Legal
15
 minutes read

Privacy Policy

Published on
February 8, 2024
Secure Storage Locker and Mobile Device, Ensuring Privacy Protection
TABLE OF CONTENT
Get started with the best discussion tool
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Applicable to customers, prospects and internet users

1. Definition and nature of personal data

Logora ("We"), in the context of its activity of providing services for the management of contributions from internet users on press publishers' websites, is required to process Personal Data of its press publishers (the "Customers"), prospects (the "Prospects") and internet users who visit its website www.logora.com (the "Site") (together, the "Data Subjects" or "You").

We are committed to processing your Personal Data in accordance with the applicable regulations, namely Regulation (EU) 2016/679 of April 27, 2016 (the "GDPR") and the French Data Protection Act of January 6, 1978 in its updated version (the "DPL") (together, the "GDPR Regulation").

Terms beginning with a capital letter, such as "Personal Data", "Processing", "Data Subjects", "Data Controller", "Processor", "Recipient", "Data Breach", without this list being exhaustive, have the meaning given to them by the GDPR Regulation.

In particular, the terms "Personal Data" or "Data" refer to all data that can identify an individual, which includes your name, first name, postal and email addresses, telephone numbers, name of the company to which you belong, without this list being exhaustive.

2. Object of this Policy

This privacy policy (the "Policy") is intended to inform you of the characteristics of the Processing we carry out from your Personal Data, ii) to present the guarantees we undertake in terms of confidentiality and security and (iii) to present the rights you are entitled to with respect to your Data and how you can exercise them.

3. Identity of the data controller

The data controller for the Personal Data of Customers, Prospects and Internet users is LOGORA, SAS, registered in the Paris Trade and Companies Register under number 850171695, with its head office at 31 avenue Théophile Gautier, 75016 Paris.

The Processing of the Data of the users of the debate platforms that we make available to our Customers is carried out by us as a Processor, knowing that our Customers act as Data Controllers. These Processings are not therefore treated in this Policy.

4. Collected data

Your Personal Data is collected:

  • Either directly from you, for example when you contact us by phone, email or via the contact form on the Site or when you create an account on the administrator area accessible from the Site,
  • Indirectly when you browse the Site through cookies, log-in logs and other tracking and logging devices.

We may process the following Data about you:

  • Identity (name, first name),
  • Contact details (telephone number, email address, billing postal address),
  • Professional data (parent company, functions, job title, mission)
  • Technical data (IP address, logs, tokens, acceptance data)

5. Purposes and legal basis for Processing

Your Personal Data is collected in order to meet one or more of the following purposes:

  • Managing our relationships with our Customers and in particular the negotiation, execution and follow-up of the contracts that bind us and our exchanges,
  • Managing your access to our online services and in particular to the administrator area,
  • Managing our relationships with our Prospects, responding to their contact requests, sending them newsletters, solicitations and promotional messages and managing requests to opt out of receiving further solicitations,
  • Managing our Site and producing commercial and attendance statistics for the Site for the purpose of improving our services,
  • Managing invoicing for our Customers and our tax and accounting obligations (invoicing, payment management and accounting entries),
  • Managing unpaid accounts and any potential disputes concerning the use of our services.

We inform you, when collecting your Personal Data, if certain data must be provided or if they are optional.

We also indicate what the possible consequences of a lack of response are.

The Processing we carry out is based on one or more of the following legal bases:

  • The execution of a contract binding us to our Customers or the execution of pre-contractual measures taken at the request of Prospects;
  • Compliance with our legal obligations;
  • Our legitimate interest or the legitimate interest of our Customers, Prospects or Internet users, which we systematically strive to balance with your rights and freedoms.

6. Recipients of the collected data

We may disclose your Personal Data to authorized and subject to an appropriate obligation of confidentiality, which may be internal or external depending on the case.

Internal recipients are all members of our staff whose duties, functions and missions justify that they process your Personal Data for the sole purposes provided for in this Privacy Policy and within the framework of appropriate technical and organizational measures for protection and security detailed below.

External Recipients are on the other hand:

  • Any service providers or Subcontractors to whom we may be required to resort and who may process some of your Data in the course of their duties, such as our hosting provider;
  • Entities responsible for the advice, audit and financial control of Logora (accountants, auditors, lawyers, etc.);
  • Administrative or judicial authorities in the course of their duties; In the event of a fundraising, acquisition or sale of our activity or assets by any means including sale of the company carrying out this activity or owning these assets, the potential buyer (s) and their counsel (s) in the course of an audit prior to the transaction. In the event of acquisition by a third party, your Data will be part of the assets transferred and will be processed by the acquirer who will act as the new Data Controller under its own privacy policy.

