Privacy policy

Last updated on 05/26/2023

Preamble

This privacy policy informs you about how Steeple uses and protects the information you may provide to us when using this website accessible from the following URL : www.steeple.com (hereinafter referred to as the "Site").

Please note that this privacy policy may be modified or supplemented at any time by Steeple, especially to comply with any legal or technological developments. In such a case, the date of the update will be clearly identified at the top of this policy. These modifications are binding on the Internet User as soon as they are published online. It is therefore advisable for the Internet User to regularly consult this privacy policy to be aware of any potential changes.

Article 1. Parties

This privacy policy is applicable between the publisher of the Site, namely Steeple, hereinafter referred to as « Steeple », and any person connecting to the Site, hereinafter referred to as the « Internet User ».

Article 2. Definitions

« Site Content » : elements of any nature published on the Site, protected or not by intellectual property rights, including but not limited to text, images, designs, presentations, videos, diagrams, structures, databases, or software.

« Internet User » : any person accessing the Site.

« Site » : the website accessible at the URL www.steeple.com, as well as sub-sites, mirror sites, portals, and related URL variations.

Article 3. Scope of application

This privacy policy applies to all Internet Users. Your mere browsing of the Site constitutes your full and unconditional acceptance thereof.

The Internet User acknowledges the evidential value of Steeple's automatic recording systems and, unless they provide evidence to the contrary, waives the right to contest them in the event of a dispute.

Acceptance of this privacy policy implies that Internet Users have the legal capacity to do so, are at least 16 years old, or, failing that, have the authorisation of a legal guardian or curator if they are incapacitated, of their legal representative if they are under 16 years old, or hold a mandate if acting on behalf of a legal entity.

Article 4. Personal data

In accordance with the General Data Protection Regulation (GDPR) adopted by the European Parliament on 14 April 2016 and the national legislation in force, Steeple provides you with the following information :

4.1 - Identity of the data controller

The party responsible for data collection and processing is Steeple, SAS, whose registered office is located at 1C rue Louis Braille 35136 Saint-Jacques-De-Lande, SIREN: 809 726 169, represented by Jean-Baptiste DE BEL AIR.

4.2 - Identity of the Data Protection Officer

The Data Protection Officer is Deshoulières Avocats Associés, located at 121 boulevard de Sébastopol 75002 Paris, tel: +33.1.77.62.82.03, rgpd@deshoulieres-avocats.com, www.deshoulieres-avocats.com.

4.3 - Data collection by Steeple

4.3.1 - Data collected

4.3.1.1 - Data collected during browsing

While browsing the Site, you consent to Steeple collecting information related to :

Your usage of the Site ;
The content you view and click on ;
Your device and software environment ;
Your geographic location ;
Trackers, web beacons, web storage, unique advertising identifiers ;
Your connection data (timestamps, pages viewed, IP address).

4.3.1.2 - Data collected when using the contact form

The use of the contact form by the Internet User entails Steeple collecting the following personal data :

Last name ;
First name ;
Telephone number ;
Name of the company or organisation in which the Internet User works ;
City in which the company or organisation is located
E-mail address.

4.3.1.3 - Data collected when using the account creation form

The use of the account creation form by the Internet User entails Steeple collecting the following personal data :

Last name ;
First name ;
E-mail address.

4.3.1.4 - Data collected when using the newsletter form

The use of the newsletter form by the Internet User entails Steeple collecting the following personal data :

Last name ;
First name ;
E-mail address.

4.3.2 - Purposes of collecting personal data

The data collected during browsing is subject to automated processing for the following purposes :

Develop, operate, improve, provide and manage the Site ;
Send information and contact people, including by e-mail, telephone and push notification ;
Contextualise and improve the Internet User's experience ;
Target advertising content ;
To ensure compliance with the terms of use for the Site.

The data collected when using the contact form is subject to automated processing for the following purposes :

Verify the Internet User's identity ;
Communicate with the Internet User ;
Send the Internet User a comprehensive response.

The data collected when using the account creation form is subject to automated processing for the following purposes :

Registering individuals ;
To provide the Steeple service.

The data collected when using the newsletter form is subject to automated processing for the following purposes :

Send a newsletter.

4.3.3 - Legal basis for processing

The legal basis for the data collected during browsing is Steeple's legitimate interest in analysing behaviour on the Site and improving the security and operation of the Site. With regard to data resulting from the installation of certain cookies, Internet users are invited to refer to Steeple's cookies policy.

