Data protection and privacy policy

In connection with the use of the https://wiseone.io/ website (hereinafter the “Website”) and the Services available on the WiseOne's Website (hereinafter the “Services”), WiseOne SAS (hereinafter the “Company” or “WiseOne”) may collect and process personal data (Hereinafter referred to as "Personal Data") concerning persons using the Service (hereinafter referred to as " Users ").
The purpose of this Data Protection and Privacy Policy (hereinafter the "Policy") is to inform users of WiseOne's use of their personal data, in compliance with applicable French and European legislation, in particular Law No. 78-17 of 6 January 1978 on data processing, files and freedoms (hereinafter the "Data Processing and Freedoms Act") And Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter the "GDPR") (Hereinafter together referred to as the "applicable Regulations").
By accessing and/or using the Service, the User accepts that his/her personal data will be collected and processed in accordance with the terms and conditions set out below in this Policy.
The Policy is an integral part of the General Terms and Conditions of Use of the Service (hereinafter the "General Terms and Conditions") and must be read in conjunction with the General Terms and Conditions.
This policy applies to all users (i.e. natural persons, as well as representatives and/or beneficial owners of legal persons) and potential users showing interest in a Service or product offered by WiseOne.
This Data Protection and Privacy Policy describes WiseOne's obligations as a data controller, indicates the rights of users and potential users to process their personal data, and provides users and potential users with the information legally required in this regard.
The Policy may be amended at any time by WiseOne, in particular to comply with any legislative, regulatory, jurisprudential, editorial or technical developments.
The user must therefore refer to the latest version of the policy before browsing.

Last Updated: 15 December 2023

I. The identity of the controller

WiseOne, as the "controller" (i.e. the entity that determines the purposes and means of processing personal data), collects and processes the personal data (i.e. any information relating to an identified or identifiable natural person) of each user.
The controller is WiseOne S.A.S., a simplified share company registered in the Metz Trade and Companies Register under number 900 902 149, whose registered office is at 11 Rempart Saint-Thiébault - Centre d'Affaires Synergie SA, METZ 57000 (hereinafter referred to as "WiseOne", "we", "our", " Our ").
  • However, when consulting the https://app.wiseone.io/ Website, other companies may collect personal data about the user. Some companies may, for example, publish cookies or tags.

II. Collect personal data

In order to provide the Service to users, WiseOne may collect and process personal data about them based on the Services they use and/or subscribe to or are about to use and/or subscribe to.
In particular, WiseOne may collect and process the following personal data:

1. Data transmitted directly by the user

  • Data related to a subscription to WiseOne services, including email, username, password;
  • Data entered via contact forms.

2. data collected when using the services

When using the Services, WiseOne may collect information relating to user data and technical information.
Navigation information may also be collected, such as pages accessed and links clicked while using the Services. Said navigation information is anonymized and completely wiped of personal data and personal identification data, and is only used by WiseOne for internal analytics purposes and to improve the quality and relevance of the Services and their results.

III. Purpose of processing

The User's personal data is or may be collected and/or processed by WiseOne depending on the Services that the User uses or to which he has subscribed or is about to subscribe in order to:
  • provide the Service, ensure its proper functioning;
  • improve the Service, in particular to optimize or offer new features to the Service;
  • facilitate user navigation;
  • register users for the Service (opening an online account, etc.);
  • inform users of WiseOne's offers and news, unless the User opposes, as well as offers and news from WiseOne's partners, if the User has given its consent;
  • manage the user relationship;
  • manage requests made by the user via contact forms;
  • manage billing and payment transactions;
  • adapt and optimize the display of the content, including advertising, of the Service, to the parameters or preferences, skills and interests, known, assumed or inferred, of the User, that may result from its use of the Service, the information it has entered or navigated and its interactions with the Service;
  • measuring the Service's audience;
  • provide sharing tools on social networks where the user has consented to this sharing of information;
  • contact you with newsletters, marketing or promotional materials and other information that may be of interest to you. You may opt-out of receiving any, or all, of these communications from us by following the unsubscribe link or instructions provided in any email we send, or by visiting https://app.wiseone.io/account and unsubscribing to our emails in the Newsletter section;
  • fight fraud and unpaid payments; to the extent that such processing is necessary to comply with any legal obligation to which WiseOne is subject;
  • secure the website and prevent any type of accident;
  • ensure the safety of WiseOne personnel, its users and potential users; and protect the property for which it is responsible.

