Privacy Policy 🤓
1. INTRODUCTION
As part of using the services provided to Users via its application, the company Shared SAS processes information concerning you.
This Privacy Policy informs you of how we collect and process your personal data. We invite you to read it carefully.
Important
We only use your personal data in cases provided for by the applicable regulations, and we are committed to respecting the provisions of the European Regulation 20116/679 of April 27, 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (GDPR). Thus, the use of your personal data is guided by the following two principles:
- Your consent to the use of your data;
- The existence of a legitimate interest in using your data.
For any questions related to this document, you can contact the Data Protection Officer of Shared SAS.
2. WHO IS RESPONSIBLE FOR THE PROCESSING MENTIONED IN THIS DOCUMENT?
The entity responsible for the processing mentioned in this document is the company Shared, a SAS with a capital of €260,000, headquartered at 7 allée Cérès, 67200 Strasbourg, registered with the Lyon Trade and Companies Register under number 981938988, represented by Denislav NIKOLOV in his capacity as President.
The Data Protection Officer is Mr. Denislav NIKOLOV.
3. WHAT DATA DO WE COLLECT ABOUT YOU AND UNDER WHAT CIRCUMSTANCES DO WE COLLECT IT?
3.1. The data you provide directly to us
During the various interactions we have with you, you may be required to provide us with information about yourself. This information is collected, in particular, when subscribing to a subscription, creating an account on our websites and applications, ordering in our online stores, or accessing any other offer or service.
This data includes notably:
- Last name, first name, title, date of birth;
- Email address, phone number;
- Username and encrypted password used to log in to our application;
- Contacts from your phone book (only those you choose to share with your Shared Circle in the app);
- Any other information you wish to bring to our attention.
3.2. The data we collect during our business relationship
The data we collect during our business relationship with you includes the following:
- Information related to the history of your business relationship with Shared SAS: subscriptions taken, product and service orders, billing and payment if applicable;
- Requests you have made to our customer service or incidents you have reported to us, for example, regarding the execution of our services.
3.3. The data we collect automatically
During each of your visits to our application, we collect information related to your connection and browsing. Various technologies may be implemented to collect this data. The main one is the cookie.
– Data collected through cookies
A cookie is a text file placed during the consultation of a site, an application, or an online advertisement, and stored in a specific space on your computer's or mobile device's hard drive. Cookies are managed by your Internet browser, and only the issuer of a cookie can decide on reading or modifying the information contained therein.
A cookie has a limited validity period. Its placement and storage on your device are done in compliance with applicable legislation and subject to the choices you have made, which you can change at any time, under the conditions specified in article 9 below.
A cookie does not identify you personally. It allows its issuer to recognize your device and collect a certain amount of information related to the navigation carried out from this device.
Cookies have several functions, such as enabling you to navigate efficiently on a site or application, remember your choices, the goods and services you wish to purchase, offer you relevant advertising content based on your interests expressed during your navigation. You will find more information on cookies on the following sites:
The cookies placed by Shared SAS, subject to your choices, give us access to the following information, in particular:
- Identifiers of the equipment you use (IP address of your computer, Android ID, Apple ID, etc.),
- Type of operating system used by your device (Microsoft Windows, Apple OS, Linux, Unix, BeOS, etc.),
- Type and version of the browser software used by your device (Microsoft Internet Explorer, Apple Safari, Mozilla Firefox, Google Chrome, etc.),
- Dates and times of access to our services,
- Address of the referring web page (referrer),
- Navigation data on our services, viewed content.
– Data collected by standard Internet technologies
We may also use standard Internet technologies, such as scripts, pixels, and redirects. Scripts (sometimes called tags), written in javascript, are programs that run in your browser and perform various actions, such as sending information to our servers. Scripts can also create pixels. Pixels (sometimes called transparent GIFs, clear GIFs, or Web-bugs) are lines of code that enable a graphic image (usually invisible) to be displayed on a web page or in an email. Redirects allow a Web page to be made available under several page addresses (URLs). When a browser opens a redirect URL, a page with a different URL is opened.
The purpose of these technologies is to improve your experience on our websites and applications, including providing you with personalized content according to your interests. For example, when a user clicks on a share button for an article, a script creates a pixel that counts the share. This way, we can know the total number of shares for an article, and we can rank the most shared articles.
These technologies give us access to the following information, in particular:
- Information related to your use of our application;
- Information related to the presence of cookies on your device, on the time and date of consultation of a page, and a description of the page where the web tag is located;
- Information on whether or not you have read the emails we send you, the clicks you make on the links contained in these emails.
Our application may also include scripts, pixels, and redirects from third parties. These technologies enable third-party service providers to collect specific information such as your browser type and the webpage that referred you to our websites. These third-party service providers process the information they collect for the purposes of auditing, research, and reporting on our websites and applications, and on the advertisements viewed on them. We do not share your identification data with these third parties in connection with their use of these technologies.
