Cookie & Privacy Policy
Updated July 26th, 2024
1. Scope of application
Within the framework of the amended law n°78-17 of 6 January 1978 relating to information technology, files and freedoms and the regulation (EU) 2016/679 of 27 April 2016 relating to the protection of individuals with regard to the processing of personal data and to the free movement of such data, the company MINDMETRICS, a simplified joint stock company, with capital of 10. 000.00, registered with the RCS of RENNES under the number 985 350 610, having its registered office at 90 B, rue de Fougères, 35700 RENNES - France (hereinafter referred to as ‘MINDMETRICS’), has implemented a confidentiality policy regarding the processing of personal data.
This Charter (hereinafter, the ‘Charter’) applies to all platforms and internet sites managed by MINDMETRICS from : https://mindmetrics.ai/
The regulations stipulate that personal data (hereinafter referred to as ‘Personal Data’) must be processed in a lawful, fair and transparent manner. The purpose of this Charter is to provide users with simple, clear information on the processing of Personal Data that concerns them, within the framework of the use of MINDMETRICS online services.
2. Data controller
Within the framework of all of its activities, MINDMETRICS collects and uses Personal Data. For the vast majority of the processing carried out, MINDMETRICS determines the means and purposes in its capacity as data controller within the meaning of the regulations relating to Personal Data.
For any question or complaint concerning MINDMETRICS' compliance with this Charter, the person in charge of data within MINDMETRICS is there to answer it, particularly for the purposes of allowing the exercise of rights relating to Personal Data, by sending an email to the following address: privacy@mindmetrics.ai.
Subcontractor
In the context of making its platform available, MINDMETRICS may collect and use personal data on behalf of the Customer, the data controller who benefits from the Services.
For processing operations related to this activity, MINDMETRICS will act as a subcontractor. The processing operations may be the following: management of the hosting of the platform, provision of the processed information, maintenance and updating operations of these platforms, sending of operational emails, etc.
MINDMETRICS undertakes to process this data solely for the purposes that are the object of the subcontracting and in accordance with the documented instructions of the data controller.
If MINDMETRICS considers that an instruction constitutes a breach of the GDPR or any other provision of Union law or the law of the Member States relating to data protection, it will immediately inform the controller. In addition, if MINDMETRICS is required to transfer data to a third country or to an international organisation under Union law or the law of the Member State to which it is subject, it will inform the controller of this legal obligation prior to the processing, unless the relevant law prohibits such information on important grounds of public interest.
It is expressly agreed between the parties that MINDMETRICS :
Will not carry out any data processing operation unless instructed to do so by its client/processor and always under the full and exclusive responsibility of the latter;
Do everything in its power to ensure the security and confidentiality of the Personal Data entrusted to it;
Notify the customer as soon as possible of any Personal Data breaches.
Information for people/user of MINDMETRICS services
In accordance with the regulations concerning information technology and civil liberties, MINDMETRICS informs people about the processing of Personal Data that it implements.
This is why, on the occasion of each collection of Personal Data, MINDMETRICS clearly informs individuals of :
the identity and contact details of the data controller and, where applicable, of the data controller's representative;
the purposes of the processing for which the personal data is intended;
where applicable, the legitimate interests pursued by MINDMETRICS or by a third party;
the recipients or categories of recipients of personal data;
where applicable, the possible transfer of personal data to a third country;
the retention of personal data duration or the criteria used to determine this duration;
the existence of the right to request from MINDMETRICS access to personal data, the rectification or deletion thereof, or a limitation of the processing, or the right to object to the processing and the right to data portability as well as the possibility of defining the fate of his/her data after his/her death as well as the conditions for exercising these rights;
the existence of the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent given prior to withdrawal;
the source of personal data collected in the event of indirect collection;
information on whether the requirement to provide personal data is of a regulatory or contractual nature or whether it is a condition for the conclusion of a contract and whether the data subject is obliged to provide the personal data, as well as on the possible consequences of failing to provide such data.