IV. Legal basis of the treatment

Under data protection regulations, to use the User's personal data, WiseOne must ensure that it has one or more of the following legal bases:
  • The performance of an agreement (e.g. to open and manage an account), where such processing is necessary for the performance of contracts between WiseOne and the User or in order to take action at the request of the User or potential User before entering into a contract, or
  • The performance of a legal obligation (for example, the retention of invoices), and where such processing is necessary to comply with a legal obligation to which WiseOne is subject, or
  • When it meets the legitimate interest of WiseOne, without infringing the rights and freedoms of the user, or
  • When the user has given his consent.
WiseOne collects and processes only the information necessary to provide the Services to users, and to comply with its legal obligations. Personal data is collected from users (for example, when opening an account, through a questionnaire) and from third parties (for example, from national authorities).
Any refusal to provide personal data to WiseOne or to allow WiseOne to process such data, while at the discretion of the User, may prevent the continuation of the relationship with WiseOne, or prevent the provision of certain Products or Services by WiseOne.
The legal bases according to the categories of data and purposes are indicated in the table available in Article VII of this policy.

V. Personal data of third parties

A user who provides WiseOne with personal data of third parties (e.g. personal data of family members) must obtain the authorization of such third parties and inform them that WiseOne processes personal data for the same purposes and in the same way as those described in this policy with regard to the processing of personal data.

VI. Recipients of the data

The data collected or processed in connection with the use of the Service by the User is intended for WiseOne entities, authorized persons of WiseOne who, because of their functions, must be aware of it for the purposes of the processing, as well as:
  • to WiseOne service providers, in order to ensure the perfect provision of the Service.
  • The technical service providers chosen by WiseOne may, on behalf of and at the instruction of WiseOne, intervene to host and store the User's data on their servers and ensure the security of WiseOne's technical infrastructure, such as Hetzner or Google Cloud. They can also manage the loyalty program and marketing campaigns, such as Google.
  • WiseOne's partners. Some partners, such as Mailchimp (newsletter) and Twilio (mailing), may process data in order to provide the Service.
  • Social networks (for example: Google, Facebook, Instagram, twitter, Youtube) in the event that the user has expressly consented to the association of his user account with his accounts of use of these social networks when registering on the site.
  • Administrative or judicial authorities. WiseOne may be required to communicate information about its users, including data, to administrative or judicial authorities, in particular as part of the legal obligations with which WiseOne must comply. WiseOne may transfer personal data if it has a legal or regulatory obligation to do so or if it is instructed to do so by a public authority, within the legal limits.
These recipients of personal data must comply with their legal and contractual obligations regarding the protection of personal data, including applicable confidentiality and confidentiality obligations.
WiseOne may also transfer personal data upon instruction of the user.

VII. Transfer of personal data outside the European Union

WiseOne does not transfer the User's personal data outside the European Union. However, several WiseOne service providers and partners may transfer personal data outside the European Union at their convenience. These include social networks, but also

Google Cloud,
Contact for data protection:
Nathaly Rey
Google LLC
1600 Amphitheatre Parkway, Mountain View
California 94043, United States

Hetzner,
Data protection officer:
Sebastian Lippold
Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen
Germany

Brevo,
Data protection officer:
DPO Team
Sendinblue SAS
106 boulevard Haussmann
75008 Paris
France

VIII. Retention period for personal data

WiseOne undertakes not to keep the User's personal data beyond the period strictly necessary for the purposes of their processing and in accordance with the applicable regulations. WiseOne undertakes to archive or delete the User's personal data as soon as the purpose and/or the duration of their retention expires.
These maximum periods apply unless the User requests the erasure or cessation of the processing of his personal data before the expiry of these periods.
Categories of personal dataPurposesRetention periodLegal basis
Data transmitted directly by the userData related to the online account - Proceed with the registration of users to the Services.
- Provide the Service and ensure its proper functioning.
- Improve the Service, in particular to optimize or offer new features to the Service.
Up to 3 years after the user ceases to operate. - Contract (General Terms of use)
- Legitimate interest
Data related to interactions with the support department - Manage the relationship with the user via customer service;
- Manage billing and payment operations;
Up to 3 years after the end of the user's activity, then 5 years for claims management. - Consent
- Legitimate interest
Data collected when using the ServicesConnection data - Security
- Legal obligations
13 months - Legitimate Interest
- Legal obligations
Navigation data - Facilitate the user's navigation;
- Measure the Service's audience;
13 months - Consent
- Legitimate interest
Other types of dataData related to social networksProvide social media sharing tools when the user has consented to share information.Duration of the relationship with the user- Consent

