Privacy Policy

Certified compliant by Dipeeo ®

 

What is the purpose of our Privacy Policy?

 

UBIKIO SAS, which manages the FIXEE platform, attaches great importance to the protection and confidentiality of your personal data, which we consider to be a guarantee of reliability and trust.

As such, our Personal Data Privacy Policy precisely reflects our desire to ensure that UBIKIO SAS complies with the applicable rules on the protection of personal data and, more specifically, those of the General Data Protection Regulation (“GDPR”).

In particular, our Privacy Policy aims to inform you about how and why we process your personal data in connection with the services we provide to you.

Who can benefit from our Privacy Policy?

 

Our Privacy Policy applies to you, regardless of where you live, as long as you are at least 15 years old and a user of our FIXED platform.

If you are under the legal age detailed above, you are not authorized to use our services without the prior and explicit consent of one of your parents or the holder of parental authority, which must be sent to us by email at dpo@fixee.ai.

If you believe that we are holding personal data about your children without your consent, please contact us at the dedicated address detailed above.

Why do we process your personal data and on what basis?

 

We process your personal data mainly for the following purposes

  • To use and benefit from our industrial intelligent assistance service and all its functionalities on the basis of our general conditions of use.
  • To manage user accounts (e.g. account creation, access to the service and account deletion) on the basis of our general terms and conditions of use.
  • To download and import documents on the basis of our general conditions of use.
  • To subscribe to our newsletter based on the prior consent of the platform’s users.
  • To exchange information between users via our internal messaging system, which is provided on the basis of our general terms of use.
  • To write free comments on the management of your files on the basis of our general conditions of use.
  • To contact the platform via the contact form on the basis of the general conditions of use.
  • To pay online on the basis of our general terms and conditions of sale.
  • To make purchases on the basis of our general terms and conditions of sale.
  • To receive our technical emails and SMS (e.g.: password modification, notifications, alerts, etc.), which are essential for the proper functioning of our service on the basis of our general terms of use.
  • To locate your position when you use our service in order to offer you a personalized and adapted service, on the basis of your consent.
  • To guarantee and reinforce the security and quality of our day-to-day services (e.g. statistics, data security, etc.) on the basis of our legal obligations, our general terms of use and our legitimate interest in ensuring the proper functioning of our services.

Your data is collected directly from you when you use our FIXEE platform, and we undertake to process your data only for the purposes described above.

What personal data do we process and for how long?

 

We have summarized the categories of personal data and their respective retention periods below:

  • Professional identification data (e.g. surname, first name, position, company, etc.) and contact details (e.g. e-mail address and business telephone number, etc.) are kept for the duration of the service, plus the statutory limitation periods, which are generally 5 years.
  • When there is confusion between the name of your structure and your personal name (e.g.: auto-entrepreneur, VSE, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) retained for the time required to complete the transaction and manage invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.
  • For professionals, when there is confusion between the name of your structure and your personal name (e.g.: auto-entrepreneur, VSE, etc.), economic and financial data (e.g.: bank account number, verification code, etc.) kept for the time necessary for the transaction and the management of invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.
  • Email address and telephone number to receive our technical messages by email and SMS kept until your account is deleted.
  • Email address to receive our newsletter will be kept until the end of your newsletter subscription.
  • Connection data (e.g. logs, IP address, etc.) stored for 1 year.
  • Geolocation data stored for 2 months.

Once the applicable retention periods have expired, the deletion of your personal data is irreversible and we will no longer be able to communicate it to you. At most, we can only keep anonymous data for statistical purposes.

Please also note that in the event of litigation, we are obliged to retain all data concerning you for the duration of the case, even after the expiry of the retention periods described above.

What rights do you have to control the use of your personal data?

 

The applicable data protection regulations grant you specific rights which you can exercise, at any time and free of charge, to control the use we make of your data.

  • Right to access and copy your personal data, provided this request does not conflict with business secrecy, confidentiality or the secrecy of correspondence.
  • Right to rectify personal data that is incorrect, outdated or incomplete.
  • The right to request the deletion (“right to be forgotten”) of personal data that is not essential to the proper functioning of our services.
  • The right to limit the use of your personal data, which allows you to photograph the use of your data in the event of a dispute over the legitimacy of processing.
  • The right to data portability, which enables you to recover part of your personal data so that it can be easily stored or transmitted from one information system to another.
  • The right to give instructions on what to do with your data in the event of your death, either through you, a trusted third party or a beneficiary.

For a request to be taken into account, it must be sent directly by you to dpo@fixee.ai. Any request not made in this way cannot be processed.

Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity if there is any doubt about the identity of the person making the request.

We will respond to your request as quickly as possible, subject to a maximum of three months from receipt if the request is technically complex or if we receive many requests at the same time.

Please note that we may at any time refuse to respond to any excessive or unfounded request, particularly in view of its repetitive nature.

Who can access your personal data?

 

Your personal data is processed by our teams and by our technical service providers for the sole purpose of operating our service.

We check all our technical service providers before recruiting them, to ensure that they comply scrupulously with the rules applicable to the protection of personal data.

Can your personal data be transferred outside the European Union?

 

The personal data processed by our boutique.union-habitat.org platform is exclusively hosted on servers located within the European Union.

In addition, we make every effort to use only technical tools whose servers are also located within the European Union. If, however, this is not the case, we will scrupulously ensure that they implement the appropriate safeguards required to ensure the confidentiality and protection of your personal data.

How do we protect your personal data?

 

We implement the following technical and organizational means to guarantee the security of your personal data on a day-to-day basis and, in particular, to combat any risk of destruction, loss, alteration or disclosure.

Technical safety measures Organizational safety measures

Encryption of user passwords (“Front” side),

Complex user passwords (“Front” side) imposed at login.

Logout after a period of inactivity.

Each user can only access items in a team in which he or she is a member, thanks to a filter placed before each database query.

HTTPS protocol.

We use security native to MS365 business.

Double authentication.

Dashlane for password management.

Information systems charter, password management policy, team awareness and training twice a year.

 

Do we use cookies when you browse our platform?

 

Please note that we use cookies when you browse our platform. For more information, please consult our Cookie Policy.

Who can you contact to obtain more information about the use of your personal data?

 

To best guarantee the protection and integrity of your data, we have officially appointed an independent Data Protection Officer (“DPO”) to our supervisory authority.

How can you contact the CNIL?

 

You may at any time contact the “Commission nationale de l’informatique et des libertés” or “CNIL” at the following address: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

Can the Privacy Policy be modified?

 

We may modify our Privacy Policy at any time to adapt it to new legal requirements and to new processing operations that we may implement in the future.

 

 

Certified compliant by Dipeeo ®