Be There
Privacy Policy
Effective date: January 1st, 2025
At BOLD TECH, protecting your personal data is our priority. The purpose of this policy is to inform you about how we process your personal data in connection with the use of the application be-there.co (the "Application") in compliance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter the "GDPR") and French Data Protection Law n° 78-17 of 6 January 1978 (together the "Applicable Regulations").
This Privacy Policy does not describe the methods of collecting and processing your data via cookies and other tracers ("Cookies") on the Application. For more information, please consult our Cookies Policy.
1. Who is the data controller?
The data controller is BOLD TECH, SAS, registered with the Registry of Trade and Companies of Paris (France) under the number 891630782 and whose head office is located at at 19 Rue des Petites Écuries, 75010 Paris. ("Us" or "We") when using your account on our Application as our Client (the "Account").
However, when we provide our services to our Clients, we process personal data on their behalf and for their own purposes. Our Clients act therefore as data controllers in accordance with Article 4 of GDPR while we act as data processor.
2. What personal data we collect?
Personal data is a data that identifies an individual directly or indirectly, in particular by reference to an identifier such as a name.
We may collect the following personal data:
- Identification data (e.g., full name, email, your photo);
- Data relating to your professional life (e.g., company name, CV, position/function, LinkedIn URL);
- Login data (e.g., logs, IP address);
- Location data;
- Browsing data (IP address, pages viewed, date and time of connection, browser used, operating system, user ID, MAID, user behavior (mouse tracking));
- Any information you wish to send us as part of your contact request.
3. How do we collect your personal data?
We may collect your personal data in two ways:
- directly, when you provide it to us (for example, by filling in a contact request form on our Site or by creating an account on our Platform/Application/Site);
- indirectly, via commercial partners, service providers or database enhancement tools.
4. Details of the processing of your personal data
| Objectives | Legal basis | Data retention period |
|---|---|---|
| To provide you with our services available on our Platform Be-there.co through your account | Performance of a contract to which you are party and/or taking steps at your request prior to entering a contract | When you have created your account: personal data are retained for the duration of your account. Your connection logs are kept for 1 year. If your account is inactive for a period of 2 years, it will be deleted if you do not respond to our reactivation email. |
| To perform operations related to contracts, orders, deliveries, invoices, loyalty programs and customer relationship management | Performance of a contract to which you are party | Personal data are retained for the duration of our business relationship. The data relating to your contract and the elements relating to the signature of the contract are stored fo r 10 years from the conclusion of the contract. The data related to your credit card are retained by our payment service provider (Stripe Inc.) The CVV2 (Card Verification Value), listed on your credit card details, will not be stored. The data relating to your credit cards may be retained in an intermediate archive for a period of thirteen (13) months following the date of debit, for probationary purposes in the event of a dispute on the transaction. This period may be extended to fifteen (15) months in order to take into account the possibility of using deferred debit cards. |
| To make economic use of your personal data for commercial | Our legitimate interest in developing and promoting our business | For our customers: their personal data are retained for the duration of our business relationship. For our prospects: their personal data are retained for a period of 3 years starting from the last contact with us (e.g., communication, action). In addition, personal data may be archived for probationary purposes for a period of 5 years. |
| To analyze your use of the services, understand your expectations and improve the functionalities offered (in particular by analyzing exchanges or by compiling statistics on browsing and the audience for the Site/Application/Platform). | Our legitimate interest in improving our services | Recordings of telephone calls are kept for (to be completed) from the time they are collected. Documents analyzing the content of telephone calls are kept for (to be completed) from the time of recording. If this does not concern telephone recordings (via cookies to improve the user experience): Personal data is stored for [to be completed]. Once your data has been anonymized, it is no longer considered personal data, as it cannot be re-identified. They are kept for as long as necessary. |
| To manage your opinions on our products, services or content | Our legitimate interest in collecting your opinions on our products, services | 2 years from the publication of the opinion |
| To create a database of customers and prospects | Our legitimate interest in developing and promoting our business | Personal data are retained for the duration of our business relationship. In addition, the data relating to your transactions are archived for probationary purposes for a period of 5 years. |
| To comply with our legal obligations to report illegal content on the Platform | Comply with our legal and regulatory obligations imposed in connection with our Platform. | Your identification data is kept for 5 years after the end of the validity of the Terms of Use, the closing of your account or the closing of the report. Other information provided by the user, including payment information, is kept for one year from the end of the validity of the Terms of Use, the closing of your account or the closing of the report. The technical data allowing to identify the source of the connection or those relating to the terminal equipment used are kept for a period of one year as from the connection or the use of the terminal equipment. |