IX. Security of personal data

In accordance with applicable regulations, WiseOne processes personal data in a secure and confidential manner.
In particular, WiseOne implements all technical and organizational measures to ensure the security and confidentiality of personal data collected and processed, and in particular to prevent it from being distorted, damaged or communicated to unauthorized third parties, by ensuring a level of security adapted to the risks related to the processing and the nature of the personal data to be protected, taking into account the technological level and the cost of implementation.
However, WiseOne cannot guarantee the confidentiality or deletion of personal data made public by the User in public parts of the Service.
The Service may include links to external sites or sources. The User acknowledges that the Policy applies only to the use of the Service and does not cover in any way the information collected and/or processed on the sites or external sources whose links may appear on the Service. As a result, WiseOne cannot be responsible for the practices of these sites or external sources in the collection and processing of personal data, which are governed, where applicable, by the personal data policies specific to each of these sites or external sources.

X. Rights of the User regarding his/her personal data

The Service User has the following rights:
  • A right of access to his/her personal data and to obtain a copy of it,
  • A right to rectify his/her personal data if they are incomplete or incorrect,
  • A right of opposition to the collection and processing of such data,
In case of exercise of the right of opposition, WiseOne will stop processing the personal data, except in case of legitimate and compelling reason(s) for the processing, or to ensure the establishment, exercise or defense of its legal rights, in accordance with the applicable regulations.
  • A right to the erasure of his/her data, under the conditions and limits laid down by the regulations and resulting in particular from WiseOne's legal and contractual obligation,
  • A right to limit the collection and processing of his/her data,
  • A right to the portability of his/her data, namely the right to receive his/her personal data or to require that this data be communicated to another controller in a structured, commonly used and machine-readable format.
Natural persons may, at any time, withdraw the consent they have given in cases where WiseOne has requested such consent for the processing of their personal data. The legality of the processing based on the consent granted before its withdrawal will not be affected.

These rights can be exercised by contacting WiseOne, the company that collected the personal data, as follows

By mail, by writing to us at the following address:
11 Rempart Saint-Thiébault - Centre d'Affaires Synergie SA, METZ 57000
By e-mail: [email protected]

WiseOne will send a reply within 1 month of exercising the right. In some cases, related to the complexity of the application or the number of applications, this period may be extended by 2 months.

Output data after user death:
The user may formulate guidelines for the retention, erasure and communication of his personal data after his death in accordance with Article 40-1 of Law 78-17 of 6 January 1978.
These guidelines may be general or specific.
The user can formulate his advance instructions by email [email protected] or by mail at 11 Rempart Saint-Thiébault - Centre d'Affaires Synergie SA, METZ 57000.

XI. Cookies and other tracers

When using the Service, information relating to the navigation of the User's terminal may be stored or consulted in cookie files installed on the User's terminal, subject to the choices that the User has expressed regarding cookies and that the User may modify at any time.
The policy on cookies and other tracers can be found on the WiseOne's Website.

XI. Profiling activities

For operational purposes and in order to provide its users with the best possible Services, WiseOne may use profiling and automated decision making. The profiling mechanism involves a series of automated processes using personal data, with the following objectives:
  • Search for and identify the common characteristics of individuals likely to be interested in a specific new or existing product or service provided by WiseOne;
  • Search for and identify a relatively homogeneous group of users in terms of products and services used or acquired in order to better understand the needs of users and customize its commercial offer.

XIII. Contact and complaints

For any request concerning the processing of his data, the user can send a request by email to [email protected] or by mail to the following address 11 Rempart Saint-Thiébault - Centre d'Affaires Synergie SA, METZ 57000..

Claims

In the absence of a response or if the user is not satisfied with the response provided, he can file a complaint with the CNIL: https://www.cnil.fr/fr/plaintes or by mail: National Commission for Informatics and Liberties- 3 place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07.