Privacy Policy for wassa.io

Definition of Terms Used in the Privacy Policy

Subsequently referred to as:

  • “Personal Data”: Defined as “any information relating to an identified or identifiable natural person, directly or indirectly, by reference to an identification number or one or more factors specific to them,” in accordance with the French Data Protection Act of January 6, 1978.
  • “Site” or “Service”: The wassa.io website and all of its pages.
  • “Publisher” or “We”: The company WASSA, or the legal or natural person responsible for the Site’s publication and content.
  • “User” or “You”: The internet user visiting and using the Services of the Site.

Article 1 – Introduction and Purpose of This Privacy Policy

This policy aims to inform you of the commitments of the Site in respecting your privacy and protecting the Personal Data concerning you, which may be collected and processed when you use the Service.

It is important that you read this Privacy Policy so that you are aware of the reasons why we use your data and how we do so.

Please note that this Privacy Policy may be amended or supplemented at any time, particularly to comply with any legislative, regulatory, jurisprudential, or technological developments. The date of the update will be clearly indicated, if applicable. These changes will take effect as soon as they are posted online, and we recommend that you review this Privacy Policy regularly to remain informed of any modifications. You will also find a description of your rights concerning privacy protection and how the law protects you. If you have any questions about this Privacy Policy or if you wish to exercise your rights as described in Article 10 of this Privacy Policy, please contact us by email at: privacy@wassa.io, or by postal mail at: WASSA, 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE.

Article 2 – Data Collected on the Site

The data collected and subsequently processed by the Site are those that you voluntarily provide by filling in the various forms on the Site. Your IP address (the identification number assigned to your computer on the Internet) is collected automatically. You are informed that the Service may employ an automatic tracking process (Cookie), which you can disable by modifying the relevant settings in your internet browser, as explained in the Site’s general conditions. Generally, you can visit wassa.io without providing any personal information about yourself. In all cases, you are under no obligation to transmit such information. However, if you refuse, you might not be able to access certain information or services.

We also collect, use, and share aggregated data such as statistical or demographic data, for any purpose. Aggregated data may come from your personal information but is not considered personal data under the law, as it does not reveal your identity directly. For example, we may aggregate your usage data to calculate the percentage of users who access a particular feature of the Site.

To provide better content and services, the wassa.io website uses the GOOGLE ANALYTICS analytics service. The information concerning you to which MATOMO ANALYTICS has access does not include any personal data about you. We do not collect data known as “sensitive data.”

To provide optimized navigation on the Site, wassa.io uses the HOTJAR analytics service. The information concerning you to which HOTJAR has access does not include any personal data about you. We do not collect data known as “sensitive data.”

The contact details of Site Users who register on it will be stored in compliance with the provisions of the French Data Protection Act of January 6, 1978. Pursuant to this law, you have the right to access, withdraw, modify, or correct the data you have provided. To do this, simply submit a request to privacy@wassa.io or by mail to WASSA, 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE. The collection of Users’ Personal Data by the Publisher does not require a declaration to the French data protection authority (Commission Nationale de l’Informatique et des Libertés – CNIL).

Article 3 – Identity of the Data Controller

The Data Controller is WASSA, whose registered office is located at: 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE.

Article 4 – Purpose of the Collected Data

Data identified as mandatory in the Site’s forms are necessary to benefit from the corresponding Site features and, more specifically, the operations on the content offered within it. The Site may collect and process the data of its Users for the following purposes:

  • To gather information that enables us to improve our site, our products, and our services (notably through the use of cookies).
  • To contact you regarding your professional projects and job applications.

Article 5 – Recipients and Use of the Collected Data

The data we collect are processed for the Service’s needs. You may receive email communications from our Service. You can request to stop receiving these emails by contacting us at privacy@wassa.io or by mail at WASSA, 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE.