The legal basis for data collected when using the contact form is the consent of the persons concerned.

The legal basis for data collected when using the account creation form is the consent of the persons concerned.

The legal basis for data collected when using the newsletter form is the consent of the persons concerned.

4.3.4 - Internal recipients of data

The collected data can only be accessed by members of Steeple's management team and by personnel responsible for website management, and are never made freely viewable by any third party individual.

4.3.5 - Retention period for personal data

Personal data collected during browsing is kept for a reasonable duration necessary for the proper administration of the Site, up to a maximum of 26 months, or until the consent of the individuals concerned is withdrawn.

The personal data collected when using the contact form is kept for a reasonable period necessary for the proper management of the Internet User's request, and for a maximum of 12 months.

The personal data collected when using the account creation form is kept for the duration of the Internet user's registration.

The personal data collected when using the newsletter form is kept until the Internet User unsubscribes from this newsletter.

At the end of each of these periods, Steeple will archive this data and retain it for the time during which it may be held liable.

Once these retention periods have expired, Steeple commits to permanently delete the data of the individuals concerned.

4.3.6 - Security and confidentiality of personal data

Personal data is stored in secure conditions, using state-of-the-art technology, in compliance with the General Data Protection Regulation and the national legislation in force.

4.3.7 - Minimisation of personal data

Steeple may also collect and process any data voluntarily transmitted by an Internet User, in particular when sending an e-mail to the contact address.

Steeple guides Internet Users as much as possible when they provide unnecessary or superfluous personal data.

Steeple commits to retaining and processing only data strictly necessary for its activities and will promptly delete any received data that is not useful.

4.4 - Respecting your rights

You have the following rights concerning your personal data, which you can exercise by writing to us at our postal address or by sending an email to the following address: gdpr@steeple.com.

4.4.1 - Right to information, access and communication of data

You have the right to access your personal data.

Due to the obligation of security and confidentiality in the processing of personal data imposed on Steeple, your request will only be processed if you provide proof of your identity, notably by submitting a scan of your valid identity document (in the case of an email request) or a signed photocopy of your valid identity document (in the case of a written request), both accompanied by the statement « "I certify on my honour that the copy of this identity document is a true copy of the original. Done at ... on ..., », followed by your signature.

For help in your request, please consult the following CNIL webpage here.

4.4.2 - Right of rectification and erasure of data, right to be forgotten

You have the right to request the rectification, updating, blocking or erasure of any of your personal data that may be inaccurate, incorrect, incomplete or obsolete.

You may also define general and specific directives relating to the fate of personal data after your death. Where applicable, the heirs of a deceased person may request that the death of their relative be taken into account and/or that the necessary updates be made.

For help in your request, please consult the following CNIL webpage here.

4.4.3 - Right to object to data processing

You have the right to object to the processing of your personal data.

To do so, please send an email to the following address: gdpr@steeple.com. In this e-mail, you will have to specify the data you wish to have deleted as well as the reasons justifying this request, except in the case of commercial prospecting.

4.4.4 - Right to data portability

You have the right to receive the personal data you have provided to us in a transferable, open and readable format.

4.4.5 - Right to restriction of processing

You have the right to request that the processing of your personal data by Steeple be restricted. Consequently, your data can only be stored and no longer used by Steeple.

4.4.6 - Withdrawal of consent

Your consent is essential for the processing of your data by Steeple. However, you may withdraw your consent at any time. This withdrawal will lead to the deletion of your personal data.

Services requiring the processing of your data by Steeple will, however, no longer be accessible.

4.4.7 - Response times

Steeple commits to responding to your request for access, rectification, objection, or any additional request for information within a reasonable timeframe, not exceeding 1 month from the receipt of your request.

4.4.8 - Complaints to the competent authority

If you consider that Steeple is not complying with its obligations with regard to your personal information, you may submit a complaint or a request to the competent authority. In France, the competent authority is the Cnil, to which you can submit a request. For that purpose, we invite you to contact the Cnil's helpline for legal information here.

4.5 - Transfer of collected data

4.5.1 - Transfer to partners

Steeple informs you that we use authorised service providers to facilitate the collection and processing of the data you have communicated to us. These service providers may be located outside the European Union and have access to the data collected on the Site.

