Privacy policy

Entry into for May 25th, 2018. Last update February 7th, 2022.

 

Privacy and Personal Data Management Policy

 

1. Purpose of this Charter
The purpose of this charter is to inform you about the means we use to collect your personal data, in strict compliance with your rights.
When collecting and managing your personal data, Beekast complies with the current version of French Law no. 78-17 of 6 January 1978 on information technology, data files and civil liberties, called the “Data Protection Act”, and regulation (EU) 2016/679 of 27 April 2016, since it came into force (hereafter: the “GDPR”).

2. Identity of the data collector
The company responsible for collecting your personal data is BEEKAST, an SAS [French simplified joint stock company] registered in the Créteil Trade and Companies Register under number 809 824 329, with its registered office at 10 rue de Penthièvre 75008 Paris, France (hereinafter referred to as: “We”).

3. Data Protection Officer
We have appointed a data protection officer, Guillaume Jeannoutot, whose contact details are below:
Guillaume Jeannoutot
TRIBORD LEGAL, Société d’avocats
182, rue de Rivoli – 75001 PARIS
Email address: [email protected]

4. Our collection methods
The personal data we collect and the process for collecting it depends on how you interact with us, including whether you are:
– a “User”, meaning that you have an account on the my.beekast.com platform and have access to the associated websites: support.beekast.com, inspiration.beekast.com and community.beekast.com;
– a “Customer”, meaning you have a subscription agreement on the my.beekast.com platform;
– a “Participant without an account”, meaning when you join a session on the my.beekast.com platform but do not have a User account;
– a “Visitor”, meaning you visit the beekast.com website, participate in our webinars and other digital events, contact us directly (e.g., through our forms on the website, by email or at physical events), download a white paper or otherwise interact with us without being a User, Customer or Participant.

5. What we collect
We may collect the following data depending on how you interact with us.

As a User, the following categories of personal data may be collected:
– Identification data, e.g. your first and last names, e-mail address;
– User Content, i.e. the content you import into your sessions and the responses you receive to activities you use;
– Login data, e.g. your login name and password, as well as any data needed to stay connected to the platform;
– Device data, e.g. the device model used, browser version used, screen resolution;
– Your IP address;
– Usage data, for example, application logs, technical logs and any other data for keeping track of visits and actions performed on the platform;
– Location data (for support only);
– Support data, such as the content of support tickets or conversations on the support chat.

As a Customer or a contact person of a Customer, the following categories of personal data may be collected in the course of our business relationship:
– Identification data, e.g. your first and last names, e-mail address;
– Contract data, including the type of subscription taken out, billing details

As a Participant without an account, the following categories of personal data may be collected:
– Identification data, e.g. your first and last names and any data required by the User in their Session’s access settings.
– Connection data, e.g. the login ID assigned to you by Beekast so you can connect to the Platform, as well as any data needed to stay connected to the Platform;
– Your IP address;
– Device data, e.g. the device model used, browser version used, screen resolution;
– Usage data, for example, application logs, technical logs and any other data for keeping track of visits and actions performed on the platform.

As a Visitor, the following categories of personal data may be collected:
– Identification data, e.g. your first and last names, e-mail address;
– Device data, e.g. the device model used, browser version used, screen resolution;
– Browsing data, e.g. the pages you visit on the beekast.com website;
– Your IP address;
– Location data;
– Chat data, if you use the chat on beekast.com;
– Additional third-party information related to your occupation.

When collecting your personal data, we inform you whether certain data is mandatory or optional. Mandatory data is necessary for our services to function. You are free to choose whether or not to provide optional data. We also indicate the possible consequences of not responding.

6. Source of collection
We may collect personal data in two different ways:
– Either directly from you:
– voluntarily, when you fill in collection fields
– automatically, when you use the Platform or browse the websites
– Or indirectly:
– from other users of our services (e.g. when you are a Participant without an account)
– from our technical partners who provide an integration service, such as when connecting in iframe (e.g. Teams)
– from third parties, for example Google Analytics, Microsoft, Facebook or LinkedIn (especially if you use the Single Sign On feature to connect to the Platform)
– from our business partners. For example, they may be the organisers of events you attend
– from our marketing partners, when you download a white paper from a third-party website (e.g. via social media)

If the organisers of the above-mentioned events collect other personal data for these events, these organisers shall be solely responsible for complying with their legal and regulatory obligations in respect to this collection and processing, which they carry out themselves, with their own resources and for their own purposes.