7. Data retention period for personal data

We retain your Personal Data for a determined and proportionate period to the aforementioned Processing purposes, knowing that at the end of the retention periods, your Data is either deleted or anonymized for statistical purposes, the deletion and anonymization operations being irreversible operations that make it impossible to restore the data later.

We use the following retention periods:

  • Data processed for the management of contractual relations with Customers: duration of the contractual relationships in active base and 5 years in intermediate base;
  • Data processed for commercial prospecting of Customers: 3 years from the last contact with the Customer (e.g. request for documentation or click on a hyperlink contained in an email);
  • Data processed for the management of Prospect relations: 3 years from their collection or from the last contact from the Prospect (eg request for documentation or click on a hyperlink contained in an email);
  • Management of opposition lists to the receipt of prospecting messages: 3 years from the exercise of the right of opposition;
  • Management of the Site and technical data: 6 months from their collection;
  • Management of invoicing: 10 years from the closure of the financial year;
  • Administration of any potential litigation: for the duration of the dispute and until (i) signature of the transactional agreement (pre-litigation) or (ii) exhaustion of the recourse (litigation).

8. Security

We inform you to take all necessary precautions, appropriate organizational and technical measures to protect the security, integrity and confidentiality of your Personal Data and in particular, to prevent them from being distorted, damaged or accessed by unauthorized third parties. We will also use or may use secure payment systems in accordance with the state of the art and applicable regulations.

Among these measures are:

  • Management of authorizations and restrictions of access rights to Data,
  • The use of secure identification processes,
  • The use of proven pseudonymization and anonymization techniques,
  • The implementation of backup measures,
  • The implementation of encryption and encryption measures (private keys),
  • The implementation of traceability measures.

We carry out regular monitoring of our systems to detect any vulnerability or security incident and we regularly review our data processing practices in order to update the security measures implemented to protect and secure your data if necessary.

When we use subcontractors, i.e. service providers to whom we have delegated all or part of a Processing and who process your Personal Data in accordance with our instructions, we undertake to contractually impose on them similar security guarantees as those we put in place to protect your Personal Data and we reserve the right to audit them to ensure compliance with their obligations.

In the event of a Data Breach, we undertake to notify the CNIL in the conditions prescribed by the GDPR and, if such breach poses a high risk to you, to notify you and to provide you with the necessary information and recommendations if necessary.

9. Cookie

Cookies are text files, often encrypted, stored in your browser. They are created when a user's browser loads a given website: the site sends information to the browser, which then creates a text file. Each time the user returns to the same site, the browser retrieves this file and sends it to the website's server.

Two types of cookies can be distinguished, which do not have the same purposes: technical cookies and advertising cookies:

Technical cookies are used throughout your browsing experience to facilitate it and perform certain functions. For example, a technical cookie can be used to remember the responses entered in a form or the user's preferences regarding the language or presentation of a website, when such options are available.

Advertising cookies can be created not only by the website on which the user is browsing, but also by other websites displaying ads, announcements, widgets or other elements on the displayed page. These cookies may be used, in particular, to display targeted advertising, i.e. advertising determined according to the user's browsing.

We use technical cookies. These are stored in your browser for a period not exceeding two years.

We do not use advertising cookies. However, if we were to use them in the future, we would inform you beforehand and you would have the option to disable these cookies if necessary.

We remind you that it is possible to refuse the deposit of cookies by configuring your browser. Such a refusal could, however, prevent the proper functioning of the site.

10. Rights on your Personal Data

In accordance with the GDPR Regulation, you have the following rights over your Personal Data:

