1.1 “Applicable Data Protection Law(s)” means the relevant local personal data protection, data security, data retention, and data privacy laws and regulations to which the personal data are subject, including the “Loi Informatique et Libertés” (French Data Protection) Act 78-17 of January 6, 1978 in its latest version (“LIL”) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”).
1.2 “Client” refers to companies which have subscribed to our services.
1.3 “Candidate” refers to individuals who have submitted an application for a job at our company, directly or although a job application platform or website.
1.4 “Service” means the supply and sale of services and all associated services proposed by our company.
1.5 “Supplier” refers to legal entities that provide goods and/or services to our company.
1.6 “Third Party(ies)” means Wiremind authorized auditors, accountants, contractors, agents, and third-party service providers that process personal data.
1.7 “Visitors” refers to any individual or legal entity who accesses the website.
1.8 “Website” refers to the website https://www.wiremind.io/ operated by Wiremind.
The terms “personal data”, “processing”, “processed”, “data subjects”, “data controller” and “data processor” have the same meaning as in the Applicable Data Protection Laws.
2. Who are we?
WIREMIND SAS is a company registered under laws of France, registered under SIRET number 80514582800028, with a place of business located 83 rue de Reuilly 75012 Paris.
3. What are the categories of personal data processed by us?
We may collect several types of personal information depending on the nature and the purpose of the personal data that we process, and the type of data subjects concerned. In all cases, we undertake to collect and process only personal data that are strictly necessary for the purposes of the data processing we carry out.
3.1 With respect to our Clients and prospects, we process the following categories of data:
- Identity-related data: such as last name, first and middle names, address, telephone number (landline and/or cell phone), fax number, email address, internal processing code to allow for Client identification. A copy of an identification card is kept as proof of the exercise of an access right, correction or opposition right or to meet a legal obligation;
- Financial data: bank account details of the legal entity to be invoiced;
- Data to monitor the business relationship: request for documentation, services subscribed, frequency, order number, correspondence with the Client and after-sales services;
- Data necessary to follow up payment of our invoices and their recovery;
- Data necessary to conduct surveys, and tests.
3.2 With respect to our Suppliers, we process the following categories of data:
- Data on Supplier’s identity: company name, name, first and last name/title of the designated contact person, address (headquarters, billing address), telephone, fax, e-mail address, SIREN number;
- Data on billing and payment of Supplier invoices.
3.3 With respect to Candidates applying for a position within our company, we process the following categories of data:
- Data on Candidate’s identity: last name, first name, e-mail, address;
- Data on Candidate’s professional life: recent experiences, diploma, studies;
- and more generally, any other information that Candidates communicate in their Curriculum Vitae and/or cover letter.
Please note that we do not wish to receive sensitive data from you, particularly any information on your origin, state of health, morals, sexual orientation, political opinions, trade union activities, religious beliefs, affiliation or non-affiliation with an ethnic group, nation or race. Any communication of this type of sensitive information may result in the rejection of your application within our company.
3.4 With respect to Visitors of our Website, we process the following categories of data:
Connection Data: date of the connection, time, internet addresses, Visitor’s computer protocol, page viewed on the Website.
For the sake of clarity, mandatory information required in online forms (if any) are identified as such by an asterisque*.
4. What is the legal basis of the processing of your personal data?
In accordance with Applicable Data Protection Law, we are allowed to process your personal data, so long as we have a ground under the law to do so. When we process your personal data, we will rely on one of the following processing conditions:
- Performance of a contract: this is when the processing of your personal information is necessary in order to perform our obligations under a contract;
- Legal obligation: this is when we are required to process your personal information in order to comply with a legal obligation, such as keeping records for tax purposes or providing information to a public body or law enforcement agency;
- Legitimate interests: we will process information about you where it is in our legitimate interest in running a lawful business to do so in order to develop our business activities, so long as it doesn’t outweigh your interests, for instance to (i) provide you with information on our Services or offer information about employment opportunities; (ii) prevent fraud or illegal activity and to safeguard our IT systems; (iii) conduct marketing activities; (iv) meet our corporate and social responsibility obligations.
- Your consent: in some cases, we will ask you for specific permission to process some of your personal data, and we will only process your personal information in this way if you agree to us doing so. You may withdraw your consent at any time by contacting us.
5. For what purposes do We process personal data?
5.1 With respect to our Clients and prospects. We process our Clients’ personal data for the purpose of managing contracts and orders, providing support, issuing invoices and monitoring payment, management potential debts, accounting, monitoring the Client relationship and retention, developing business and usage statistics. Prospect data is processed in order to carry out prospecting, studies, surveys, product, testing, promotion and solicitation operations.
5.2 With respect to our Suppliers. We process our Suppliers’ personal data in order to manage administrative operations related to their contracts, orders, receipts, invoices, payments and compatibility as it relates to the management of Supplier orders.