7. For what purposes do we collect your data?
Depending on how you interact with us, our processing operations have the following purposes, associated with the legal basis for collection.

Purpose Associated legal basis
Users
Provide the Services as described in our General Terms and Conditions Data processing is required to fulfil a contract to which the data subject is party or to complete pre-contractual measures taken at the request of the data subject
Provide user support

Send communications about new features (the “Product Communications”) and changes to our GTCU

Monitor the use of the Platform The processing is necessary for the legitimate interests pursued by the controller or by a third party
Aggregate and analyse data to improve the Platform and the Services
Detect, prevent and resolve technical bugs
Process Users’ opinions on how to improve the platform (only for Users who post on the community.beekast website)
Inform users regarding their use of the Platform, the management of their account and any instructions sent by email (e.g. to confirm the email address)
Create and manage a user database
Manage and process requests to exercise the rights of natural persons The processing is necessary to comply with a legal obligation to which the controller is subject

 

Perform processing necessary to ensure compliance with applicable laws and regulations
Customer
Provide the Services as described in our General Terms and Conditions

 

Data processing is required to fulfil a contract to which the data subject is party or to complete pre-contractual measures taken at the request of the data subject
Carry out operations relating to management of Customers in terms of Contracts, orders, invoices, loyalty programmes, Customer relationship follow-up.
Provide customer support
Send information notices about changes to the GTCU
Send information notices about the Subscription Agreement, including expiry or renewal of a subscription, or any other instruction necessary to perform the Services
Create and manage a Customer database The processing is necessary for the legitimate interests pursued by the controller or by a third party

 

Detect and prevent fraud attempts
Manage unpaid bills and disputes
Organise marketing campaigns and/or operations (e.g. referral system), except for regulated gambling
Send you communications about our offers and services in connection with those for which you are already a customer, unless you do not wish to receive them
Develop business statistics
Send communications about our offers and services as well as new content and events The data subject has consented to the processing of their personal data for one or more specific purposes
Perform processing for another purpose requiring your consent
Manage and process requests to exercise the rights of natural persons The processing is necessary to comply with a legal obligation to which the controller is subject

 

Perform processing necessary to ensure compliance with applicable laws and regulations
Participant without an account
Provide the Services as described in our General Terms and Conditions

 

Data processing is required to fulfil a contract to which the data subject is party or to complete pre-contractual measures taken at the request of the data subject
Monitor the use of the Platform

 

The processing is necessary for the legitimate interests pursued by the controller or by a third party
Aggregate and analyse data to improve the Platform and the Services
Detect, prevent and resolve technical bugs

Manage and process requests to exercise the rights of natural persons

Perform processing necessary to ensure compliance with applicable laws and regulations The processing is necessary to comply with a legal obligation to which the controller is subject
Visitor
Respond to a request sent from the contact forms or after you have sent us an email or made contact at a digital or physical event or via any other channel Data processing is required to fulfil a contract to which the data subject is party or to complete pre-contractual measures taken at the request of the data subject
Aggregate and analyse data relating to browsing on the beekast.com website to establish traffic statistics The processing is necessary for the legitimate interests pursued by the controller or by a third party
Adapt the content of the beekast.com website to the characteristics you indicated (e.g. the language of the website), of which Beekast may be aware, and – if applicable – to your previous browsing
Create and manage a prospecting database
Manage marketing communications and perform prospecting
Send communications about our offers and services as well as new content and events The data subject has consented to the processing of their personal data for one or more specific purposes

 

Perform processing for another purpose requiring your consent
Manage and process requests to exercise the rights of natural persons The processing is necessary to comply with a legal obligation to which the controller is subject

 

Perform processing necessary to ensure compliance with applicable laws and regulations

8. Recipients of the data collected
Access to your personal data will be given to authorised and qualified personnel of our company, to the services responsible for control (specifically auditors) and to our subcontractors.
Personal data may also be sent to public bodies, for the sole purpose of meeting our legal obligations, to officers of the court and to officiers ministériels [persons vested with public authority]. Organisations entrusted with debt collection may receive the buyer’s payment data only.