  • The right to ask us to confirm whether Data concerning you is being processed, to obtain information on the characteristics of such processing, to access such Data and to request a copy thereof (right of access);
  • The right to rectify or complete any Data concerning you that is inaccurate or obsolete (right of rectification);
  • The right to withdraw your consent at any time provided that the processing concerned is based exclusively on this legal basis (right to withdraw consent);
  • The right to object to the processing of your Personal Data for reasons relating to your particular situation and to obtain their erasure, in which case we will comply with this request unless the processing is justified by legitimate and compelling reasons (right to object for legitimate reasons and right to erasure);
  • The right to obtain temporary limitation of processing in the event of a request for rectification or objection for legitimate reasons, during the time we analyze your request, which means in practice that the Personal Data is retained but we cannot process it (right to limitation);
  • The right to portability of Data, i.e. the right to obtain from us the restitution of Personal Data that you have communicated to us in a commonly used format, provided that the processing is automated and based on consent or the performance of a contract;
  • The right to formulate directives concerning the processing of your Data after your death and to ask us to keep, delete or communicate your Data to a specifically designated third party, it being specified that as soon as we are aware of your death and in the absence of instructions from you, we undertake to destroy your Personal Data, unless its retention is necessary for evidential purposes or to comply with a legal obligation (post-mortem right).

When you wish to exercise one of the aforementioned rights or for any other question relating to the processing of your Data, you can contact us by e-mail at the address: contact@logora.fr or by postal mail at the address: 31 avenue Théophile Gautier, 75016 Paris.

The request to exercise rights must come exclusively from you (unless a mandate is given to a third party in due form) and be as clear and comprehensive as possible in order to enable us to respond to it as quickly as possible, between one and three months depending on its level of complexity.

We may ask you to complete your request if it is not sufficiently precise, if the right you wish to exercise is not easily identifiable or if we are unable to establish your identity, in which case we may ask you to provide additional information, including proof of identity, which we will delete once your identity is verified.

In addition, we will not be required to respond to your request if it is manifestly unfounded or excessive, and in particular if you make repetitive requests that have the effect of destabilizing our activities.

11. Transfers outside the European Union

In certain circumstances, particularly when some of the Subcontractors we use are located abroad, your Personal Data may be transferred outside the European Economic Area ("EEA").

Any transfer of Personal Data outside the EEA, in particular to a country for which there is no adequacy decision from the European Commission, is made with appropriate safeguards, including contractual safeguards, in accordance with GDPR Regulation.

You may obtain a copy of the appropriate safeguards by contacting us at the address listed in Article 10.


12. Modifications

We reserve the right, in our sole discretion, to modify this Policy at any time, in whole or in part, to take into account legal, regulatory and/or jurisprudential developments, changes in the characteristics of processing, or the implementation of a new processing. These modifications will come into effect upon online publication of the new Policy.

13. Sharing, Transfer, and Disclosure of Google User Data

As part of our new moderation service, Logora offers clients the ability to connect their social media accounts (including Instagram, Facebook, and YouTube) to our system for content management and moderation. We access content shared through these platforms to hide or reject messages deemed toxic based on predefined criteria.

Acknowledgment of YouTube Terms of Service

By connecting their YouTube accounts to Logora, users agree to be bound by YouTube's Terms of Service. This agreement is a prerequisite for using any Logora features involving YouTube API Services.

Use of YouTube API Services

Logora uses YouTube API Services to enable moderation functions for connected YouTube accounts. For more information about how YouTube and Google handle data, please refer to the Google Privacy Policy.

Data Collection, Processing, and Sharing

  1. Data Collection and Use:
    • Logora accesses content shared via YouTube accounts solely to perform moderation tasks, such as identifying and managing toxic messages based on predefined criteria.
    • No data is collected, stored, or processed for purposes other than those explicitly described in this policy.
  2. Data Sharing:
    • Subcontracting Partners: Certain service providers or subcontractors may process data on behalf of Logora for hosting, security, or related functions. All such parties adhere to strict confidentiality and security obligations.
    • Legal Disclosure: Data may be disclosed to legal authorities if required by law or in response to valid legal processes.
  3. Data Transfer:
    • Data may be transferred outside the European Economic Area (EEA) in compliance with GDPR standards, safeguarded by mechanisms such as standard contractual clauses.
  4. Third-Party Services:
    • If third-party content, such as advertisements, is served through Logora, or if cookies or similar technologies are employed, users will be notified, and this will be disclosed in our policy.

User Rights and Revoking Access

Users have the right to revoke Logora's access to their YouTube data at any time. This can be done by visiting the Google security settings page: https://security.google.com/settings/security/permissions.

Contact Information

For questions, concerns, or requests regarding data privacy or the use of YouTube API Services, users can contact Logora at:

  • Email: contact@logora.fr
  • Address: 31 avenue Théophile Gautier, 75016 Paris

Important References

14. Entry into force

This policy came into effect on 08/11/2024.