Collected data
Within the framework of its activities and the services provided, MINDMETRICS is required to collect a certain amount of information of a nature to identify the person, the user of the services and, in particular :
Identification data (last name, first name, professional contact information, email address, telephone number);
Data relating to invoicing (bank details, invoicing and collection data);
Data related to the use of MINDMETRICS services (connection history, data entered by the Customer, comments, support);
Connection and browsing data, such as IP address or activity history on the Platform);
Data relating to the performance of contracts (date of conclusion and termination, account suspension, incidents relating to the performance of the contract).
Data relating to the Google Account, with the help of third-party services such as the Google API, essentially for the purpose of accessing data from the Google Ads Account, i.e. information such as conversion rate, number of impression clicks. If the Customer does not wish to allow this access, they can remove this access to MINDMETRICS by modifying the security settings of their Google Ads account.
MINDMETRICS ensures that the collection of this Personal Information is relevant, adequate, not excessive and strictly necessary for its activities. When certain information is essential to benefit from MINDMETRICS services, an asterisk indicates this. If this information is not provided, MINDMETRICS will not be able to offer the services concerned.
Purpose, legal basis and duration
Personal Data is collected and processed for specific purposes and on different legal grounds.
6.1 In the context of the use of the MINDMETRICS Services, MINDMETRICS processes Personal Data in its capacity as data controller:
Recipient of Personal Data processed by MINDMETRICS
The recipients of the Personal Data processed by MINDMETRICS are the departments concerned of MINDMETRICS, its personnel and IT subcontractors, as well as third party partners who provide services within the framework of the use of MINDMETRICS services within the strict limit of what is necessary to achieve the purposes described above.
MINDMETRICS may also be required, for certain processing purposes, to share certain Personal Data with service providers that it uses to perform a series of operations and tasks on its behalf (hosting service providers, mailing service providers, analytics service providers, etc.).
However, this sharing of data is only carried out when it is necessary for the performance of the contract enabling the use of the services. Furthermore, partners are only given the information they need to provide the service. They are also asked not to use the data for purposes other than those initially intended. MINDMETRICS makes every effort to ensure that these third parties preserve the confidentiality and security of Personal Data.
Finally, Personal Data may also be transmitted to legal or regulatory authorities by MINDMETRICS in order to comply with its legal obligations.
MINDMETRICS does not market the Personal Data collected within the framework of the use of its services.
Transfer of personal data
MINDMETRICS stores Personal Data on French territory, or at least within the European Economic Area (EEA). If Personal Data collected during the use of services is transferred to other countries, located outside of the European Union, MINDMETRICS guarantees that the transfer is made :
Either to a country that ensures an adequate level of protection, i.e. a level of protection equivalent to what European regulations require;
Or that it is governed by standard contractual clauses;
Or is governed by internal company rules.
Data preservation
MINDMETRICS keeps the Personal Data processed in the context of the operation of its services only for the time necessary for the operations for which they were collected and in compliance with the regulations in force. The retention periods may vary according to the legal obligations of MINDMETRICS, in particular, depending on:
Contractual requirements;
Legal obligations;
The recommendations of the control authorities and, in particular, the CNIL.
Security of personal data
MINDMETRICS is committed to protecting the Personal Data collected or processed against loss, destruction, alteration, unauthorized access or disclosure.
Thus, MINDMETRICS implements all appropriate technical and organizational measures, according to the nature of the Personal Data and the risks that their processing entails, to preserve the security and confidentiality of said Data.
These measures may include practices such as :
limited access to Personal Data by MINDMETRICS employees by virtue of their duties (Administrator), strong authentication of users; limited access to the SSH server, protection by an SSH key;
regular reviews of practices and procedures on MINDMETRICS' information systems, implementation of a virtual server to ensure continuity of service;
physical and/or logical security measures (secure access, VPS server, authentication process, backup copies, antivirus software, firewall, etc.).
