GDPR - Privacy Policy

Preamble

The purpose of this privacy policy is to inform you in detail about the terms of processing of your personal data as well as the rights you have. KLEEP constantly ensures compliance with data protection regulations and finds it essential to establish a relationship of trust with its customers. 

As Data Controller, KLEEP undertakes to carry out all processing of personal data in accordance with the provisions of Regulation No. 2016/679 of April 27, 2016, known as the General Data Protection Regulation (hereinafter GDPR) as well as those of Law No. 78-17 of January 6, 1978, as amended and/or any other applicable national legislation. 


  1. Who are we?

KLEEP's mission is to reinvent, through their artificial intelligence Kleep, the way in which fashion retailers offer experiences to their customers. Thanks to KLEEP, everyone can find their ideal size in just a few clicks. This allows retailers to personalize the customer experience, reduce returns and therefore improve their environmental impact. 


II. What data or categories of data are collected?


KLEEP may collect various data such as: 


- Identification data: surname, first name, email address and possibly a photograph 
- Data relating to professional life: title, professional email address, professional telephone number, postal address, organization chart, employer, position, diplomas and references and various information included in the exchanges, signature 
- Economic and financial data: RIB 
- Other data: specific customer needs, data relating to requests to exercise rights. 
- Connection data: Connection, usage and navigation data such as time, country, IP address

The data marked with an asterisk in the contact form or in the contact form in order to schedule a demo are mandatory. This data allows us to handle your request. Failure to respond to a mandatory field in these two forms will prevent validation and therefore the sending of your request. 

III. Why is this data collected?


KLEEP may collect your personal data for various purposes: 
- Management of customers, partners, prospects (including requests sent from contact forms,
- Management of communication actions, 
- Recruitment management, 
- Compilation of statistical measures regarding your interactions with our website

IV. What are the legal bases on which our company relies?

The processing implemented within KLEEP is part of, depending on the case, (i) consent, (ii) the execution of a contract or pre-contractual measures, (iii) a legal or regulatory obligation or (iii) the legitimate interest pursued by said company.  

In compliance with proportionality and data minimization, only the data necessary and relevant to the purposes pursued are collected. KLEEP undertakes to collect only the data strictly necessary for the purpose of processing.   

V. Who are the recipients of your personal data?

Your data is intended for KLEEP. 

However, some of your data may be transmitted to the company's internal departments, authorized third parties, external service providers, legal partners and subcontractors on behalf of and on the instructions of KLEEP. 

Here is a non-exhaustive list of our service providers: 
- Tawk to: It provides us with a chat so that you can contact us easily. This company is headquartered in Las Vegas. On July 10, 2023, the European Commission adopted a new adequacy decision concerning the United States . By this decision, the Commission decides that the changes made by the United States to their national legislation now make it possible to ensure an adequate level of protection of personal data transferred from the EU to organizations located in the United States when they take steps to comply with this new "data protection framework". The list of these organizations is managed and published by the US Department of Commerce . The company Tawk to is part of this list. 
- IONOS by 1&1 SARL: This company is the host of the website data. The latter is located in France. 
- Typeform: It provides us with a contact form so that you can schedule a demo with our company. This company is based in Barcelona. As such, it is part of the European Union and is committed to implementing and respecting the GDPR. 
- Mixpanel Inc: Mixpanel is a company that has created an analytics tool that allows us to capture data on how our users interact with our website. Through Mixpanel we can analyze the data with event reports. This company is headquartered in San Francisco. It is part of the list of organizations with an adequate level of protection for personal data transferred from the EU to the United States. 

This list may be subject to change. 

When we use third parties, we ensure that they provide an adequate level of protection for the protection of personal data. If this is not the case, we ensure that the transfer is carried out in accordance with the regulations to guarantee the protection of your personal data through standard contractual clauses. 

In all cases, access to your data by these recipients is limited to the categories of data that are strictly necessary for them to carry out their mission.

In addition, by law, litigation, legal proceedings or requests from public and government authorities, we may be required to disclose some of your personal information. 

For security reasons, your data is hosted by IONOS by 1&1 SARL, whose registered office is at 7 Place de la Gare in Sarreguemines, France. 

VI. How long is your personal data retained?

Here is a list of the periods for which your personal data is retained:  

For customer management: we retain your personal data for the duration of the contractual relationship. Then, we keep the personal data for five (5) years from the end of the business relationship. 


For partner management: we keep your data for three (3) years from the collection of the data or the last contact. 

For prospect and communication management: we keep your data for three (3) years from the collection of the data or the last contact. 

For quote requests that do not result in the conclusion of a contract: we keep your data for the time necessary to study and follow up on the request + one (1) year after the closing of the request or the last contact. 

For recruitment management: if you have applied to us and are not hired, your data will be deleted no later than two (2) years after submitting your personal information. However, we will not keep this data during this period if you object. 

VII. What should I do in the event of unauthorized use or a security breach of my customer account? 

When you create a customer account, you are responsible for maintaining the confidentiality of your password and for the activities that occur under your account. 

You agree to notify us immediately of any unauthorized use of your account or any breach of security.

VIII. What security measures are in place? 

KLEEP ensures the security of your personal data by implementing security measures against any data breach, i.e. any loss, destruction, alteration or unauthorized disclosure. 

KLEEP is committed to ensuring the protection of your personal data by applying standard protection technologies to encode information transmitted online. These various technologies and security procedures protect your personal information and prevent any unauthorized persons from accessing, using or disclosing it.

KLEEP cannot be held responsible for the content of other sites to which links on the Site refer, their level of security or the confidentiality practices applied. 

The personal data collected via the website will under no circumstances be distributed, transferred, rented or exchanged by KLEEP with third parties without your consent. Exceptionally, we remind you that in order to comply with our legal or regulatory obligations, your personal data may be transmitted to the competent authorities. 

IX. What are your rights?

In application of the Data Protection Act and the General Data Protection Regulation, you have several rights that you can exercise at any time: 

- Right of opposition: allows you to refuse the use of your data for certain processing operations. 

- Right of access: allows you to know which data has been processed and to receive communication via a copy. 

- Right of rectification: allows you to correct inaccurate or incomplete information. 

- Right to erasure: allows you to request the erasure of data concerning you. 

- Right to limitation of processing: allows you to limit the use of your data.

- Right to portability: allows you to recover your data for yourself or to transmit it to a third party depending on the legal basis chosen. 

- Right to withdraw consent: allows you to withdraw your consent provided that this is the legal basis chosen. 

X. Who can you contact to assert your rights? 

You can assert your rights electronically: dpo@kleep.ai

AND / OR

by post: KLEEP at 23 rue Blondel, 75002 in Paris.

In addition, you can consult the website of the National Commission for Information Technology and Civil Liberties (CNIL) if you wish to obtain more information on the extent of your rights (https://cnil.fr) 

You have the right to file a complaint with the CNIL: TSA 90715, 3 Place de Fontenoy, 75007 Paris. 

XI. Modification of this Privacy Policy 

This Privacy Policy may be modified at any time. Please review this information and any changes by consulting it regularly.

The Privacy Policy was last updated on: October 3, 2023