1. Purpose and scope of the policy
Square Sense attaches the greatest importance and care to the protection of privacy and personal data, as well as to the respect of the provisions of the applicable Legislation.
2. Data Controller
In the course of your activity on the https://square-sense.com website, we collect and use personal data relating to you, an individual (hereinafter “Data Subject”).
For all the Processing activities, Square Sense, SAS registered under the number RCS PARIS 834 220 162, with capital of 790 442,46 €, having its registered office at 233 rue du Faubourg Saint Honoré, 75008 PARIS, FRANCE, determines the means and purposes of the Processing. Thus, we act as a Processor, within the meaning of the Regulation on Personal Data, and in particular Regulation (EU) 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data.
3. What Personal Data do we collect and how?
By using our website, you provide us with a certain amount of information about yourself, some of which may identify you (“Personal Information”). This is the case when you browse our site, when you fill in online forms.
The nature and quality of the Personal Data collected about you will vary depending on the relationship you have with Square Sense, the main ones being:
- Identification data: This includes all information that would allow us to identify you, such as your name, first name, telephone number. We may also collect your e-mail address, as well as your postal address (in case of payment, the postal address will be necessary to generate an invoice).
In case of subscription, a proof of identity may also be requested.
- Browsing information: by browsing our website, you interact with it. As a result, some information about your browsing is collected.
- Data collected from Third Parties: Personal Data that you have agreed to share with us or on publicly available social networks and/or that we may collect from other publicly available databases.
4. Why do we collect your Personal Information and how?
We collect your Personal Data for specific purposes and on different legal grounds.
In the context of the execution of the contract or pre-contractual measures, your Data is processed for the following purposes:
- Management of your contact requests
On the basis of your consent, your Data is processed for the following purposes:
- Carrying out commercial and marketing prospecting operations.
- Management of the newsletter.
- Management of cookies requiring your consent.
In the framework of the legitimate interest of Square Sense, your Data are processed for the following purposes:
- Establishment of statistics for the improvement of products and services.
- Management of pre-litigation and litigation.
Within the framework of the legal and regulatory obligations to which Square Sense is subjected, your Data are processed for the following purposes:
- Fight against Fraud.
- Fight against money laundering and the financing of Terrorism.
- General and auxiliary accounting.
5. Do we share your personal data?
Your Data are intended for the authorized Square Sense collaborators in charge of the management and the execution of the contracts and legal obligations, according to the purposes of the collection and within the limits of their respective attributions.
It may be transmitted for certain tasks related to the purposes, and within the limits of their respective missions and authorizations, to the following recipients:
- Entities of the Square Sense Group within the framework of an outsourcing of activity to another entity of the group.
- Service providers and subcontractors that we use to carry out a range of operations and tasks on our behalf, including
- Duly authorized public authorities (judicial, control…), in the framework of our legal and regulatory obligations.
- Regulated professions (lawyers, bailiffs, etc…) who may intervene in the context of the implementation of guarantees, collection or litigation.
When your Data is provided to our service providers and subcontractors, they are also required not to use the Data for purposes other than those originally intended. We make every effort to ensure that these Third Parties maintain the confidentiality and security of your Data.
In all cases, only the necessary Data is provided. We make every effort to ensure the secure communication or transmission of your Data.
We do not sell your Data.
6. Is your Personal Data transferred to third countries?
Square Sense strives to keep the Personal Data in France, or at least within the European Economic Area (EEA).
However, it is possible that the Data we collect when you use our platform or services may be transferred to other countries. This is for example the case if some of our service providers are located outside the European Economic Area.
In the event of such a transfer, we guarantee that it will be carried out:
- To a country ensuring an adequate level of protection, i.e. a level of protection equivalent to what the European Regulations require.
- Within the framework of standard contractual clauses.
- Within the framework of internal company rules.
7. How long do we keep your Personal Data?
We retain your Personal Data only for as long as is necessary to fulfill the purpose for which we hold the Data and to meet your needs or our legal obligations.
Retention times vary depending on several factors, such as:
- Square Sense business needs.
- Contractual requirements.
- Legal requirements.
- Recommendations from regulatory authorities.
The retention periods for your Data are as follows:
- Purposes Retention periods
- Carrying out sales and marketing prospecting operations 3 years after the last contact
- Newsletter management 3 years after the last contact
- Managing cookies that require your consent 6 months
- Establishing statistics for product and service improvement 13 months
- Management of pre-litigation and litigation 5 years
- Fight against Fraud 5 years
- Fight against money laundering and terrorism financing 5 years
- General and subsidiary accounting 10 years
8. How do we ensure the security of your Personal Information?
Square Sense is committed to protecting the Personal Data we collect, or that we process, from loss, destruction, alteration, unauthorized access, or disclosure.
Thus, we implement all appropriate technical and organizational measures, depending on the nature of the Data and the risks that their Processing entails. These measures must preserve the security and confidentiality of your Personal Data. They may include practices such as limited access to Personal Data by persons authorized by their functions, pseudonymization or encryption.
In addition, our practices, and policies and/or physical and/or logical security measures (secure access, authentication process, backup, software, etc.) are regularly reviewed and updated as necessary.
9. What are your rights?
The GDPR provides Data Subjects with rights that they can exercise. Thus, are provided:
1. Right to information: the right to have clear, precise, and complete information on the use of Personal Data by Square Sense.
2. Right of access: the right to obtain a copy of the Personal Data that the Data Controller holds on the applicant.
3. Right to rectification: the right to have Personal Data rectified if they are inaccurate or obsolete and/or to complete them if they are incomplete.
4. Right to erasure / right to be forgotten: the right, under certain conditions, to have the Data erased or deleted, unless Square Sense has a legitimate interest in keeping it.
5. Right of opposition: the right to object to the Processing of Personal Data by Square Sense for reasons related to the particular situation of the applicant (under conditions).
6. Right to Withdraw Consent: the right at any time to withdraw Consent where Processing is based on Consent.
7. Right to restriction of processing: the right, under certain conditions, to request that the Processing of Personal Data be temporarily suspended.
8. Right to Data Portability: the right to request that Personal Data be transmitted in a reusable format that allows it to be used in another database.
9. Right to Avoid Automated Decision-Making: the right of the applicant to refuse fully authorized decision-making and/or to exercise the additional safeguards offered in this regard.
10. Right to define post-mortem directives: the right for the applicant to define directives concerning the fate of Personal Data after his/her death.
Additional rights may be granted by the Local Regulations to affected Persons.
To this end, Square Sense has implemented a procedure for the management of individuals’ rights in accordance with the requirements of the applicable Legislation. This procedure establishes:
- The standards to be respected to ensure the transparent information of the data subject
- Legal requirements that must be met
- The authorized means of applying for each right, depending on the category of Persons concerned
- The business processes for handling these requests in accordance with the above requirements
- The stakeholders involved in these processes, their roles and responsibilities.
To exercise your rights, you may contact the Data Protection Officer (DPO):
A l’attention du DPO
233 rue du Faubourg Saint Honoré
When you send us a request to exercise a right, you are asked to specify as far as possible the scope of the request, the type of right being exercised, the Personal Data Processing concerned, and any other useful information, in order to facilitate the examination of your request. In addition, in case of reasonable doubt, you may be asked to prove your identity.
You also have the right to complain to the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, about the way in which [Square Sense] collects and processes your data.
10. Updating of this policy
This Policy may be updated from time to time to reflect changes in the Personal Data Regulations.
Date of last update 22/02/2023.