5.3 With respect to Candidates applying for a position at our company. We process Candidates’ personal data for the purpose of reviewing and processing job applications, responding to their requests and conducting any physical and telephone interviews.
5.4 With respect to Visitors to the Website. Visitors login personal data are processed for the purposed of statistical estimations of the Website traffic.
6. For How long do we keep your personal data?
We keep your personal data only for a period necessary and proportionate to the purpose for which it has been collected. Thus, the retention periods are determined for each data category in the following table:
|Data subjects||Data subjects|
|Clients personal data||Retention for the duration of the business relationship and for a period of 3 years after the last contact.|
|Suppliers personal data||Retention for the duration of the contractual relationship and for a period of 5 years after the last contact.|
|Candidates personal data||Retention for 2 years after transmission of the personal data when the Candidate is not selected.|
|Visitors personal data||The information stored in the user’s terminal or any other element that is used to identify the Visitor and allow for tracking them or their usage (such as logs or connection data) will not be kept longer than 1 year.|
More generally, we do not keep personal data in a form which permits your identification for a longer period than it is necessary. We take every reasonable measure to destroy or erase your personal data from our systems when their process is no longer required.
7. With whom do we share your information?
Your personal data will not be transferred, leased or exchanged for the benefit of Third Parties and will only be processed by authorized persons.
7.1 With respect to our Clients and prospects. Authorized persons from sales and marketing department, and the support department, are required to process your personal data and have access only to the data they require within the framework their duties.
7.2 With respect to our Suppliers. Your personal data collected and processed may be sent:
- to the personnel responsible for the procurement department, administrative and accounting departments, their hierarchical superiors, and persons contractually working with us or to an organization to conduct its accounting;
- to external firms bound by contract for the performance of Suppliers contracts;
- to the persons responsible for auditing the accounts;
- to the court and ministry officers in the context of their mission to collect debts;
- to the Financial institutions holding active accounts.
7.3 With respect to Candidates applying for a position at our company. Your personal data collected and processed may be sent:
- to managers in charge of recruitment;
- To headhunter firms/employment agencies.
7.4 With respect to Visitors to the Website. Your personal data collected and processed may be sent:
- to our communication / marketing departments
- to Third Parties communications and public relations agencies.
7.5 Other recipients
In general, all of the aforementioned personal data may also be communicated to:
- Third Party providers We may grant access to personal data to its service providers or contractors: we transfer personal data to its Third-Party service providers, such as (IT) systems providers, hosting providers, consultants and other goods and services providers or contractors. We work with such providers so that they can process your personal data on our behalf. We will only transfer personal data to them when they meet strict standards on the processing of data and security. We only share personal data in order to provide our Services.
- Courts, tribunals, law enforcement or regulatory bodies: we reserve the right to share your information to respond to duly authorized information requests of governmental authorities or where required by law.
- Internal auditors, professional accountants, legal advisers may access to documents, such as invoices, which contain personal data, for the purpose of their mission.
We never sell your personal data to Third Parties, such as marketers.
8. Where are your personal data processed?
Your personal data are being stored on our servers which are hosted by OVHcloud in France.
We guarantee that we do not transfer personal data to countries that do not provide an adequate level of protection, without first implementing one or more of the safeguards provided by the Applicable Data Protection Laws to regulate said transfer, namely through the use of standard contractual clauses approved by the EU.
(For more information on the countries that provide an adequate level of protection, see European Commission, “Commission Decisions on the Adequacy of the Protection of Personal Data in Third Countries.”)
9. What security measures are implemented?
All useful precautions and appropriate organizational and technical measures are taken in order to preserve the security, integrity and confidentiality of the personal data, including to prevent alteration or damage to the personal data, or access to the personal data by unauthorized Third Parties.
10. What are your rights and how can you exercise them?
Under the Applicable Data Protection Law and according to the legal basis for processing, you may have the following rights concerning the processing(s) of your personal data:
- The right to obtain confirmation by the data controller that your personal data is processed, as well as a right to access the personal data collected and processed within this context;
- The right to the correction of your personal data by the data controller, when it is incorrect or incomplete;
- The right to the deletion of your personal data by the data controller in accordance with the conditions stipulated by the Applicable Data Protection Laws;
- The right to limit the processing of your personal data by the data controller;
- The right to legitimately object to the processing of your personal data by the data controller, and to the use of this personal data for business prospecting purposes.
You may exercise these rights, express a concern, raise a question or obtain additional information about the processing of your personal data by sending an email to the following address firstname.lastname@example.org.
We undertake to respond to your request within one month from its receipt; this period may be extended up to two months, taking into account the complexity and number of the requests that we receive.
In any circumstances, the exercise of these rights must always be compatible with the legal obligations of and the legitimate interest pursued by the data controller.
In the event of a dispute, you have the right to file a complaint with the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés).
11. Third Parties websites