Privacy Policy

Data collection – use of cookies – consent

To access Deepki’s resources and services, Users provide personal data such as, in particular, their e-mail address, name, address and telephone number. Similarly, when a registered User logs in to the Site, his or her IP address is recorded.

In addition, when a User visits the Site, a cookie may be automatically installed on his browser software. A cookie is a block of data that does not allow Users to be identified but is used to record information relating to their browsing on the Site. The parameters of the browser software make it possible to inform of the presence of a cookie and possibly to refuse it in the manner described at the following address: https://www.cnil.fr/

Personal information concerning the Users of the site is confidential.
Deepki SAS (company registered with the Paris Trade and Companies Register under the number RCS 804 763 670, a simplified joint stock company with a share capital of €27,642.84 Head Office: 28, Boulevard de Rochechouart, 75018 Paris) is responsible for processing the data collected within the meaning of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. For more information about Deepki, please consult our legal notice.

The use of the site and/or the filling in of the forms for access to Deepki resources by the User implies express and unreserved consent to the processing of their personal data under the conditions set out herein, Users having the right to withdraw their consent at a later date.

Data protection officer

Jean-Phillipe CARUANA: privacy@deepki.com

Purposes of data processing

The data collected by Deepki during the use of the site and access to the resources are processed in order to allow access to the resources distributed on the site, the identification of Users, the improvement of services, and the distribution of editorial content as well as commercial prospecting and recruitment operations.

Data recipients

Deepki only uses the data collected from its Users for its own purposes.

Within the company, the departments authorized to access this information are the sales and marketing departments.

However, the data may be transmitted to technical service providers (subcontractors) that Deepki may call upon to optimise the site and services, in particular, and without limitation, for hosting the site in shared server infrastructures, or for the use of technical solutions for the distribution of its content.

Where applicable, personal information concerning Users may be accessible to the service provider, within the strict framework of the service provided, Deepki undertakes that its service providers and subcontractors will comply with the provisions of Regulation (EU) 2016/679 of 27 April 2016 and will not make any use of the data other than to carry out the technical services necessary to enable the use of the Services.

In particular, Deepki uses the services described below:

Service  Purpose
Plezi Allows you to automate marketing actions, manage the publication of content and publish forms.
Salesforce Provides customer relationship management solutions.
Google Analytics Allows you to analyse the audience of our website via statistics.

Export of data outside the EU

No export is made outside the EU, the data remains in France.

Retention period

When our visitors explicitly provide us with contact information to download a resource or request to be contacted, we collect personal data. The personal data collected by Deepki when accessing its resources is kept for a maximum period of 36 months from the date of their collection, in order to continue to inform Users of the evolution of our services and the availability of new content.

Cookies installed when browsing the site automatically expire at the end of 12 months without having consulted the site.

Collection security

Deepki undertakes to ensure the confidentiality of the data collected, and to implement all appropriate technical and organizational measures to preserve their security and integrity, in particular against accidental loss, alteration, dissemination or unauthorized access.

Generally speaking, Deepki undertakes to use the data collected in strict compliance with the legislation in force, and in particular with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, known as the General Data Protection Regulation.

In this capacity Deepki is committed, among other things :
– Not to use the data for purposes other than those specified herein;
– Not to disclose the data to third parties, whether private or public, natural or legal persons, outside the above-mentioned technical service providers;
– To inform Users of any breach or security breach that has direct or indirect consequences on the data and/or that may result in the accidental disclosure or unauthorized access to data.

User rights

In accordance with the French Data Protection Act of 6 January 1978 and Regulation (EU) 2016/679 of 27 April 2016, Users have an individual right of access, rectification, deletion, limitation, opposition and portability of data concerning them.

These rights may be exercised by sending a written request to the following e-mail address: PRIVACY@DEEPKI.COM

In accordance with the law of 6 January 1978, known as the “Data Protection Act”, each visitor to our site has the following rights:

File access right

You can ask the person in charge of the file if he/she holds information about you and to communicate it to you.

Right of rectification

You can have any inaccurate or incomplete data corrected. You must send a letter to the administration or the private organization that holds the information.

The controller of the file must prove that he has carried out the necessary operations by replying as quickly as possible, and within 1 month at the most. You can request a free copy of the modified data.

Failure to reply within 1 month means that your application is rejected.

This period is suspended in the following 2 cases:

  • Additional information is requested.
  • You are informed that the response time will be 2 months depending on the complexity or number of requests to be processed.

During the extension of the time limit for the examination of your application, you may request that the use of your data be frozen. For example, while waiting to find out if your data needs to be corrected, the organization must de-publish it.

Right of opposition

You may object to being included in a file for reasons relating to your particular situation.

The person in charge of the file must reply to you within a maximum of 1 month following receipt of your request. Failure to reply within 1 month means that your application is rejected.

This period is suspended in the following 2 cases:

  • Additional information is requested.
  • You are informed that the response time will be 2 months depending on the complexity or number of requests to be processed.

During the extension of the time limit for the examination of your application, you may request that the use of your data be frozen. For example, until they know whether there is a legitimate reason to keep your photo, the organization must de-publish it.

The controller of the file may refuse your request if he/she proves that he/she has legitimate and compelling reasons to continue processing your data.

A mail generator is available on the CNIL website.

Right to be erased / forgotten

The right to erasure (right to forget) allows you to ask the person in charge of a file to delete information if it infringes your privacy.

However, this right does not apply to files necessary to fulfil the following purposes:

  • Exercise of the right to freedom of expression and information
  • To enforce a legal obligation or to carry out a mission in the public interest
  • Public interest grounds in the health field
  • Archiving in the public interest, scientific or historical research
  • Finding, exercising or defending rights in legal proceedings

A mail generator is available on the CNIL website.

The right to issue guidelines on the fate of personal data after death

The new Article 40-1 of the French Data Protection Act allows individuals to give instructions regarding the storage, deletion and communication of their data after their death.

A person may be designated to carry out these instructions. In such a case, the data subject is entitled, when the person has died, to acquaint himself/herself with the guidelines and to request their implementation from the data controllers concerned.

These guidelines are:

  • general, when they relate to all data relating to an individual;
  • or specific, where these directives concern only certain specific data processing operations.

When these directives are general and relate to all the deceased’s data, it may be entrusted to a trusted third party certified by the CNIL.

In the case of special instructions, it may also be entrusted to data controllers (social networks, online messaging) in the event of death. They are subject to the specific consent of the data subject and cannot be the result of the data subject’s approval of the general conditions of use.

In the absence of instructions given by the person during his or her lifetime, the heirs will be able to exercise certain rights, in particular:

  • the right of access, if it is necessary for the settlement of the deceased’s estate;
  • the right to oppose the closure of the deceased’s User accounts and to object to the processing of their data.

Users also have the right to lodge complaints with the CNIL concerning the exercise of the aforementioned rights.