Data Privacy

SAS Effency – RCS Paris 822320172

Siège social : 78 avenue de Flandre – 75019 Paris

Effency specialises in digital coaching and has developed a collective efficiency digital coaching tool that can be used to identify the potential of teams to work together. The tool is available on our website at test.effency.fr (the ‘Website’) and on a mobile application, TeamGether (the ‘Application’). This tool enables Us to offer our clients collective efficiency digital coaching services (our ‘Services’), details of which are set out in our General Terms and Conditions (link to General Terms and Conditions).

This Privacy Charter contains information on the personal data you provide to Us or that We may collect when you browse our Website and when We interact on our Website and our Application.

We collect and manage such data in accordance with applicable data protection regulations, including French Data Protection Act No 78-17 of 6 January 1978 (Loi Informatique et Libertés) and Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, which is the subject of French Decree No 2019-536 of 29 May 2019.

1 – Data controller

The data controller is SAS Effency, which is registered in the Paris Trade and Companies Register under number 822 320 172 and has its registered office at 78 Avenue de Flandre, 75019 Paris (‘Effency’, ‘We’ or ‘Us’).
E-mail: team@effency.fr

2 – The personal data collected by Effency

‘Personal data’ means any information relating to a natural person who can be identified, directly or indirectly, by reference to an identifier such as their surname, first name, postal address or e-mail address or to an identification number such as an order number, IP address, etc.

We strictly ensure that We collect as little data as possible and that We only collect the data We require to provide our services, namely:

Identification details provided by the Client (name, e-mail address, IP address, business details): these data are required in order for Us to provide our digital coaching services. They are provided when a Client enters into a contract with Effency with a view to the Client’s employees and/or agents receiving our Services. Our Client provides Us, under their responsibility, with the e-mail addresses of its employees who are authorised to access our coaching spaces.

Identification details provided by the User (name, e-mail address, IP address, business details, telephone number, postal address): these data are also required in order for Us to provide our digital coaching services. They are provided when a user, employee and/or agent of a Client opens an account on the Website or Application or enters their login details in order to access our Services (to take an individual test, obtain a group analysis or follow a coaching program).

Bank details : these data are required for our Clients to place an order and receive a refund. However, no payment is made online and the bank details We may collect are intended solely for our payment service providers.

Technical details (IP addresses, login details): these data are collected when you browse our Website and/or Application.

Browsing data (searches, number of visits, date of last visit): these data are useful to enable Us to offer personalised services as well as to track the number of people who browse our products and services.

3 – Purpose of processing

Your data are collected and processed for specific and legitimate purposes, to enable Us to:

– ensure that our Website and Application and the related services and functionalities work effectively;
– send you notifications concerning the coaching program, analyse your results and chat with you via the Effency Chatbot, providing that you have not opted out;
– send you marketing messages, newsletters and promotional messages, providing that you have not opted out;
– carry out research; and
– prepare commercial statistics and statistics on the number of people who browse our Services.

When We collect your personal details, We will state whether certain data are mandatory or optional. We will also inform you of the consequences should you fail to provide such data.

4 – Data recipients

Data are transferred to third parties solely for the following purposes:

To provide the services ordered: in order to provide you with the digital coaching services offered by Us, your data may be forwarded to the relevant companies, namely:
– our Consultants: Cog’X
– our Partners: La Petite Etincelle, Siclavy, Arborescence, In Facto.
Our staff, consultants and partners have signed a non-disclosure agreement in relation to the data processed by them.

Access to third-party services: in order for Us to provide the collective digital coaching services offered by Us, We use collaborative communication platforms and your data may pass through these platforms:
– our collaborative communication platform service providers: Slack (Salesforce) and Teams (Microsoft).

The information We receive from these third-party services is used in accordance with the relevant privacy policies.

Outsourcing: We use the services of third parties to operate our Website and Application and to provide you with the products and services We offer, including AWS, a data storage company. The servers used by Effency are situated in the AWS cloud in France (application server, web server and database server).

The information We receive from these third-party service providers is used in accordance with the relevant privacy policies. These technical service providers are permitted to use such information solely for the benefit of Effency and the information will only be disclosed in the following circumstances:
– if so required pursuant to applicable regulations, in order to fulfil a legal obligation or in the context of legal proceedings;
– in the event of an emergency to ensure that the data remain secure.

Your personal details may also be provided to public organisations – solely for the purpose of fulfilling our legal obligations –, legal officials, ministerial officials and debt collection agencies.

The personal data We collect may be used for research and statistical purposes (see Clause 10 of our General Terms and Conditions). Accordingly, they are likely to be forwarded to third parties and researchers with whom We collaborate. However, these data will be anonymised before they are forwarded to any third party so that they no longer constitute personal data.

5 – Legal bases for processing

We process your personal data on the following legal bases:

Performance of the contract: We must process your personal data in order to perform the contract you have entered into with Effency and/or our partners with a view to providing Services to you, via our Website or our Application.

Legitimate interest: We may have a legitimate interest to process your data, for example when We send out e-mails confirming the creation of an account or when We analyse how you browsed our Website or Application, in order to improve our offers and services, carry out statistical studies on the products and/or services We offer and secure our digital media (websites, applications, etc.).

Consent: We process your personal details with your express consent, which may be withdrawn at any time, for example to send our tests, analyses, coaching programs and marketing communications concerning special offers.

A legal requirement: We may process data in order to fulfil a legal requirement imposed upon Us, for example when processing your orders through our accounts.

