Personnal Data Protection and use policy TRIPLESTACK

09/07/2020

• Collection of certain Personal Data 

TRIPLESTACK complies with all applicable regulations relating to Personal Data protection (the “Applicable regulations”), and in particular all provisions defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (the « General Data Protection Regulation » or « GDPR »), as well as provisions of French law No 78-17 of 6 February 1978 said “Informatique et Libertés” (the “LIL”).

The Client and the User acknowledge and agree that TRIPLESTACK processes certain of their personal data (“Personal Data”) in accordance with the Applicable Regulations in order to ensure to proper functioning of the Platform, management of Clients and Users, and the provision of its Services.

• Data origin and purpose of Personal Data collection

2.1 The Personal Data is collected directly and exclusively from the Clients and the Users of the TRIPLESTACK Platform.

TRIPLESTACK undertakes to obtain the express consent of the Clients and the Users and to permit them to oppose to the use of their Personal Data for any other purpose as soon as required.

In any case, Clients and Users are informed of the purpose of the use of the Personal Data through all online forms and through Clients’ and Users’ actions on the TRIPLESTACK Platform. TRIPLESTACK also uses cookies and log files.

2.2 Personal Data is collected via the following:  

• Registration form – Client or User account creation;
• Survey form.

Certain Personal Data is also collected via interactivity that Clients and Users through the Platform, as follows:

• Statistics ;
• Contact ;
• Platforme management.

TRIPLESTACK uses the information so collected for the following purposes:

• Management and provision of the Services;
• Management of the Platform;
• Statistics ;
• Comments;
• Correspondence;
• Contact ;
• Information / commercial offers.

• Type of Personal Data collected

3.1 The controller is TRIPLESTACK who is the sole recipient of the concerned Personal Data. TRIPLESTACK is represented by its President, Mr. Emilen Mantel.

All information and data required from the Client and Users via the forms accessible on the Platform are destined to the controller. Information and data identified with an asterisk are mandatory. In case of failure to provide such, the request shall not be completed.

3.2 When creating an account, the Client will be required to provide certain mandatory and optional information. Mandatory information is required in order to create a Client administrator account.

The mandatory information is as follows:

• Name;
• First name;
• E-mail address;
• Phone number.
• Password (encrypted).

It is specified that TRIPLESTACK will not have access to the password defined by the Client.

3.3 For the creation of access to User accounts, the User will be required to provide certain mandatory and optional information. Mandatory information is required in order to create a User access.

The mandatory information is as follows:

• Name;
• First name;
• E-mail address;
• Phone number.
• Password (encrypted).

It is specified that TRIPLESTACK will not have access to the password defined by the User.

3.4 TRIPLESTACK collects content, communications and other information provided by Users and Clients when using the Services, particularly when creating an account and using any Service on the Platform. This may include information contained in the content provided by the User or Client (for example, metadata) or the date on which a Service was used.  

3.5 TRIPLESTACK may collect information regarding the way Clients and Users use the Services, such as the types of content, activities, Services used or with which Clients and Users interact, the features used, the actions performed, and the time, frequency and duration of activities. 

• Non-communication of Personal Data

TRIPLESTACK undertakes not to commercialize collected Personal Data. It is understood that the use of aggregated, statistical and anonymised data will not under any circumstances be construed as constituting the communication or marketing of Personal Data.

Clients’ or User’s Personal Data may be processed by TRIPLESTACK’ subcontractors, in compliance with the principles herein, in the following cases:

• Service provision;
• Impact assessment;
• Advertising.

The list of such companies may be provided to the concerned individuals by TRIPLESTACK at the following email: support-daemonit@triplestack.fr

TRIPLESTACK may also work with business partners as co-controllers, or whom are directely controllers.

The list of such companies may be provided to the concerned individuals by TRIPLESTACK at the following email: support-daemonit@triplestack.fr

If such third-party companies are based outside of the territory of the EU, TRIPLESTACK signs specific agreements and clauses to protect and secure the transfer and such Personal Data to said third-party companies. 

