1. Introduction
Please read this Privacy Policy carefully as it explains how I use your personal data and how to exercise your rights. This Privacy Policy supplements the Terms & Conditions or any documents or notices that may refer to this Privacy Policy.
This Privacy Policy applies to the website https://chalier.co (hereinafter the “website”) published by Patrick Chalier and its other services and products for which personal data is being communicated to Patrick Chalier.
Should you have any questions, you may directly contact me.
2. Definitions
DATA means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).
USAGE DATA is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).
COOKIES are small files stored on your device (computer or mobile device).
DATA CONTROLLER means a natural or legal person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed. For the purpose of this Privacy Policy, we are a Data Controller of your data.
DATA PROCESSORS (OR SERVICES PROVIDERS) means any natural or legal person who processes the data on behalf of the Data Controller. We may use the services of various Service Providers in order to process your data more effectively.
DATA SUBJECT is any living individual who is the subject of Personal Data.
THE USER is the individual using my Service. The User corresponds to the Data Subject, who is the subject of Personal Data.
3. Legal context
I abide by the recommendations of the relevant authorities and have put in place an organization to ensure our compliance with the regulatory framework established by the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR) and any other laws or regulations relating to personal information that apply to me.
4. What is my role?
Under the GDPR, I am considered as a data controller. It means that I set the why’s and how’s I process your personal information. For example, when you are visiting my website, I am in charge of determining the purposes and the means that are necessary to administer, operate and manage our users’ personal information that I collect from it.
Depending on the activity I perform on your data, I may also be considered as a data processor. This means that you are my customer’s end user and that I am processing your data under the instructions of my customer considered as a data controller. In this case, the data controller sets the purposes and means of the processing activity, and I abide and deliver my Service in regard to these.
5. What kind of personal information do I process?
I only collect and process personal information that is relevant and adequate. I give special attention to its accuracy and updates when needed. Personal information includes in particular:
| Type of Date | Example of Data |
|---|---|
| Identification Data | e.g. first name, last name, picture, birthdate, etc. |
| Professional Data | e.g. company name, skills, job title, diplomas, etc. |
| Internet Data | e.g. cookies, tracers, navigation data, audience metrics, etc. |
| Contact Data | e.g. email address, phone number, postal address, etc. |
| Connection Data | e.g. IP address, logs, terminal and connection identifiers, timestamp, etc. |
| Location Data | e.g. movements, GPS data, GSM, etc. |
| Economic and Financial Data | e.g. income, financial situation, tax situation, banking details, etc. |
The collection of this information may at times be mandatory in order to provide my Service, other times optional to enhance your experience and left to your good will. Mandatory information will be identified as such when I collect your data. Know that if you refuse to provide it, I won’t be able to provide you with its utmost service, and you will unfortunately experience inconveniences.
6. When do I collect your personal information?
I collect your personal information on various occasions.
| Sources | Description |
|---|---|
| Online or paper form | Individual filled in a form |
| Website or software visit | Individual browsed our website or our solution |
| Billing form | Individual filled in a payment checkout |
7. How do I use your personal information?
Your personal information will never be processed for incompatible purposes regarding why it was first collected. I only collect and process personal information for specified, explicit and legitimate purposes, like:
| Processing Activities | Purposes | Legal Basis |
|---|---|---|
| B2B Lead management | To interact with individuals about the service whether by email or by phone and follow lead management | Consent, Contractual duties, Legitimate interest |
| Website audience measurement | To gather analytics on the website traffic | Consent |
| Payment & billing management | To process money transactions | Contractual duties |
| Appointment scheduling | To plan, prepare and follow up on external meetings | Consent |
In order to comply with the principle of lawfulness, the legal bases for each data processing is determined carefully and on a case-by-case basis in accordance with the list provided by Article 6 of the GDPR.
I do not process your data or use automated decision-making without your knowledge, nor do I sell or rent your personal information without your explicit consent.
8. Who can access your personal information?
Recipients to whom I disclose your personal information are carefully chosen by me. They receive data for legitimate purposes, especially when it comes to pursuing my business activity and providing a qualitative service:
| Subprocessor | Service provided |
|---|---|
| AC PM LLC | Transactional emailing |
| Stripe | Payment & billing management |
| Cal.com | Scheduling appointments and meetings |
Certain data recipients are considered our data processors in accordance with Article 28 of the GDPR, which means we review how they handle personal information and make sure they put in place appropriate guarantees to protect it.
Other recipients are considered authorized third parties in accordance with Article 4 of the GDPR, which means we have to communicate your personal information to them to comply with applicable legal obligations, lawful requests and processes (subpoenas, requests from government or tax authorities, etc.).
9. Where do I transfer your personal information?
As far as possible, your personal information is processed within the European Union. However, some of our service providers may be located in another country of which you are a resident or pursuing their activity outside the European Union.
When I transfer your personal information to a recipient outside the European Union, I take care of putting in place sufficient guarantees in accordance with the list provided by Articles 44 to 50 of the GDPR, whether it is having it stored in a country with an adequate privacy protection or contracting Data Protection Agreements to ensure your personal information is protected.
| Subprocessor | Location | Adopted safeguard |
|---|---|---|
| AC PM LLC | USA | Data Processing Agreement |
| Stripe | USA | Data Processing Agreement |
| Cal.com | USA | Privacy Protection |
10. How long do I store your personal data?
As a general rule when I am considered a data controller by the GDPR, retention periods of your personal information are determined according to the purposes for which I collected it and our legal obligations.
Regarding my activities as a data processor, I retain our customers’ end users personal information as long as required by my terms and conditions and the pursuing of the service my customers’ subscribed to.
When these purposes are fulfilled or when you ask me, your personal information is archived, erased or anonymized.
12. What are your rights and how to exercise them?
In accordance with Articles 12 to 23 of GDPR, you have rights over your personal information that I am committed to respect:
- you can request access to your personal information and a copy of it.
- you can ask me to modify your personal information if you consider it obsolete, inaccurate or incomplete.
- you can object to the processing of your personal information if based on my legitimate interest in certain circumstances.
- you can request to restrict the processing during a limited period of time, in certain circumstances.
- you can opt-out from a consent already given, without this withdrawal affecting the lawfulness of the processing operations already carried out.
- when technically feasible, you can ask me to send you the personal information you provided me or that I communicate it to a third party.
- you can ask me to delete your personal information if it meets legal grounds for which it is applicable.
These rights can be exercised directly and at any time by contacting me. In the case you are my customer’s end user, please take into consideration that this request will be forwarded and must be answered directly by them.
13. Children’s privacy
My Services are not intended for use by children under the age of 13 (” Children”).
I do not knowingly collect personally identifiable information from Children under 13. If you become aware that a Child has provided me with Personal Data, please contact me. If I become aware that I have collected Personal Data from Children without verification of parental consent, I will take steps to remove that information from our servers.
14. Policy changes
This Privacy Policy may be modified in the future to keep it updated with legal jurisprudence and evolution. You’ll be informed either by a special mention on this page or by a personalized warning, by email for instance.
15. Contact us
If you have any questions about this Privacy Policy, please contact me.