Steeple has previously ensured that its service providers have implemented adequate guarantees and comply with strict conditions in terms of confidentiality, use and data protection.

The Internet User consents to the data collected being transmitted by Steeple to its partners and being processed by these partners in the context of third-party services, namely :

Directory of subcontractors
Partner	Destination country	Processing carried out	Guarantees
Google Analytics	USA	Compilation of commercial statistics to generate reports on Internet users' interactions.	https://policies.google.com/privacy?hl=fr
Google Adwords	USA	Service that enables advertisers to purchase advertisements or banner ads	https://policies.google.com/privacy?hl=fr
Google Drive	USA	Data hosting	https://policies.google.com/privacy?hl=fr
Gmail	UE, USA	E-mail delivery service	https://policies.google.com/privacy?hl=fr#infosharing
Hubspot	UE, USA	Website hosting	https://legal.hubspot.com/fr/hubspot-regional-data-hosting-policy
Modjo	France	Service for connecting telephony, communication, and CRM tools	https://www.modjo.ai/legals/rgpd-commitments
Linkedin	USA	Managing people's opinions on products, services or content	https://fr.linkedin.com/legal/privacy-policy?
Facebook	UE, USA	Managing people's opinions on products, services or content	https://www.facebook.com/privacy/policy
Twitter	USA et Irlande	Managing people's opinions on products, services or content	https://twitter.com/fr/privacy
Instagram	EU, USA	Managing people's opinions on products, services or content	https://privacycenter.instagram.com/policy
Youtube	USA	Managing people's opinions on products, services or content	https://www.youtube.com/t/termsdataprocessing

4.5.2 - Transfer on requisition or court order

The Internet User also consents to Steeple disclosing the data collected to any person, at the request of a state authority or by court order.

4.5.3 - Transfer in the context of a merger or acquisition

If Steeple is involved in a merger, a sale of assets, a financing operation, a liquidation or bankruptcy or in an acquisition of all or part of its business by another company, the Internet User consents to the data collected being transferred by Steeple to that company, and for that company to carry out the processing of personal data outlined in this privacy policy

Article 5. Intellectual property

5.1 - Legal protection of Site Content

The Site Content may be protected by copyright and database rights. Any representation, reproduction, translation, adaptation or transformation, in whole or in part, carried out illegally and without the consent of Steeple or its successors in title or assigns constitutes a violation of Books I and III of the French Intellectual Property Code (Code de la propriété intellectuelle) and may give rise to legal proceedings for infringement.

5.2 - Contractual protection of Site Content

The Internet User commits contractually to Steeple not to use, reproduce, or represent, in any manner whatsoever, the Site Content, whether or not protected by intellectual property rights, for any purpose other than their reading by a robot or browser. This prohibition does not apply to indexing robots whose sole purpose is to scan the Site's content for indexing purposes.

Article 6. Final Provisions

6.1 - Amendments

This Privacy Policy may be amended at any time by Steeple. The conditions applicable to the Internet User are those in effect at the time of their connection to the Site, with any subsequent connection to the Site implying acceptance, as applicable, of the new conditions.

6.2 - Entirety of agreement

The nullity of one of the clauses of this contract shall not entail the nullity of the other clauses of the contract or of the contract as a whole, which shall retain their full effect and scope. In such a case, the parties shall, as far as possible, replace the invalidated provision with a valid provision corresponding to the spirit and purpose of the present contract.

6.3 - Non-Waiver

The failure of Steeple to exercise the rights recognized herein shall not be construed as a waiver of the exercise of such rights.

6.4 - Language

These terms and conditions are provided in French.

6.5 - Unfair terms

The provisions of these terms and conditions apply subject to compliance with the mandatory provisions of the French Consumer Code (Code de la consommation) concerning unfair terms in contracts concluded between a professional and a consumer.

Article 7. Litigation

7.1 - Applicable law

This Privacy Policy is subject to French law and European regulations, in particular the European Data Protection Regulation.

7.2 - Litigation

In accordance with French Order no. 2015-1033 of 20 August 2015, any dispute arising in connection with the performance of these general terms and conditions and which cannot be resolved amicably between the parties shall be submitted to an approved mediator.

7.3 - Arbitration

Any dispute arising out of or in connection with this contract shall be settled by arbitration in accordance with the FastArbitre rules of the Digital Institute of Arbitration and Mediation.