9. Transfer of personal data
Your personal data will not be transferred to, rented to or exchanged with third parties.

10. Duration of personal data storage
(i) Concerning data relating to managing customers and prospects: Your personal data will not be kept beyond the period strictly necessary to manage our business relationship with you. However, data that can be used to establish proof of a right or a contract and that must be retained in order to comply with a legal obligation will be retained for the period of time provided for by the law in force.
Concerning any prospecting operations aimed at customers, their data may be retained for a period of three years following the end of the business relationship.
Personal data relating to a prospect, who is not a customer, may be retained for a period of 3 (three) years from the date of collection or the last contact from the prospect.
At the end of this three-year period, we may contact you again to ask if you wish to continue to receive marketing correspondence.
(ii) Concerning identity documents: For exercise of the right of access or rectification, data relating to identity documents may be retained for the period provided for in Article 9 of the French Code of Criminal Procedure, namely one year. If the right to object is exercised, the data may be archived for the period of limitation provided for in Article 8 of the French Code of Criminal Procedure, namely three years.
(iii) Concerning bank card data: The financial transactions relating to paying for purchases and fees via the Solution are entrusted to a payment service provider that ensures transactions are performed properly and are secure.
For the purposes of the Services, this payment service provider may receive your personal data relating to your bank card numbers, which it collects and stores on our behalf.
We do not have access to this data.
To enable you to make regular purchases or pay the related fees on the Solution, your bank card data is retained throughout the time you are registered on the Solution and at least until you complete your last transaction.
By ticking the box specifically provided for this purpose on the Solution, you expressly agree to allow this storage.
Data relating to the visual cryptogram or CVV2 on your bank card is not stored.
If you do not want your personal data relating to your bank card numbers to be retained as set out above, we will not retain such data beyond the time necessary to complete the transaction.
In any event, data relating to these transactions may be retained, for the purpose of proof in the event of a possible dispute over the transaction, in intermediate archives, for the period provided for in Article L 133-24 of the French Monetary and Financial Code, in this case, 13 months following the date of debit. This period may be extended to 15 months to take into account the possibility of using deferred debit cards.
(iv) Concerning the management of prospecting opt-out lists: The information taking into account your right of opposition is retained for at least three years as from the time of exercising the right of opposition.
(v) Concerning cookies: The retention period for cookies referred to in Article 13 is 13 months.
(vi) Concerning Zoom: if you choose to connect Beekast with Zoom, Zoom may receive personal data which will be collected and retained in order to provide the service to you. You can read Zoom’s rules on this topic here: https://explore.zoom.us/en/privacy.
We do not have access to this data.
By choosing to connect Beekast and Zoom, you grant us your express consent to this retention.

11. Security
We hereby inform you that we take all necessary precautions and appropriate organisational and technical measures to preserve the security, integrity and confidentiality of your personal data and, in particular, to prevent such data from being distorted, damaged or accessed by unauthorised third parties. We also use secure payment systems that comply with good practices and applicable regulations.
The security measures implemented by Beekast are explained on the security page.

12. Hosting
We hereby inform you that your data will be retained and stored on the servers of Amazon Web Service for as long as the data is retained. These servers are located in Ireland.

