Cirkwi Privacy Policy

This section details the privacy policy of CIRCUITS SAS (hereinafter, the 'Company') regarding your personal data from websites, widgets, applications, APIs, or modules (hereinafter, the 'Service') published by the Company, in accordance with the General Data Protection Regulation which took effect on 05/25/2018 across Europe. It is an opportunity for the Company to demonstrate greater transparency regarding the data it collects and its use, in order to strengthen trust for any person (hereinafter, the 'User').

When the User uses the Service, they entrust certain personal data. This privacy policy is designed to help the User understand what data the Company collects, why it collects it, and what it does with it.

1. Rights Granted to the User by the GDPR

European data protection rules grant the User the following rights, among others:

To exercise any of these rights, the User may contact the Company at any time using the contact methods described in the 'Company Contact Methods' section of these T&Cs.

2. Description of Personal Data Collected

2.1 Types of Data Collected

The personal data that the Company collects from Users include, but are not limited to:

The Company may also collect and process data on how the User uses the Services, views the Contents, and other related activities.

In the context of registration and login using a third-party service, such as Google OAuth (Google LLC) or Facebook Login (Facebook, Inc.), the Service may collect personal data from the third-party service, including the User's email address (or phone number) and their names and surnames. It is noted that the use of a third-party service for registration or login is subject to the terms of use of the third party. Furthermore, registration or login using a third-party service results from a freely given choice by the User, in that the use of a third-party service is not the default method for registration or login and is only provided for convenience.

2.2 Cookies and Other Locally Stored Data

The Service may collect and store data (including personal data) on the User's device, using mechanisms such as web browser storage (cookies, local storage) and application data caches.

The Service stores in local storage or cookies:

This information is only useful for the operation of the Service and the optimization of its ergonomics; they are not recorded on the Company's servers.

The Company participates in and complies with all Specifications and Policies of the IAB Europe Transparency & Consent Framework. It uses Consent Management Platform No. 92.

2.3 Use of Background Location Data

More specifically, the User's geolocation is used to guide the User when their device is in standby or when the application operates in the background, to suggest points of interest nearby and to provide a summary of their journey (duration, average speed, etc.).

2.4 Data Used by the Company's Technological Partners

The Company collaborates with partners who may write third-party cookies that are then used by them across their services. Here is a list, which may be amended depending on the needs of the Company, while remaining compliant with this privacy policy:

3. Purpose of Processing Personal Data

The controller of the personal data of the User is the Company, whose contact details are listed in the preamble of these General Conditions of Use. The management, sales, customer service, accounting, and technical departments have access to the information in the performance of their duties, when necessary. The personal data collected from the User and processed by the Company are intended to:

4. Data Security

The Company assures the User that it recognizes the importance of providing them with a secure environment. Therefore, the Company implements precautions in line with customary practices and the state of the art to preserve the User's personal data against unauthorized access or unauthorized modification, disclosure, or destruction, in light of the nature of the data and the risks presented by the processing performed.

In particular:

5. Data Retention Period

5.1 Data Stored Directly by the Company

The Company undertakes to retain the User's personal data only for the time necessary to achieve the purposes for which they were collected and processed or, if applicable law provides for a longer storage and conservation period, for the duration prescribed by law. Personal data are then pseudonymized, anonymized, aggregated, or deleted.

5.2 Cookies and Other Locally Stored Data on the User's Devices

The Company informs the User through this privacy policy that web browsers and mobile devices allow them to limit the behaviors of locally stored data or disable them in the settings or options. The steps to do this are different for each browser, and the User can find instructions in the 'Help' menu of their browser. Through the browser or their device, the User can also view the cookies already registered, and delete them one by one or all at once. Cookies are text files so the User can open them and read their contents. The data contained within are often encrypted and correspond to a web session, so they only make sense to the Service that wrote them. If the User disables cookies, they will no longer be able to log in to their Account on the Service or use it properly.

6. Communications with the User

When the User sends an email or any other communication to the Company, it may use these communications to process the questions and respond to the User's requests. The execution of this service at the request of the User (Article 6, paragraph 1, point b) of the GDPR) constitutes the legal basis for processing these data.

At any time the User has the option to accept or refuse to receive communications from the Company, whether by mail, email, phone, or any other means they may specify. When the User agrees, in accordance with the provisions provided by the GDPR, the Company may send the User commercial or informational communications.

7. CNIL and GDPR Declaration

In accordance with the provisions of Law No. 78-17 of January 6, 1978, on Data Processing, Data Files, and Individual Liberties, amended by Law No. 2004-81 of August 6, 2004, the User is informed that the Company has made a simplified declaration to the CNIL registered under the number CAm0602969x. The Company commits to protecting all personal data of the User, which data are collected and processed by the Company with the strictest confidentiality, in accordance with the provisions of the aforementioned Law.

The Company also assures the User that any collections and processing of personal data are carried out in accordance with the 2018 General Data Protection Regulation.

8. Request for personal data deletion

In accordance with current regulations and our commitments to data protection, users have the right to request the deletion of their personal data at any time.

Users can exercise this right by following the simple procedure below:

Once the deletion is complete, you will receive a confirmation email from our team. Please note that we may ask for additional information to verify your identity before proceeding with the full deletion of your data.

Effective version – May 25, 2018 – Circuits SAS ©