6 – Data retention period

We retain data for the statutory periods recommended by the CNIL (French Data Protection Authority) and/or for the statutory periods imposed upon Us. However, data may be processed as proof of a right or contract.

Exceptionally, We retain user identification details for one year from the last contact or from when the relevant Service was last provided.

Data used to canvas users of our Services are stored for three years from the end of the commercial relationship.

Personal data concerning a prospect who is not an existing user may be retained for three years from the date it is collected or from the last contact made by the prospect.
As regards analytics statistics, the information stored on a user’s device or any other information used to identify a user that can be used to trace them and record the number of times they access our Website or Application will not be retained for more than 13 months.

In order to manage requests concerning rights to your personal data, data will be retained for one year.

7 – Data transfers outside the European Economic Area

It is our policy not to transfer data outside the European Economic Area.

If data are transferred outside the EEA, We ensure that appropriate guarantees (including contractual and technical guarantees) are in place, in accordance with applicable data protection regulations.

8 – Cookies

This section concerns the management of cookies on the Website and Application and contains information about the origin and use of browsing information that is processed when you browse our Website or Application and about your rights.

What is a cookie? A cookie is an electronic file that is stored on a device (computer, tablet, Smartphone, games console, etc.) and read when a user browses a website or e-mail or installs or uses a software (such as Chatbot) or mobile application, irrespective of the device used.

What are cookies used for? The cookies used on our Website and Application are used to distinguish you in order to improve your browsing experience and the services offered by Effency. They may be issued and stored directly by Effency or by our service providers and partners.

How to manage cookies. Each time you visit the Website or Application and open Chatbot, a banner explaining how cookies are used will appear. You must click on this banner in order to accept, reject or manage cookies . Only cookies that you accept will be stored on your device. You may choose which cookies you accept and agree to be stored on your browser and which cookies you wish to reject, either by selecting cookies individually or all cookies.

What cookies may be stored? Four types of cookies may be stored on our Website and Application:

Functional and technical cookies: These cookies facilitate the use of our Website and Application or their functionalities. They are used in particular to authenticate you so that you do not need to re-enter your login details each time and to establish your chosen language.

Internal cookies needed to operate the Website: We do not use this type of cookie.

Analytics cookies: Our Website and Application use Google Analytics, a Google internet analytics tool that gives Us a better understanding of our users’ behaviour. The tool may use cookies to collect information and generate reports on usage of a website without individual users being personally identified by Google. The ‘___ga’ cookie is the one that is used most frequently by Google Analytics.
In addition to generating reports on usage of a website, Google Analytics can also be used in association with certain (…) advertising cookies (…) in order to display more relevant adverts on Google websites (such as Google search) and on the web. The Google Analytics privacy policy is available at https://www.google.com/analytics/learn/privacy.html?hl=fr.

Analytics cookies are not retained for more than 24 months.

Third-party cookies intended to improve interactivity between our Website and our Application: Our Website and our Application use various services proposed on third-party websites, as a result of which third-party cookies are stored by these services subject to the applicable privacy policies. These notably include the ‘share’ buttons appearing on Twitter (link to website), Facebook (link to website) and LinkedIn (link to website). We invite you to read the privacy policies of these social networks and to exercise your rights by configuring your account on each website.

We do not use advertising cookies. However, if We do use such cookies in the future, We will notify you accordingly in advance and you will have the option to deactivate these cookies.

9 – Your rights and how to exercise them

In accordance with applicable regulations, you may exercise the following rights in relation to your personal data:

A right of access: you have the right to ask Us to inform you of the data We hold about you and to provide you with that data.

A right of rectification: you have the right to ask Us to rectify any incorrect data We hold about you and to be notified when We have done so.

A right to erasure: you have the right to ask Us to erase your personal data and to be notified when We have done so.

A right to restrict processing: you have the right to ask Us to suspend and restrict the processing of your data until a check has been carried out.

A right to data portability: you have the right to ask Us to send your personal data to you in a structured format and that they be provided to another data controller.

A right to object: you have the right to object to being included in a document at any time if you have a legitimate reason for doing so.

A right not to be profiled: you have the right to agree or object to any ‘profiling’, i.e., to automated decision-making. If you have agreed to such profiling, you have the right to have your situation examined by a human being in order to obtain an explanation of the decision taken or to dispute the decision .

You may exercise your rights by contacting Effency directly via any of the following methods: by sending an e-mail to team@effency.fr, on the Website or the Application, via the ‘contact’ section or by sending a letter by post to Effency at 78 Avenue de Flandre, 75019 Paris.

If you send Us proof of your identity in order to exercise your right to object, We will retain the document for one year or three years.

In the event of a dispute, you may contact the CNIL (French Data Protection Authority) via its website at www.cnil.fr or by post at CNIL, 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 7.

10. Data security

We and our partners and service providers take useful precautions and appropriate organisational and technical measures to ensure the security, integrity and confidentiality of your personal data and in particular to protect such data from corruption, damage or access by an unauthorised third party. These measures are applied in accordance with industry standards and CNIL and ANSSI policies and comply with applicable security standards.

The following principles apply to our Website and our Application, including Our technical infrastructure (secure hosting, security and access control policy) and from an application point of view (Website and Application development):
– collection of secure data;
– storage that protects the integrity and confidentiality of data;
– ensure secure development environments;
– ensure secure access;
– restriction of outsourcing.

We process personal data using secure infrastructure situated in the European Economic Area. Our Website and our Application are regularly audited to guarantee optimal security.

11 – Effective date

This privacy policy took effect on 1 March 2021