Beekast - Privacy policy


ENTRY INTO FORCE ON MAY 25, 2018

CHARTER RELATING TO THE PROTECTION OF PERSONAL DATA

1- Definition and nature of personal data

By using our services, the website beekast.com, the application my.beekast.com and the associated sub-domains (together, the « Solution »), you expressly consent to the collection and use of your personal data in order to provide you with the services described above.
The term « Personal data » shall mean all data that identify an individual. You provide us with your name, surname, photograph, email and postal addresses, Phone number, professional activity, data related to the transactions on the Solution, details on your purchases and subscriptions, credit card numbers, and also any other personal information you choose to communicate to our services about you.

2- Purpose of the policy

The purpose of this privacy policy is to inform you about the means and procedures we use to collect and process your personal data, in accordance with your rights.
Our approach is anchored with a strong compliance with the French Act n° 78-17 of 6 January 1978 on Information technology, Data files, and Civil liberties, in its present version « Information Technology and Civil Liberties » and with EU data protection requirements 2016/679 of 27 April 2016 (hereinafter: General Data Protection Regulation « GDPR »).

3- The data controller and processor

Personal data collection and processing are supervised by Beekast, a French Simplified Stock Company registered on the Paris trade and companies Registry under the number 809 824 329, and headquartered at 10 RUE DE PENTHIEVRE 75008 PARIS FRANCE (named in the context: « we », « us », « Solution »).

4- Data Protection Officer

We have mandated, Julien LEQUERTIER, responsible for overseeing Data Protection strategy and implementation.
Contact :
Mr. Julien LEQUERTIER
BEEKAST
3, rue Michel Columb – 44200 Nantes
Email address: dpo@beekast.com

5- Personal data collection

The legal basis of your personal data collection
(i) By choosing to disclose deliberately your personal data, the legitimate interest is to improve your use of our Solution.
(ii) Your consent regarding the use of cookies for statistical analysis referred to in Article 11.
(iii) The personal data collection is necessary to execute the contract when using services on our Solution.

Your personal data are collected to fulfil one or more of the following purposes:
(i) Manage your access to certain services accessible on the Solution and their use,
(ii) Perform customer management transactions relating to contracts, orders, delivery, invoices, loyalty programs, follow-up of customer relationship,
(iii) Create a file of registered members, users, customers and prospects,
(iv) Address newsletters, solicitations and commercials. In the case that you do not wish to do so, you are free to express your refusal during the collection of data,
(v) Propose to establish relationship with other users of the platform. In the case you do not wish to do so, you are free to refuse during the collection of data,
(vi) Develop trade data and statistical analysis for our services,
(vii) Organize contests, lotteries and all other promotional activities, excluding online gambling subject to the approval of the French Online Gambling Regulatory Authority,
(viii) Manage the management of people opinions on some products, services or contents,
(ix) Manage outstanding and potential litigations arising from the use of our products and services.
(x) Customize solutions to your requests for information
(xi) Comply with our legal and regulatory obligations

During the collection of your personal data, we inform you whether the completion of some personal data must be compulsory or optional. The compulsory data are necessary for the proper functioning of our services. Concerning the optional data, it is totally up to you to give them or not. We also give you possible consequences of a lack of response.

We also wish to inform you that we may indirectly collect data either through event organizers who allow you to take part in their activities, or through other users of our services.

If organizers of the events, above mentioned, collect personal data other than those they are allowed to during the events, these organizers would be responsible for the non-compliance with their legal and regulatory obligations related to the collection and the processing of data by their own means and for their personal needs.

6. Recipients and categories of recipients to whom data will be disclosed

The staff of Beekast, the departments in charge of control (particularly the auditors) and our subcontractors will have access to your personal data.
Exclusively to respond to our legal obligations, public authorities such as judicial and ministerial officers, and institutions in charge of debt collection could also be recipients of your personal data.

7. Transfer of personal data

Your personal data will not be subject to transfer, lease or exchange on behalf of third parties.