– Data provided by third-party software and service providers
On the Shared app, we use UXCam, which is an analytics solution. UXCam may record: visited screens, types of interaction (such as on-screen actions, gestures: taps, scrolls), and device details (type, version, model, operating system). We use the information collected by UXCam to improve our application.
UXCam stores and processes this information on our behalf and may contain personally identifiable information, although we proactively remove them where possible.
For more information, consult UXCam's privacy policy.
– Data provided by mobile devices
Some mobile devices, depending on the features you have enabled (for example: “Push” or “Geolocation”) when downloading one of our applications, send information including: your phone's model, version of its operating system, type of connectivity, name and version of the application used.
This data, necessary for the proper functioning of the mobile applications we publish, are processed automatically by our servers and those of some of our partners (Google Analytics in this case) to provide you with a service and advertisements tailored to the technical characteristics of your device and measuring the audience of our application.
Moreover, if you have accepted this feature when downloading our application, we can identify the physical location of your device (geolocation), notably to inform you about content or offers we think match your expectations or interests or to improve your experience on our mobile applications. In accordance with applicable law, geolocation features may be disabled at any time in your device's system settings.
3.4. Data relating to minors
In principle, our products and services are intended for adults capable of entering into contractual obligations.
The minor user must obtain the consent of their legal guardian before providing any personal data concerning them.
An online user under 18 years old may use our services, but opening a User Account and using the associated services will only be possible upon express invitation from one of their parents.
3.5. Data concerning a third party
Before offering a third party the use of our application, you must ensure that the person concerned agrees that their personal data, particularly their postal details, are communicated to us.
3.6. Exclusion of any sensitive data
Shared SAS does not collect any sensitive data concerning you. Sensitive data is considered to include: racial or ethnic origin, political opinions, religious or philosophical beliefs, union membership, data related to health or sexual orientation. However, the use of our services, particularly the use of calendars, enables Users to display religious events. Shared SAS undertakes not to use this data.
4. FOR WHAT PURPOSES DO WE USE YOUR DATA?
This article indicates the main purposes for which we use the data mentioned in Article 3.
4.1. Operations necessary for the provision of products or services
- Taking into account your subscription to a contract for our application ;
- Processing your order of products or services and fulfillment of this order ;
- Managing subscriptions to our newsletters and/or email alerts ;
- Billing ; collecting payments ;
- Managing deliveries and tracking orders ;
- Customer relations : providing a customer service accessible by mail, phone, email, or chat-like instant messaging, for any questions or complaints ;
- Conducting satisfaction surveys ;
- Sending information about changes or developments in our services ;
- Managing unpaid bills and disputes ;
- Managing the exercise of your rights over your personal data, under the conditions provided for in Article 9 ;
- Verifying compliance with applicable legislation, our contracts, and terms of use.
4.2. Marketing and commercial prospecting operations related to the publications, products, and services of Shared SAS
- Sending marketing, advertising, and promotional offers related to our products and services by postal mail, inserts, email, mobile notifications, on social networks or any other medium ;
- Loyalty or personalized commercial prospecting actions ;
- Organizing competitions or other promotional activities ;
- Collecting customer feedback ;
- Developing commercial statistics.
4.3. Operations related to commercial partnerships
- Sending marketing, advertising, and promotional messages related to partner products and services by postal mail, inserts, emails, mobile notifications, on social networks or any other medium ;
- Organizing competitions or other promotional or event activities with commercial partners.
4.4. Purposes associated with placing cookies on your browser
- Functionality and optimization of navigation on our application
- Adapting the presentation of our sites and applications to your terminal's display preferences (language used, display resolution, operating system, etc.) during your visits, according to the hardware and software your terminal contains ;
- Remembering information related to a form you filled out on our site (registration or access to your account) or to products, services, or information you selected on our site (service subscribed, content viewed, purchase made, etc.) ;
- Automatic connection to reserved or personal areas of our site, such as your account, thanks to identifiers or data you previously provided to us ;
- Providing social media sharing tools ;
- Managing our platforms and carrying out internal technical operations as part of troubleshooting, data analysis, testing, research, analysis, studies, and surveys ;
- Implementing security measures ;
- Quality measures to ensure the display of our content is suitable for your device.
4.5. Traffic and audience measurement
- Establishing statistics and volumes of traffic and use of the various components of our site (visited sections and contents, paths) to improve the relevance and ergonomics of our services ;
- Audience analysis based on advertising campaign results ;
- Determination of interests and behaviors ;
- Improving customer/user knowledge for personalization purposes.
5. HOW LONG DO WE KEEP YOUR DATA?
Your personal data is retained for a period in compliance with legal provisions or proportionate to the purposes for which they were recorded. Some retention durations meet the legitimate interest of the company Shared SAS as specified in the introduction.