Service user rights
The user of MINDMETRICS online services has the following rights:
A right of access: the right to request access to the Personal Data held by MINDMETRICS and concerning the user, a copy of the Data collected may also be requested;
A right of rectification: to request rectification of any inaccurate data concerning the user;
A right of deletion: to request the deletion of Personal Data under certain circumstances, MINDMETRICS being able to refuse if there are legitimate and compelling reasons that prevail over the interests and rights and freedoms of the person concerned, if the data is necessary for the establishment, exercise or defence of legal claims; if a contract binds the person to MINDMETRICS, if a legal obligation requires MINDMETRICS to publish this data;
A right to portability: under certain conditions you can receive all the personal data concerning you that you have provided to us, in a structured format. You also have the right to demand that we transfer them, as far as possible, to another controller;
A right to object to processing on the grounds of legitimate interests;
A right to withdraw consent at any time;
A right to restrict processing: you have the right to restrict the processing of your data if:
o You dispute the accuracy of your data, until we verify its accuracy;
o The processing is unlawful but you do not want us to delete your data; or
o We no longer need your personal data for the purposes of the processing, but you need it in order to bring, assert or defend legal claims;
o You object to the processing on related grounds pending verification of whether our compelling legitimate grounds for continuing the processing override those interests;
If such personal data is subject to limitations of this type, we will only process your data with your consent, or for the purpose of bringing, asserting or defending against legal claims.
To exercise these rights, the user must send a letter to MINDMETRICS SAS, for the attention of the DPO, accompanied by a photocopy of an identity document bearing his/her signature, to the following postal address: 90 bis rue de Fougères 35700 Rennes - France or to the following e-mail address: privacy@mindmetrics.ai / contact@mindmetrics.ai - DPO number with the CNIL (https://www.cnil.fr): 145233
The user of MINDMETRICS online services agrees to comply with the provisions of law n°78-17 relative to information technology, files and freedoms of 6 January 1978 as amended. In particular, the user must refrain from any collection, misuse or any act likely to infringe on the privacy or reputation of individuals.
Cookies
12.1 Cookies are stored data files placed on the Internet user's terminal (computer, tablet, smartphone) when visiting a website or mobile application for the purpose of sending information to the Internet user's browser and sending it back to the original website or mobile application. For the duration of the cookie's validity, cookies enable information to be stored when a browser accesses the various pages of a website or mobile application or when the browser is redirected to this website or mobile application. Only the sender of a cookie can read or modify the information contained in it. There are different types of cookies
- session cookies, which disappear as soon as you leave the website or mobile application;
- permanent cookies, which remain on your terminal until their lifetime expires or until you delete them using the functions of your browser or the settings of the mobile application. You are informed that cookies may be installed on your terminal equipment when you visit the Platform.
12.2 The cookies used on the MINDMETRICS platforms are the following:
12.3 When users browse the platforms, cookies are deposited and read in order to analyse browsing on the platform and measure the audience. Platform users have the option of objecting to the placement of these cookies by changing the settings in one of two ways:
I. by setting your browser to accept or refuse cookies prior to your browsing or by regularly deleting them from your terminal (computer, tablet, smartphone) via the browser, in the case of the glinko.fr website. By way of example:
Internet Explorer™ : https://support.microsoft.com/fr-fr/help/17442/windows-internet-explorer-delete-manage-cookies ;
Safari™ : https://support.apple.com/fr-fr/guide/safari/sfri11471/mac ;
Chrome™: https://support.google.com/chrome/answer/95647?hl=fr&hlrm=en ;
Opera™ : https://help.opera.com/en/latest/web-preferences/#cookies.
To find out more about how to configure your browsers, please visit the website of the Commission nationale de l'informatique et des libertés: https://www.cnil.fr/fr/cookies-les-outils-pour-les-maitriser.
II. by clicking on the secure padlock displayed on the request bar https://glinko.fr and then clicking on ‘cookies’.
III. by configuring the website to accept or refuse cookies before you start browsing or by regularly deleting them from your terminal (computer, tablet, smartphone). However, by configuring your browser to refuse cookies, certain functions - including security functions - will not be accessible or will no longer be accessible, for which MINDMETRICS cannot be held responsible.
Applicable law
This charter is governed by French law.
Modifications
MINDMETRICS reserves the right to modify the content of this Privacy Policy at any time and without prior notice. The user is invited to consult them regularly.