Updated on March the 31th 2023
This Privacy Policy is addressed to you, as a user of the MAPIK application (hereinafter the "Application"). It is written to describe and inform you of the processing that may be performed.
The Application is published by APIK, whose information is available in the "Legal Notice" tab ("We").
We are committed to protecting your privacy and the confidentiality of your personal data.
This Policy allows Us to specify who controls and manages the personal data collected via the application and our services, as well as the personal information collected, the purposes and methods of processing, and the extent of data transfers. Similarly, the Policy specifies the security measures We implement to protect your data, and tells you about all of your rights with respect to your personal data, in accordance with European Union regulations.
APIK is the data controller of personal data collected on our app and services in accordance with applicable data privacy laws and regulations including Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 known as the "General Data Protection Regulation" and Law No. 78-17 of 6 January 1978 known as the "Loi informatique et libertés" as amended (together referred to as the "GDPR"). If you have any questions about the Personal Data Policy, please feel free to contact us:
-
By email: privacy@api-k.com
-
By post: 48 av du lac du Bourget – BP416 - 73370 LE BOURGET DU LAC
1. What personal data do we process, on what legal basis are these processes based, what are the purposes they serve and for how long are the data kept?
-
MAPIK identification data: this includes your contact information required to create your online customer account, including your first name(s), last name(s), email address, telephone number, user ID and password.
-
Trusted Third Party Identification Data: this includes your contact information required for our business relationship and in particular to create your online customer account, including your first name(s), last name(s), email address, phone number, user ID and password.
-
MAPIK location data: this includes your geolocation data.
-
Communication Data: this includes your preferences for receiving marketing or advertising from us.
-
Profile Data: This includes your interests, preferences, testimonials, opinions and responses to any surveys.
| Purpose(s) | Processed data | Legal basis | Shelf life in active data base |
|---|---|---|---|
| Creation and management of your customer account | Data of the account creator (MAPIK or trusted third party) |
Execution of a contract | Until you request deletion of the account or no later than 3 years after your last contact with us |
| Profile data | |||
| Running the geolocation service of the MAPIK app | Identification data of the MAPIK user. Location data of the MAPIK user |
Execution of a contract | Location data from a past activity will be retained for 14 days, unless the data is subject to a law enforcement request. Location data from an ongoing activity will be retained until the activity is completed. |
| To answer and solve your requests | Identification data of the MAPIK user. Location data of the MAPIK user |
Execution of a contract | Until your application or request is closed |
| For marketing purposes | Identification data of the MAPIK user. Location data of the MAPIK user Profil Data Communication Data |
Your consent | Until you withdraw your consent or at the latest 3 years after your last contact with us |
| To manage our relationship with you | Identification data of the MAPIK user. |
Our legitimate interest | Until you request deletion of the account or no later than 3 years after your last contact with us |
| Profil data | |||
| To ensure that you can exercise your rights (as listed below) | Identification data of the MAPIK user. |
Legal obligation | Until you request deletion of the account or no later than 3 years after your last contact with us |
| To assert and defend the rights of the data controller or third parties before the judicial authorities | Identification data of the MAPIK user. MAPIK user location data Communication data |
Our legitimate interest | Until the end of the legal prescription period - Article L110.4 of the Commercial Code |
Only the authorized and specified persons mentioned below will have access to your data:
-
APIK's authorized personnel,
-
APIK's subcontractors, a list of whom can be communicated to you on request at the following address: privacy@api-k.com
-
the host of the MAPIK Application. If you wish to learn more about their data protection policy, please click on the following link: https://privacy.microsoft.com/fr-fr/privacy
-
Courts, mediators, accountants, auditors, lawyers, bailiffs, debt collection companies,
Your data will not be communicated, exchanged, sold or rented to any other person than those mentioned above.
In accordance with the French Data Protection Act, as well as the RGPD, you have the right to obtain the communication and, if necessary, the rectification or the deletion of the data concerning you, by addressing you to
-
e-mail address: privacy@api-k.com
-
postal address: 48 av du lac du Bourget BP 416 73370 Le BOURGET DU LAC
-
You may also exercise your right to withdraw your consent at any time, for data that have been collected and are processed on the basis of this legal basis.