8- The retention period of personal data

(i) Data relating to the customer relations management
Your personal data will not be kept beyond the period necessary to manage our business relationship with you. However, the storage of data enabling proof of a right or a contract to be kept for complying with a legal obligation, shall not exceed the period prescribed by the law in force.
For the purpose of prospecting operations, data may be retained for a period of 3 (three) years from the end of the commercial relationship.
Personal data relating to a prospect, non-customer, may be retained for a period of 3 (three) years from the date of collection or the last contact from the prospect.
At the end of these three-year period, we will be able to contact you again to know if you still wish to continue receiving commercial solicitations.

(ii) The identity documents:
In the application of the right of access and the right to rectification, data relating to the identity documents will be retained during a period not exceeding 1 (one) year as foreseen in the Article 9 of the Code of Criminal Procedure.
In the application of the right to object, the retention of data will not exceed 3 (three) years as foreseen in the Article 8 of Code of Criminal Procedure.

(iii) Credit card data:
A payment service provider is entrusted to ensure the security and the effectiveness of financial transactions relating to the purchases on our Solution.
For the requirement of the services, this payment service provider may need, on our behalf, to be recipient of your personal data relating to credit card number.
We do not have access to these data.
To enable you to carry out regular purchases and to pay the related fees on our Solution, your credit card details are kept for the duration of your registration on the Solution and at the very least, until you realize your last financial transaction.

By having checked on the sites/services the box expressly provided for this purpose, you give your express consent for this retention.

The data relating to the visual cryptogram or CVV2, written on your credit card, are not retained.
In the event you do not allow us to retain your credit card data in accordance with the conditions given above, your data will be retained for a period necessary for the effectiveness of the transaction.

In any event, your data relative to the credit card shall be kept for a purpose of proof in the case of potential objection to the transaction, as temporary copies in a period prescribed in the Article L 133-24 of the Monetary and financial Code and Commercial Code, in the case, within 13 (thirteen) months of the debit date. This period can be extended to 15 (fifteen) months in the case of deferred credit cards.

(iv) Management of the checklist from the prospection
Data to be considered regarding your right to object are retained for at least 3 (three) years from the date of the application of your right to object.

(v) Concerning the cookies
The duration of cookies storage, thus prescribed in the Article 11, is a thirteen-month-period.

9. Security

We hereby inform you that we take all necessary measures, on the organizational and technical grounds, to protect the security, integrity and privacy of your personal data and in particular to prevent them from being distorted, damaged or used by unauthorized third parties. We may also use secure payment system in accordance with the state of the art and applicable regulations.

10. Hosting

We inform you that your data are retained, for the whole duration of their storage on the Amazon Web Services Servers. These servers are located in Ireland and in Germany.

11. Cookies

Cookies are text files, often encrypted, saved by your browser. They are generated when the browser of a user is loading a given website: The website sends information to the browser, which then creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the server of the website.

We use different types of cookies for the same use:

-Technical cookies are used throughout your navigation to enable and implement some functions. Technical cookies may, for example, be used to memorize the answers filled in the form or the user's preferences regarding the language or the presentation of a website, when such options are available.
We use Technical cookies.

-Social networks' cookies may be created by the social networks to enable websites' builders to share contents on these platforms. These cookies may be used by these platforms to track the users' historical browsing on the related site, using cookies or not.

We do not use social networks' cookies. However, if we were to use this type of cookies in the future, we would ask for your consent before any deposit. In addition, we will let you know its nature and it will be up to you to accept or refuse it.

Please read carefully the privacy policies of the social networks generating these cookies, in order to know more about the purposes in using and collecting browsing information throughout these cookies and the conditions of the application of your right on these platforms.

-The Advertising cookies may be created not only by the website on which the user is browsing, but also by the other websites featuring advertisements, ads, widgets or other items on the displayed page. These cookies can particularly be used to carry out targeted advertising, that is to say advertising determined according to the user's navigation.
We do not use Advertising cookies. However, if we were to use this type of cookies in the future, we would ask for your consent before any deposit. In addition, we will let you know its nature and it will be up to you to accept or refuse it.

