Privacy Policy | Collective

When you use the Collective platform, we collect personal data about you.

The purpose of this policy is to inform you about how we process this data.

‍1. Data Controller

‍Collective, Simplified Joint Stock Company
Paris Trade and Companies Register no. 892 760 539
Registered office: 9 rue des Colonnes, 75002 Paris, France
(hereinafter: "We")

2. What is the purpose of the collected data?

‍Your data is processed to fulfill one or more purposes. Each purpose is associated with a legal basis, a list of which you can find below.

‍Based on the execution of pre-contractual measures taken at your request and/or the execution of the service contract you have subscribed to, we implement processing for the following purposes:

‍Enabling you to create and access your account;

Enabling you to carry out assignments for your clients as a collective member, or to submit a project and monitor the completion of your assignments as a client.

‍Based on our legitimate interest in developing and promoting our activity, we implement processing for the following purposes:

‍Responding to your information requests;

Building a member and client file; Managing potential disputes regarding our services.

‍Based on compliance with our legal and regulatory obligations, we implement processing for the following purposes:

‍Compliance with regulations applicable to our activity;

Managing requests for exercising rights.‍

3. What personal data do we collect?

‍Personal data is data that allows an individual to be identified. We collect data falling into the following categories:

– Identification data (e.g., name, surname, email address, postal address, identity card);

– Data related to your professional life (e.g., profession); – Data related to your personal situation;

– Connection data (e.g., IP address, logs);

– Economic and financial data (e.g., bank account details).

Mandatory data is indicated when you provide us with your data. It is necessary to provide you with our services.‍

4. Who are the data recipients?

‍– Our company's personnel

– Our subcontractors: hosting provider, audience measurement and analysis provider, invoice manager, accounting software.

– Where applicable: audit services (including statutory auditors), public bodies, exclusively to meet our legal obligations, legal auxiliaries, ministerial officers, and debt collection agencies.

‍5. How long is data retained?

‍Data collected to provide our services and enable you to carry out assignments for clients, data necessary for evidentiary purposes: duration of the statutory limitation period (generally 5 years) - invoices 10 years.

Data retained during the processing of an information request is deleted once the request has been processed. Data collected for sending newsletters, solicitations, and promotional messages: 3 years from the date of data collection.

‍6. Is your data likely to be transferred outside the European Union?

‍Your data is stored on AWS company servers.

These may be transferred outside the European Union as part of the tools we use and our relationships with our subcontractors (see article "Who are the data recipients?").

This transfer is secured using the following tools:

– Or these data are transferred to a country deemed to offer an adequate level of protection by a decision of the European Commission;

– Either we have concluded a specific contract with our subcontractors governing the transfer of your data outside the European Union, based on standard contractual clauses between a data controller and a data processor, approved by the European Commission.

‍7. What are your data rights?

‍You have the following rights regarding your personal data:

– Right to information : This is precisely why we have drafted this charter.

– Right of access : You have the right to access all your personal data at any time.

– Right to rectification : You have the right to rectify your inaccurate, incomplete, or outdated personal data at any time.

– Right to restriction of processing : You have the right to obtain restriction of the processing of your personal data in certain cases defined in Art. 18 of the GDPR.

– Right to restriction of processing : You have the right to obtain restriction of the processing of your personal data in certain cases defined in Art. 18 of the GDPR.

– Right to be forgotten : You have the right to request that your personal data be erased, and to prohibit any future collection of it.

– Right to data portability : You have the right to receive the personal data you have provided to us in a standard machine-readable format and to request their transfer to the recipient of your choice.

– Right to object : You have the right to object to the processing of your personal data. Please note, however, that we may continue to process them despite this objection, for legitimate reasons or for the defense of legal rights.

– Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you believe that the processing of your personal data constitutes a violation of applicable texts.

– Right to define directives regarding the retention, erasure, and communication of your personal data after your death. You can exercise these rights by writing to us at the contact details below.

We may ask you to provide additional information or documents to verify your identity on this occasion.

‍8. Personal Data Contact Point

‍Contact email: [email protected]

Contact address: Collective SAS, 9 rue Ambroise Thomas, 75009 Paris, France

‍9. Modifications

‍We may modify this charter at any time.

These changes will apply from the effective date of the modified version. You are therefore encouraged to regularly consult the latest version of this charter.

Effective Date: 01/04/2022