The purpose of MADIASOFT's Privacy Policy is to inform the Customer of the conditions under which KAFINEA services collect, process and store personal information ("personal data"). The Privacy Policy is part of the General Terms and Conditions of Service (GTCS) and each term defined in the GTCS has the same meaning in the Privacy Policy.
By accessing and using the KAFINEA Site, the Customer agrees to comply with and be bound by this Privacy Policy, which may be modified or updated at any time without notice. Any changes will be posted on the site.
1. Data collected by MADIASOFT
The parties agree that, depending on the services subscribed to, the Customer's database(s) may contain personal data. The Customer is the data controller. This data will be processed by the Service Provider at the Customer's request, through the Customer's use of the Service Provider's services requiring a database, or when the Service Provider is requested to carry out work on the Customer's data.
When the Customer uses KAFINEA's services and products, the following data is collected and processed: title, first name, surname, company name, country, VAT number if applicable, password, postal address, telephone number, e-mail address, IP address(es) and domain name, connection data and browsing data when authorized by the Customer, order history, complaints, incidents and correspondence on the site. Some data is collected automatically during visits to the https://www.kafinea.com website (see paragraph on cookies below).
MADIASOFT will never collect or process sensitive personal data within the meaning of the law, relating for example to the Customer's racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, health information, full credit card number or personal bank account number.
2. Purposes and legal basis of processing
Processing will be carried out in compliance with data protection legislation. In particular, the Service Provider undertakes to process personal data only when and as requested by the Customer, and for the purpose of performing one of the services under the Contract, unless required by law, in which case the Service Provider will give prior notice to the Customer, unless prohibited by law.
MADIASOFT only uses the Customer's personal data in the cases provided for by the regulations in force, which are :
- the execution of the service contract concluded by the Customer with MADIASOFT;
- invoice and accounting management ;
- resolving any problems in order to improve the use of its site and services;
- monitoring customer relations, such as carrying out satisfaction surveys (with the customer's consent, which is optional), managing complaints, analyzing the volume and history of the customer's use of our services;
- the transmission of newsletters, as well as information on its services and those of its partner companies,
- management of requests for access, rectification and opposition rights;
- management of overdue payments and litigation ;
- the existence of a legitimate interest in using the data;
- the prevention, detection and investigation of any potentially prohibited and illegal activities or activities contrary to good practice, and to ensure compliance with its terms and conditions of use;
- compliance with legal and regulatory obligations.
3. Identity and contact details of the data controller
Personal data is collected by MADIASOFT, SARL registered with the RCS Fort-de-France under SIRET number 482 302 213 00012.
MADIASOFT collects and processes the Customer's personal data fairly and lawfully, and in compliance with the principles of European Regulation 2016/679 of April 27, 2016 (RGPD).
MADIASOFT is responsible for processing the Customer's personal data within the meaning of the RGPD.
4. Consent
By subscribing to KAFINEA services and products and consulting its site, the Customer agrees and accepts that MADIASOFT may collect, process, store and/or use the personal data submitted in accordance with the rules set out in this Privacy Policy.
5. Recipients of personal data
The Customer's personal data is intended for MADIASOFT's use only and may be transmitted to subcontracting companies that MADIASOFT may call upon in the performance of its services and products. In accordance with Article 28 of the RGPD, MADIASOFT's subcontractors' access to data is provided for by a contract signed between MADIASOFT and the subcontractor, which mentions its obligations in terms of protecting the personal data entrusted to it. MADIASOFT ensures compliance with data protection requirements for all its subcontractors.
MADIASOFT does not sell or rent the Customer's personal data to third parties for marketing purposes.
Support, administrative, accounting, technical, marketing and sales staff may have access to the customer's personal data. The Service Provider undertakes to ensure that all personnel authorized to process personal data are subject to a duty of confidentiality.
MADIASOFT does not disclose the Customer's personal data to third parties, except in the following cases:
- the Customer requests or authorizes disclosure;
- disclosure is required to process transactions or provide services requested by the Customer;
- MADIASOFT is compelled to do so by a governmental authority or regulatory body, in the event of a judicial requisition, subpoena or other similar governmental or judicial requirement, or to establish or defend a legal claim;
- the third party acts as MADIASOFT's agent or subcontractor in the performance of services (for example, host, postal or digital mail service providers, maintenance and technical development service providers).