The retention periods vary depending on whether we have an ongoing contractual relationship (you are an active client), whether we have had a contractual relationship with you in the past (you are an inactive client), or whether we have never had such a relationship with you (you are then a prospect). The data related to your browsing on our online services collected by cookies you have authorized have a specific retention duration.
The table below mentions the main retention durations of your data.
In any case, we regularly review the information we hold. When their retention is no longer justified by legal, commercial requirements, or linked to managing your client account, or if you have exercised a right of modification or deletion, we will securely delete them.
Type of users | Retention durations |
For users paying their subscription: | Throughout the subscription period. Upon cancellation, deletion of all documents in their space + their email and birthdate and their name are retained during the subscription period; the first name and all documents related to the proper execution of the contract for other users in the family unit. These details will be permanently deleted upon the cancellation of the last user in the unit. |
For users not paying their subscription: | Throughout the subscription period. Deletion of all their information upon cancellation. (if the unit has a parent) The first name and all documents related to the proper execution of the contract for the other parent are retained for the entire duration of the contract execution. These details will be permanently deleted upon the cancellation of the last parent in the family unit. |
For all users: | Data generated by cookies is retained for 13 months |
6. WHO IS LIKELY TO HAVE ACCESS TO THE DATA WE COLLECT?
6.1. Data Access within the Shared SAS Company
The following may have access to some of your data:
- Employees from the subscriptions, customer relations, administrative, accounting
and management control, IT and marketing & commercial departments.
Access to your data is based on individual and limited access authorizations. The personnel who can access personal data are bound by a confidentiality obligation (through a nominal and personal confidentiality commitment).
6.2. Data Transmission
The following may have access to some of your data:
– Subcontractors
They perform services on our behalf, including:
- Management of your subscription;
- Online payment security and fraud prevention;
- Management of phone calls, sending postal or digital mail;
- Personalization of website and mobile app content;
- Execution of maintenance operations and technical developments
- Collection of customer reviews;
- Provision of analytical or audience measurement statistics solutions;
- Our subcontractors' access to your data is based on signed contracts mentioning their obligations regarding data security and confidentiality protection.
– Police, judicial, or administrative authorities
When we have the legal obligation to do so or to ensure the rights, property, and safety of the Shared SAS company.
7. ARE YOUR DATA TRANSFERRED OUTSIDE THE EUROPEAN UNION?
We store your personal data exclusively within the European Union.
8. HOW ARE YOUR DATA PROTECTED?
As a data controller, we implement appropriate technical and organizational measures in accordance with applicable legal provisions to protect your personal data against alteration, accidental or unlawful loss, unauthorized use, disclosure, or access, including:
- Appointment of a Data Protection Officer;
- Raising awareness among our employees about the confidentiality requirements related to accessing your personal data;
- Securing access to our premises and IT platforms;
- Implementing a general IT security policy for the company;
- Securing the access, sharing, and transfer of data;
- High standards of data protection when selecting our subcontractors and partners.
9. WHAT ARE YOUR RIGHTS?
9.1. Your rights regarding access to your personal data
You have the right to access your personal data and to request that it be corrected, completed, or updated. You can also request the deletion of your data or oppose its processing, provided you have a legitimate reason.
You can request to exercise your right to data portability, which is the right to receive the personal data you have provided us in a structured, commonly used format and the right to transfer this data to another data controller.
You can also set guidelines regarding the retention, deletion, and communication of your personal data after your death.
You can exercise your rights with the Data Protection Officer of Shared SAS: 7 allée Cérès, 67200 Strasbourg or by email at: [email protected]
Before responding to your request, we may verify your identity and/or ask you to provide us with more information to comply with your request. We will strive to respond to your request in a reasonable timeframe, and in any case, within the legal deadlines.
If you are not satisfied with our response, you can file a complaint with the French Data Protection Authority (CNIL): https://www.cnil.fr/fr/plaintes
9.2. Your rights regarding opposition to commercial solicitations
We may use your contact information for commercial solicitations, in compliance with applicable law and the terms of this privacy policy. You can object to these solicitations at any time, following the procedures based on the communication channel used to reach you.
– Electronic commercial solicitations (email and SMS) :
We comply with the rules of article L.34-5 of the French Postal and Electronic Communications Code, which requires obtaining your prior and express consent for sending commercial prospection via electronic means (email, push notifications, or SMS).
Therefore, on the forms you fill out when subscribing to one of our products or services, creating an account on our application, or during any other contact with us, your consent is expressly requested:
- to receive offers from Shared SAS;
- to receive offers from partners of Shared SAS;
In all cases, you always have the option to refuse these solicitations by taking the following actions: send us a letter at Shared SAS: 7 allée Cérès, 67200 Strasbourg or an email at: [email protected]
– Commercial solicitations on mobile applications
When you first open the mobile applications of Shared SAS on your smartphone or tablet, you can allow the reception of mobile or