Privacy Policy

When you use the application ClipDrop (hereinafter the « Application »), we may collect your personal data.
This privacy policy describes how we process your personal data.

1. Data Controller

Init ML, Simplified joint stock company
RCS Bobigny n°885 384 289
Head Office: 211 RUE ETIENNE MARCEL 93100 MONTREUIL
(hereinafter: « Us » or "we")

2. What is the purpose of the data collected?

Your personal data is processed to meet one or several of the following purposes:

To provide you with our services
To store your photos on our cloud for service improvement purposes
To follow up with our customers
To constitute a record of customers and prospects
To answer your information requests
To send newsletters, requests and promotional advertisements
To build up our statistics
To manage unpaid invoices and possible disputes related to the use of our services
To respect our legal and regulatory requirements

3. What is the legal basis for the processing?

The performance of the contract you have entered into with us
Our legitimate interest in developing and promoting our business
To comply with our legal and regulatory obligations

4. What personal data do we collect?

The word "personal data" refers to any data that enables a person to be identified.
We may collect the following data:

Identification data (e.g. name, surname, email, phone number)
Browsing data (e.g. IP address, logs)
Economic and financial data (e.g. bank details)
Photos taken by using the Application

Mandatory data are indicated when you provide us with your data. They are necessary to provide you with our services.

If you choose to sign in using a third-party authentication service (e.g. Google or Facebook), some data such as your name and your email can be collected by this service. By choosing this option, you agree that the said service provides us with these data.

Our team
Our processors: web hosting provider, cloud provider, background removal tool
Our partner: Stripe who provides us with e-payments and carry out their own processing, as described in their privacy policy
If applicable: monitoring services (i.e. auditors), public authorities, exclusively to comply with our legal obligations, court officials, ministerial officers and other authorities in charge of debt collection.

6. How long are your data retained?

Data collected in order to provide our services, to follow up with customers and to prospect to current customers:

Retention throughout the duration of the commercial relationship and 3 years beyond

Data collected for prospecting purposes:

3 years from data collection or from the last contact with the prospect

Data required for evidentiary purposes:

Retention throughout the duration of the statutory limitation period (generally 5 years)

Photos stored on our cloud (free mode):

30 days

Photos stored on our cloud (full access):

Retention throughout the duration of the commercial relationship

Invoices:

10 years

Credit card data:

Retention pending the completion of the transaction
Retention in intermediate archives during a 13-months period after the transaction for evidentiary purposes (15 months in case of a deferred debit card)
If you have given your consent: retention throughout the duration of use of services in consideration of subsequent payments.

When you exercise your rights:

If we ask for a proof of identity: we only retain it pending the verification of your identity.
If you exercise your right of opposition to receive prospection: we retain this information during a 3-years period.

7. Are your data likely to be transferred outside the European Union?

Your data are hosted by the servers of Google Cloud Platform, USA.

They may be transferred outside the European Union while managing our tools and our relationships with our processors (see article 5 "With who do we share your data?").

This transfer is secured by the following safeguards:

Either these data are transferred to a country that has been deemed to offer an adequate level of protection by a decision of the European Commission;
Or we have entered into a specific contract with our subcontractors related to the transfer of your data outside the European Union, based on standard contractual clauses between a data controller and a data processor approved by the European Commission.

8. What rights do you have over your data?

You have the following rights with regard to your personal data:

Right to be informed: This is precisely why we have drafted this privacy policy.
Right of access: You have the right to access all your personal data at any time.
Right of rectification: You have the right to rectify your inaccurate, incomplete or obsolete personal data at any time.
Right to restriction of processing: You have the right to restrict the processing of your personal data in certain cases stated in art.18 of the GDPR.
Right to erasure (‘right to be forgotten’): You have the right to demand that your personal data be deleted and to prohibit any future collection.
Right to file a complaint to a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a breach of applicable regulations.
Right to define instructions related to the retention, deletion and communication of your personal data after your death.
Right to data portability: You have the right to receive the personal data you have provided us in a standard machine-readable format and to require their transfer to the recipient of your choice.
Right to object: You have the right to object to the processing of your personal data. Please note however that we may continue to process your personal data despite this opposition for legitimate reasons or for the defense of legal claims.

You can exercise these rights by writing us using the contact details below. We may ask you on this occasion to provide us with additional information or documents to prove your identity.

9. Contact information for data privacy matters

Contact email: privacy@clipdrop.co
Contact address: 211 RUE ETIENNE MARCEL 93100 MONTREUIL

10. Updates

Our privacy policy can be updated at any time. Updates will be effective at the date of entry into force of the updated version. Please refer back regularly to the latest version of our privacy policy.

Entry into force: October 17th 2020