We use Google Analytics, Plezi and Mixpanel : tools for statistical analysis which create cookies enabling to analyze the counts of visits on the Solution, the count of viewed pages and the activity of the users. Your IP address is also collected to check on the place of your Internet connection.

We remind you, for all purposes, that you have the right to oppose the deposit of cookies by configuring your browser. However, such a refusal could prevent the site from a proper functioning.

12. Access to your personal data

In accordance with the French law on « Information technologies and civil liberties » and pursuant to the GDPR, you shall have the right to obtain the communication and, if need be, the rectification or the erasure of the data concerning you, through online access to your account. You can also contact us at:

Email: dpo@beekast.com

Postal address: 10 rue de Penthièvre 75008 Paris, France

We remind you that, any person whose data are collected on the principle of our legitimate interest, pursuant to the Article 4, may at any time oppose the processing of their data. However, we may need to continue the processing in the event there is any legitimate reason which prevails over your rights and civil liberties or if the processing is necessary for the notification, exercise or defense of our legal right.

13. Right to define the directives relative to the processing of personal data after death

You have the right to define the directives relative to the storage, the erasure and the communication of your personal data after your death.

These directives can be global, that is to say, they refer to all personal data concerning you. In this case, they must be saved by a trustworthy third-party in the digital world and accredited by the National Commission on Information technologies and civil Liberties in France (CNIL).

The directives can also contain specific data processed by our company. Please send them to us at:

Email address: dpo@beekast,com

Postal address: 10 rue de Penthièvre 75008 Paris France

By sending these directives, you expressly consent to their storage, transmission and implementation in accordance with the Terms and Conditions set forth herein.

Throughout your directives, you may appoint a person to their implementation. This person may have the capacity, when you die, to be aware of the said directives and request their implementation. If you fail to appoint a person, your heirs shall have the capacity to be aware of your directives when you die, and to request their implementation.

You can modify and revoke your directives at any time by writing to us.

14. Personal data portability

You have the right to the portability of any personal data that you provide us with, taken to mean all data you have actively and consciously reported as part of the access and use of the services, and also the data created by your activity as part of the services use. We remind you that this right deals with the collected and processed data on any legal basis other than your consent or the execution of a contract with you.

This right may be implemented for free, at any time, and in particular at the end of your subscription on our platform in order to retrieve or retain your personal data.

In this context, you shall receive your personal data, by whatever means considered appropriate, in a commonly used and machine-readable format according to the state of the art.

15. Lodging a complaint with a supervisory authority

You are also informed that you have the right to lodge a complaint with a supervisory authority, the CNIL in France, the member States of your ordinary residence, your workplace or the place of the alleged infringement if you consider that the processing of personal data relating to you, object of this charter, infringes this regulation, without prejudice to any other administrative or judicial remedy.

In fact, the personal data subject also has the right to an effective administrative or judicial remedy if he or she considers that the processing of personal data relating to him or her, object of this charter, infringes this regulation.

16. Restriction of the processing

You have the right to obtain from the data controller the restriction of your personal data processing in certain circumstances:
• the accuracy of the personal data is contested by the data subject, for a period enabling the data controller to verify the accuracy of the personal data.
• the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead,
• the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defense of legal claims,
• the data subject has objected to processing his or her personal data pending the verification whether the legitimate grounds of the controller override those of the data subject.

17. Changes to this policy

We reserve the right, at our sole discretion, to amend this Charter at any time, in whole or in part. These changes will come into effect as of the publication of the new Charter. Your use of the Solution following the entry into force of these changes shall be worth acknowledgment and acceptance of the new charter. Otherwise, if this new charter does not suit you, you shall no longer have to access the Solution.

18. Entry into force

This charter came into effect on May 25, 2018.