Only WASSA is the recipient of your personal information. It is never shared with third parties, except for third parties and subcontractors that WASSA uses. Neither WASSA nor its subcontractors sell the personal data of visitors and users of its Site. Your personal data may be shared with the parties listed below for the purposes set out in this Privacy Policy. We require all third parties to ensure the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your data for their own purposes.

Article 6 – Legal Basis for Data Processing

In accordance with the General Data Protection Regulation (GDPR), WASSA only processes personal data in the following situations:

  • With your consent;
  • Where there is a contract between WASSA and you;
  • To comply with a legal obligation (under European or national legislation).

Article 7 – Data Security

You are informed that your data may be disclosed pursuant to a law, regulation, or by decision of a competent regulatory or judicial authority, or, if necessary, for the Publisher to protect its rights and interests. We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, altered, disclosed, or accessed without authorization. Moreover, access to your personal data is subject to a defined and documented security procedure.

Article 8 – Data Retention Period

Data is stored by the website’s hosting provider, whose details appear in the Site’s legal notices, and is kept for the time strictly necessary to achieve the purposes mentioned above, which shall not exceed 36 months. Beyond that period, it will be retained exclusively for statistical purposes and will not be exploited in any way.

Article 9 – Authorized Service Providers and Transfer Outside the European Union

WASSA informs you that it uses authorized service providers to facilitate the collection and processing of the data you have provided. These providers are located solely within the European Union. WASSA has first ensured that its providers implement adequate safeguards and strict conditions regarding confidentiality, usage, and data protection. These providers are also subject to the GDPR.

Article 10 – Data Protection Rights

In accordance with data protection legislation, you have the following rights, which you can exercise as indicated in Article 1 of this Privacy Policy by writing to the postal address at the beginning (WASSA, 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE) or emailing privacy@wassa.io:

  1. Right to Information: We have an obligation to inform you of how we use your personal data (as described in this Privacy Policy).
  2. Right of Access: You have the right to request access to data about you in order to receive a copy of the personal data we hold. However, due to WASSA’s security and confidentiality obligations in processing personal data, you are informed that your request will be processed subject to proof of your identity, particularly through a valid ID scan or a photocopy.
  3. Right to Rectification: You can request that we correct any incomplete or inaccurate personal data we hold about you. Under this right, the law allows you to request the rectification, updating, blocking, or erasure of any data about you that may be inaccurate, erroneous, incomplete, or obsolete.
  4. Right to Erasure (the “Right to be Forgotten”): In certain cases, you can ask us to delete the personal data we have about you (unless a compelling legal reason obliges us to keep it).
  5. Right to Restrict Processing: You have the right, in some situations, to ask us to suspend processing of your personal data.
  6. Right to Data Portability: You have the right to request a copy of your personal data in a standard format (e.g., a .csv file).
  7. Right to Object: You have the right to object to the processing of your personal data (e.g., by prohibiting us from processing your data for direct marketing purposes). However, you can only exercise this right in one of the following two situations: (a) when the exercise of this right is based on legitimate grounds or (b) when the exercise of this right aims to prevent the data collected from being used for commercial prospecting purposes.

Contact us if you wish to exercise any of these rights by emailing privacy@wassa.io or by mail at WASSA, 5 rue de l’église, 92100 Boulogne-Billancourt, FRANCE.

You will not have to pay any fee to access your personal data (or to exercise any other right). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive. In such a case, we may also refuse to comply with your request.

WASSA reserves the right, where appropriate, to object to manifestly abusive requests due to their repetitive or systematic nature or their number. We may require specific information from you to confirm your identity and ensure your right of access to your personal data (or to exercise any other right). This is a security measure to ensure that personal data is not shared with someone who does not have the right to receive it. We may also contact you for more information regarding your request, in order to respond more quickly.

We try to respond to all legitimate requests within one month. This one-month time frame may be exceeded if your request is particularly complex or if you have made multiple requests. In this case, we will notify you and keep you informed.