You have the possibility to oppose, for legitimate reasons, to be included in a file, and can refuse without having to justify yourself, that the data concerning you be used for commercial prospecting.
In addition, you have the possibility of objecting at any time, for reasons relating to your particular situation, to the processing listed in Article 21 of the GDPR.
You have a right to the portability of the personal data you have provided to us, understood as the data you have actively and consciously declared in the context of accessing and using our application and services, as well as the data generated by your activity in the context of using our application and services. We remind you that this right relates only to data collected and processed on the legal basis of consent or the execution of the contract binding us.
This right can be exercised free of charge, at any time, and in particular when closing your account on our application and services, by contacting us at the addresses mentioned in Article 4.1.
In this context, we will send you your personal data, by any means deemed useful, in a standard open format commonly used and readable by machine, in accordance with the state of the art.
You are reminded that you also have the right to limit the processing of your personal data, understood as a freeze on the use of your data. You have the right to obtain the limitation of the processing of your personal data, in the following cases:
-
During the period of verification that we implement, when you dispute the accuracy of your personal data ;
-
When the processing of this data is unlawful, and you wish to limit this processing rather than delete your data;
-
When we no longer need your personal data, but you wish to retain it to exercise your rights; and
-
During the legitimate grounds verification period, when you have objected to the processing of your personal data.
You can exercise this right by contacting Us at the addresses mentioned in Article 4.1.
You are reminded that you have the right not to be the subject of a fully automated decision that would produce a legal effect or affect you in substantially similar conditions, unless you have given Us your express consent, if such processing is necessary for the conclusion or performance of a contract, or if it is authorized by specific legal provisions.
In any case, We must inform you if such a fully automated decision has been taken against you and you may:
-
Request to know the logic and criteria used to make that decision,
-
Challenge the decision and express your views,
-
Request the intervention of a human being who can review the decision, by contacting Us at the addresses mentioned in Article 4.1.
You are also informed that you have the right to lodge a complaint with a competent supervisory authority (the Commission Nationale Informatique et Libertés for France), in the Member State in which you are normally resident, where you work or where the violation of your rights would have been committed, if you consider that the processing of your personal data which is the subject of this Policy constitutes a violation of the applicable laws.
This recourse may be exercised without prejudice to any other recourse before an administrative or judicial court. Indeed, you also have the right to an effective administrative or judicial remedy if you consider that the processing of your personal data, which is the subject of this Policy, constitutes a violation of the applicable laws.
To learn more about your rights, you can also consult the website of the Commission Nationale de l'Informatique et des Libertés, accessible at the following address: https://cnil.fr.
We and our possible subcontractors undertake to implement all technical and organizational measures to ensure the security of our processing of personal data and the confidentiality of your data, in accordance with the Data Protection Act and the European Data Protection Regulation (RGPD) and Law No. 2018-133 of February 26, 2018 "on various provisions of adaptation to European Union law in the field of security."
In this respect, We take the necessary precautions, with regard to the nature of your data and the risks presented by their processing, to preserve the security of the data and, in particular, to prevent them from being deformed, damaged or accessed by unauthorized third parties (physical protection of the premises, authentication process for our customers with personal and secure access via confidential identifiers and passwords, logging of connections, encryption of certain data...).
We undertake to use our best efforts not to transfer your data outside the European Union.
Should we do so, we confirm that measures to control such transfer(s) will be taken to ensure the confidentiality and integrity of your data.
We reserve the right, at our sole discretion, to change this Policy, in whole or in part, at any time.
Such changes will be effective upon posting of the new Privacy Policy.
Except for material change(s) requiring your express consent, your use of our application and services following the effective date of such changes will constitute your acknowledgement and acceptance of the new privacy policy. If you do not agree with the new privacy policy, you should no longer use our application and services and you will have the possibility to exercise your rights at the addresses mentioned in Article 4.1 hereof.