6. Retention of personal data
MADIASOFT collects the Customer's personal data for the purposes of fulfilling its contractual obligations, as well as information on the manner and frequency of use of its services and products. MADIASOFT stores this data in active databases, log files or other types of files for as long as the Customer uses its services.
MADIASOFT only stores the Customer's personal data for the time necessary to provide its services and products. MADIASOFT also stores the following personal data in accordance with legal requirements:
- Information relating to the management of the customer account, orders, invoicing, payments: 10 years after the end of the contract or the last contact from the inactive customer;
- information relating to the constitution and management of prospecting files: 3 years from the date of collection of the data or the last contact from the prospect;
- the personal data of inactive customers for the purpose of sending information on sales and marketing offers, within 3 years of the end of the commercial relationship.
When the retention of data is no longer justified by the management of a Customer account, a legal obligation, disputes or litigation, or commercial requirements, and notwithstanding the exercise of the rights of deletion or modification, MADIASOFT will securely delete the data.
7. Security
MADIASOFT undertakes to provide the Customer with all information necessary to demonstrate compliance with data protection legislation, and to authorize and contribute in a reasonable manner to audits, including inspections, conducted or mandated by the Customer for this purpose.
MADIASOFT undertakes to inform the Customer immediately, insofar as it is legally authorized to do so, in the event of a request from an administrative or judicial authority relating to the Customer's personal data.
MADIASOFT makes every effort to prevent the loss, misappropriation, intrusion, unauthorized disclosure, alteration or destruction of personal data communicated by the Customer. In order to do so :
- The hosting servers on which MADIASOFT processes and stores the databases are located exclusively within the European Union.
- All information communicated via MADIASOFT sites is protected by industry security standards.
- MADIASOFT has put in place appropriate electronic, physical and managerial procedures to safeguard and preserve the data collected through its services.
- MADIASOFT employees are bound by an obligation of confidentiality and non-disclosure, and have all signed a specific undertaking relating to the protection of personal data.
- When MADIASOFT uses service providers to process personal data, it ensures that these service providers guarantee an equivalent level of protection in terms of security.
MADIASOFT undertakes to notify the Customer as soon as it becomes aware of and confirms any unauthorized, accidental or unlawful processing, access or disclosure of personal data. To this end, the Customer undertakes to provide the Service Provider with valid contact information to enable any notification to be made to the Customer.
8. Transfer of personal data
MADIASOFT stores the Customer's personal data within the European Union.
9. Cookies/Tracking
As a general rule, MADIASOFT uses cookies and tracking to improve and personalize the site and/or measure its audience. A cookie is a small text file stored on the hard disk of the Customer's computer and sent by the website to the Customer's Internet browser or device. A cookie does not identify the customer personally and is not used to collect personal data without the customer's knowledge. Its purpose is to record information relating to the customer's browsing on the site (memorize technical choices, past activity), in order to facilitate browsing and provide relevant offers and services.
To find out more about the cookies used on this site, please consult our cookie policy.
10. Customer's rights
In accordance with the French Data Protection Act of January 6, 1978 and European Regulation 2016/679 of April 27, 2016, the Customer has the following rights with respect to his personal data:
- right of access
- right of rectification
- right of objection
- right to deletion
- right to portability
- right to limitation
Customers may exercise these rights by writing to MADIASOFT at contact@madiasoft.com.
All requests must be justified, signed and accompanied by a copy of a valid identity document.
The Customer is entitled to lodge a complaint with the Commission Nationale Informatique et Libertés (CNIL), 3 Place de Fontenoy, 75007 Paris (https://www.cnil.fr/professionnel).
11. Modification of the privacy policy
MADIASOFT reserves the right to update and modify all or part of this Privacy Policy at any time, in particular in application of changes to the laws and regulations in force. The version published on the Site is the version currently in force. Changes will be notified to the Customer via the MADIASOFT website or by email (provided the Customer has supplied his/her email address), if possible at least thirty (30) days before they come into effect.
It is recommended to check these rules from time to time to remain informed of the procedures and rules concerning the Customer's personal information.