• Duration of Personal Data conservation 

TRIPLESTACK shall conserve Clients’ and Users’ Personal Data for the strict duration required in light of the pursued objectives, and in particular the proper functioning of the Platform and the proposed Services and management of Clients and Users, in compliance with all applicable regulations.

• Legal basis for the processing of Personal Data

TRIPLESTACK collects and uses the Personal Data of Clients and Users:

• in accordance with the Terms;
• by respecting the consent of the Clients and Users, which can be revoked at any time through the parameters of their personal account;
• to the extent necessary to fulfil its legal obligations; and
• to the extent necessary to pursue its legitimate interests (or those of others), unless such interests are overridden by the interests or fundamental rights and freedoms of Clients and Users requiring the protection of their Personal Data.

• Clients’ and Users’ Rights

In accordance with the Applicable Regulation, the Clients and Users expressly acknowledges disposing of the following rights:

• Right to access, and notably the right to obtain copy of all its Personal Data, as well as all essential information regarding the way such Personal Data is used;
• Right to rectify Personal Data, in prompt delays, and the right to have completed all incomplete, incorrect, ambiguous or obsolete information;
• Right to delete all Personal Data, in so far as their use is no longer necessary, or that the Client or the User has withdrawn their consent or opposed to their use; or as soon as their collection use, communication or conservation is prohibited;
• Right of limitation of their processing; and
• Right of Personal Data portability.

In the event the Client or the User wishes to know how TRIPLESTACK uses their Personal Data, to have them rectified, to oppose to their processing, request their suppression, or request copy of all Personal Data that is in TRIPLESTACK’s possession, the Client or the User must address their request to TRIPLESTACK, to which must be attached a valid and signed copy of their identity documents, at the following address: TRIPLESTACK, 12 B rue du Stade – 69290 Grézieu-la-Varenne, France, or by email, at: support-daemonit@triplestack.fr

Finally, Clients and Users may also make any inquiry or request before the control authorities, and in particular before the CNIL (https://cnil.fr/fr/plaintes).

• Security

TRIPLESTACK takes all useful precautions in light of the nature of the Personal Data and the risks presented by their processing, and in order to preserve the security of the Clients’ and User’s Personal Data, and in particular ensure that such be not modified or damaged or corrupted or that they be accessible by third parties.  

TRIPLESTACK takes all technical and organisational measures in order to ensure security of processing of the Personal Data and their confidentiality. People working for TRIPLESTACK respect the confidentiality of Clients’ and Users’ Personal Data.

In order to ensure the safety of Clients’ and Users’ Personal Data, TRIPLESTACK has put in place the following measures:

• Protocole SSL (Secure Sockets Layer);
• Protocole SET (Secure Electronic Transaction);
• Digital certificate development;
• User name / password.

TRIPLESTACK is committed to maintain a high standard of privacy, integrating the last technologies innovations that guarantee the confidentiality of Clients’ transactions.

• Cookies

TRIPLESTACK collects certain information via log files and cookies, mainly:

• IP address;
• Connexion date and time;
•  

Using such cookies allows the following optimizations:

• Service improvement and customized home;
• Statistics.

By accessing and navigating on the Platform, the Client and the User consent to the implementation and use of cookies on their terminal, and acknowledge being informed of the provided information relating to the use of cookies, and of the ways to oppose to their use.

• Personal Data and minors

The Platform is addresses to adults in capacity to contract obligations pursuant to the laws of their country.

•  Contact TRIPLESTACK

For any enquiry or request relating to compliance by TRIPLESTACK of the present provisions, or if the Client or the User wishes to communicate any recommendations or comments to TRIPLESTACK, the Client or the User may contact TRIPLESTACK at the following address: TRIPLESTACK, 12 B rue du Stade – 69290 Grézieu-la-Varenne, France, or at the following email address: support-daemonit@triplestack.fr