processing or disclosure to unauthorized persons. My Keeper undertakes, in particular, to implement the following security measures:
• Measures to ensure the constant confidentiality, integrity, availability, and resilience of processing systems and services;
• Measures to restore the availability of personal data and access to it within a reasonable timeframe in the event of a physical or technical incident;
• A procedure to regularly test, analyze, and evaluate the effectiveness of technical and organizational measures to ensure the security of processing.
G. Data Disposal
Upon completion of the services related to the processing of such data, and for any reason whatsoever, My Keeper agrees to return all personal data to the data controller.
The return must be accompanied by the destruction of all existing copies in the processor’s information systems. Once destroyed, My Keeper must provide written proof of the destruction.