13. Cookies
Cookies are text files stored in your browser. They are often encrypted. They are created when a user’s browser loads a particular website: the website sends information to the browser, which then creates a text file. Each time the user returns to the same website, the browser retrieves this file and sends it to the website’s server.
The Solution uses different types of cookies, which have different purposes:
• Technical cookies are used throughout your browsing experience to facilitate your navigation and to perform certain functions. A technical cookie may be used, for example, to store the answers given in a form or the user’s preferences for the language or layout of a website, where such options are available.
These cookies are essential for the performance of the service.
Among these technical cookies, several third-party cookies are used to offer functionalities based on services external to the Solution: for the login buttons placed on the homepage: Google, Facebook, LinkedIn; for access to customer support: Crisp; for the captcha on the registration page: FriendlyCAPTCHA.
• Audience analysis cookies are used for statistical purposes and allow us to measure the number of visits to the Solution, the number of pages viewed and the use of the site’s features. Using this information base, we can further improve the product and your user experience on our website as we gain a better understanding of our users’ expectations. Your IP address is also collected to determine the city from which you are connecting.
Among these audience analysis cookies, Beekast use Google Analytics third-party cookie.
• Marketing cookies give us insight into how our customers use the Solution, so we can provide them with personalised support for their experience of the Solution and the way they use it. These cookies also allow us to adapt our communication policy to each customer.
Among these marketing cookies are several third-party cookies: Zoho, LinkedIn, Facebook, Google Ads, Outbrain.
Be advised that you can configure your browser to block cookies. However, doing so may prevent the Solution from working properly.

14. Access to your personal data
In accordance with the French Data Protection Act and the GDPR, you have the right to be informed of and, if necessary, to rectify or delete any data concerning you, through online access to your file. You can also contact:
• e-mail address: [email protected]
• postal address: 10 rue de Penthièvre 75008 Paris, France
Individuals whose data is collected on the basis of our legitimate interest, as mentioned in Article 4, are reminded that they may object to the processing of their data at any time. Nevertheless, we may continue to carry out processing if there are legitimate grounds for the processing which override your rights and freedoms or if the processing is necessary to establish, exercise or defend our legal rights.

15. Right to provide instructions for the processing of your data after your death
You have the right to set up instructions for the retention, deletion and disclosure of your personal data after your death.
These instructions can be general, covering all your personal data. In this case, they must be registered with a trusted digital third party certified by the CNIL.
The instructions may also be specific to the data processed by our company. You can send your instructions to the following addresses:
• e-mail address: [email protected]
• postal address: 10 rue de Penthièvre 75008 Paris, France
By providing us with such instructions, you give your express consent for such instructions to be stored, transmitted and executed as provided herein.
You can designate in your instructions a person to carry out the instructions. When you die, the designated person will then be entitled to be made aware of these instructions and to ask us to implement them. In the absence of a designation, your heirs will be entitled to be made aware of your instructions on your death and to ask us to implement them.
You can change or revoke your instructions at any time by writing to us using the contact details above.

16. Portability of your personal data
You have a right to the portability of the personal data you have provided to us, understood as data that you have actively and consciously declared in the course of accessing and using the services, as well as data generated by your activity in the course of using the services. Keep in mind that this right does not apply to data collected and processed on a legal basis other than consent or the performance of the contract between us.
This right can be exercised free of charge at any time, particularly when closing your account on the Platform, in order to recover and retain your personal data.
In this context, we will send you your personal data, by any means deemed suitable, in a standard open format that is commonly used and machine-readable, in accordance with good practices.

17. Lodging a complaint with a supervisory authority
You are also hereby informed that you have the right to lodge a complaint with a competent supervisory authority (the Commission nationale informatique et libertés for France) in the Member State of your habitual residence, place of work or place of the alleged infringement of your rights, if you consider that the processing of your personal data hereunder constitutes an infringement of the applicable laws.
This remedy may be exercised without prejudice to any other remedy before an administrative or judicial court. You also have the right to an effective administrative or judicial remedy if you consider that the processing of your personal data hereunder constitutes an infringement of the applicable laws.

18. Restriction of processing
You have the right to restrict the processing of your personal data in the following cases:
• During the period of verification we carry out, when you dispute the accuracy of your personal data;
• When this data has been unlawfully processed, and you wish to restrict this processing rather than have your data erased;
• When we no longer need your personal data, but you wish to retain it to exercise your rights;
• During the period of verification of legitimate reasons, when you have objected to the processing of your personal data.

19. Changes
We reserve the right, at our sole discretion, to change this policy in whole or in part at any time. These changes will come into force as of the publication of the new charter. Your use of the Solution following the entry into force of these changes will constitute your acknowledgement and acceptance of the new charter. If you do not agree with this new charter, you should no longer access the Solution.