| To send newsletters, requests and direct marketing mailings | For our customers: our legitimate interest in winning customer loyalty and informing our customers of our latest news. For our prospects: your consent BtoB: our legitimate interest in winning customer loyalty and informing our customers of our latest news | Personal data are retained for a period of 3 years starting from the last contact with us (e.g., communication, action) |
| Telephone prospecting | Our legitimate interest in developing and promoting our business | Data is kept for 3 years from the date of your last contact. We undertake to check beforehand that your number is not on a BLOCTEL-type opposition list. |
| Record calls as part of telephone canvassing for our insurance products | To comply with our legal and regulatory obligations | Recording data is kept for 2 years from the date of the call. We undertake to check beforehand that your number is not on a BLOCTEL-type opposition list. |
| To answer to your information request and other inquiries | Our legitimate interest in responding to your inquiries | Personal data are retained during the processing of your request and is deleted once the request has been processed. |
| To comply with our legal and regulatory obligations | Legal and regulatory obligations | Invoices are archived for a period of 10 years. |
| To process your applications and to manage interview (pre-selection of candidates, contact to evaluate the candidate's ability to fill the position, finalization of the recruitment process) | Execution of precontractual measures | Your data is kept in an active database for the duration of the recruitment process until the hiring decision is made. If your application is rejected, your data may be kept for 3 months after the end of the recruitment process, in order to be able to provide you with explanations on the reasons that led to the rejection of your application. Your data may be kept in an intermediate archive for evidential purposes for 5 years from the date of the hiring decision. |
| To create a CV database | Your consent | The data is kept for two years from the last contact with the data subject. |
| To organize contests and promotional operations | Our legitimate interest in winning clientele loyalty and offering them gifts | The personal data is kept for the duration of the contests or promotional operations and may be archived for 5 years for evidential purposes. |
5. Who are the recipients of your personal data?
The following categories of recipients will have access to your personal data:
- The staff of our company;
- Our processors: hosting provider, CRM tool, mailing provider, audience measurement tool, payment service provider, billing tool, cookie management tool;
- Our partners acting as independent data processors. We accept no responsibility for the processing of personal data by our partners, and invite you to consult their general terms of use and privacy policy;
- to any authority legally empowered to deal with it, in particular the judicial, police or administrative authorities, if they so request.
6. Are your personal data likely to be transferred outside the European Union?
Your personal data is hosted for the duration of the processing on the servers of the company HEROKU, located in the European Union.
7. What rights can you exercise on your personal data?
You have the following rights regarding your personal data:
- •Right to be informed: this is precisely why we have drafted this privacy policy as defined by articles 13 and 14 of the GDPR.
- •Right of access: you have the right to access all your personal data at any time as defined by article 15 of the GDPR.
- •Right to rectification: you have the right to rectify your inaccurate, incomplete or obsolete personal data at any time as defined by article 16 of the GDPR.
- •Right to erasure ("right to be forgotten"): you have the right to request the deletion of your personal data when it is no longer necessary for the purposes for which it was collected or when you withdraw your consent, in accordance with Article 17 of the GDPR.
- •Right to data portability: you have the right to receive your personal data in a structured, commonly used and machine-readable format, and to transmit it to another controller, in accordance with Article 20 of the GDPR.
You can exercise these rights:
- By contacting us directly at support@be-there.co.
- Or, if you use our services via Slack, by using the integrated data request options available through Slack (including access, deletion, and portability requests).
8. What security measures do we implement?
We undertake to implement technical and organizational measures to ensure the security, integrity, authenticity and confidentiality of your personal data, in particular:
- We use SSL encryption to protect your data.
- We use a secure authentication system to protect your data and do not store your passwords.
- We do not store your credit card information and use a secure payment provider.
- We use third party services to provide security patches and updates on our software dependencies and we apply them as soon as they are available.
We ensure that our subcontractors also maintain a level of protection similar to ours with regard to the processing of your personal data.
9. Modifications
We may modify this privacy policy at any time, in particular to comply with any regulatory, jurisprudential, editorial or technical change. These modifications will apply on the date of entry into force of the modified version. Please regularly consult the latest version of this privacy policy. You will be kept posted of any significant change of the privacy policy.