<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=709369395893864&amp;ev=PageView&amp;noscript=1">

Privacy Policy

 

 

Version of : 22/04/2020

 

PERSONAL DATA

 

1. Definitions

 

Client: means the company which has signed a contract with SIMUNDIA in order to allow one or more of its employees to register on the Site in order to benefit from a defined number of Sessions.

Personal data: means any information relating to a natural person who may be identified, directly or indirectly, such as, but not limited to, a name, postal address, email address, telephone number, IP address, etc.

Expert(s): means the psychologist, health professional or coach, using the Site to offer Users support services in psychology and/or coaching.

Data subjects: means the natural persons whose Personal Data are collected by SIMUNDIA within the framework of operation of the Site, in accordance with this policy.

Sessions: means the support service provided to the User by the Expert on the Site.

Site: means the app.simundia.com platform and the  www.simundia.com platform

Third-party employee: means an employee of the Client (HR, manager, colleague) from whom the User requests an opinion (feedback) on his training course.

User(s): means the natural person registered on the Site wishing to access the Sessions.

 

2. Identity of the data controller

 

The data controller is SIMUNDIA SAS, whose registered office is at 15, rue Ancelle, 92200 Neuilly-sur-Seine, registered with the RCS of Nanterre under number 827 580 242 (hereafter designated as “SIMUNDIA”).

SIMUNDIA operates the www.simundia.com and https://app.simundia.com/ platforms. The Site connects Users who wish to benefit from a training course with Experts.

SIMUNDIA attaches particular importance to respect for the privacy of Data Subjects and the confidentiality of their Personal Data. Thus, SIMUNDIA agrees to process data in compliance with applicable laws and regulations and, in particular, law no. 78-17 of 6 January 1978 relative to information systems, files and freedoms, modified by law 2018-493 of 20 June 2018, and Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereafter collectively referred to as “the Regulations”). 

This privacy policy, put in place by SIMUNDIA, is intended to provide the aforementioned Data Subjects with summary and general information on the processing of Personal Data concerning them done by SIMUNDIA through the Site.

 

2. Personal data

 

The term “personal data” refers to any information relating to a natural person who may be identified, directly or indirectly, such as, but not limited to, a name, postal address, email address, telephone number, IP address, etc.

 

3. Personal Data collected by SIMUNDIA

 

3.1 Data sent by the Client

When a Client establishes a contract with SIMUNDIA for the purpose of allowing one or more of its employees or agents to benefit from a defined number of Sessions, it sends SIMUNDIA, under its responsibility, the email addresses of the concerned employees.

SIMUNDIA will also collect the email address from the Client of employees authorized to access the area reserved for the Client on the Site. The Client has consented to use of this Personal Data in connection with the contract binding it to SIMUNDIA.

 

3.2 Data sent by the User

When the User opens an account on the Site, SIMUNDIA collects his last name, first name, email, telephone number, the topic for which he wishes to benefit from support, the context of the request and its objective. The User can also choose to send a photo (optional field).

Later, during a telephone interview between the User and SIMUNDIA, the User may provide additional information making it possible to define a suitable training course and improve their experience with SIMUNDIA.

Once the training course is completed, the User can optionally complete a roadmap including 3 open questions on what has changed for him, what he agrees to put in place as well as tools and reading that he may come to use later.

 

SIMUNDIA keeps, under the conditions defined below, all of the aforementioned data relative to the User and his training course.

SIMUNDIA also keeps the history of the Sessions followed by the User.

However, SIMUNDIA does not collect any Personal Data relative to the content of the Sessions followed by the User with the Experts. SIMUNDIA and the Client have no knowledge of the content of the Sessions and have no right of access to the Sessions provided by the Expert to the User in order to strictly respect the principle of confidentiality.

The only information that SIMUNDIA may request about the Sessions is of a purely technical nature (proper functioning of the Site for example), or relative to the conditions for conducting the Session (number of Sessions attended, mode of communication chosen by the parties, possible delay or cancellation of a Session, for example).

No medical data on the User is collected on the Site.

 

3.3 Data sent by Users to Third-Party employees

The User may, optionally, when creating his account on the Site, request an opinion (feedback) from a Third-party employee. The User then sends SIMUNDIA the last name, first name, email address, professional relationship (manager, HR, colleague) of the Third-party Employee concerned as well as an additional message, if necessary.

The feedback request will contain 3 free fields on what the User must continue (advantage), stop or start doing (area of progress) within the framework of his professional activities.

SIMUNDIA sends the request for feedback to the Third-party employee by email.

The Third-party employee may:

(i) return the feedback request, duly completed, by logging into the Site and accepting the Site's "Personal Data" policy or

(ii) request, by return email to SIMUNDIA, the deletion of his personal data.

If the Third-party employee fails to return the request for feedback within 15 days, the Personal Data of the Third-party employee will be deleted by SIMUNDIA.

Following the return from the Third-party Employee, SIMUNDIA will keep the data of the Third-party Employee and the completed feedback request under the conditions indicated below.

 

3.4 Data sent by Experts

When the Expert registers on the Site and opens his account, SIMUNDIA collects his last name, first name, email address, telephone number, diplomas and qualifications, experience and professional background on the Site.

 

3.5 Messaging

On the Site, SIMUNDIA provides the User and the Expert with a messaging system allowing them to exchange information on the organization of the Sessions, with each other or with SIMUNDIA.

This messaging is exclusively intended to improve the organization of Sessions (postponement, cancellation, etc.) or to share resources (sending of documentation). Within the framework of management of the Site, SIMUNDIA will have access to this messaging.

This messaging is not intended to be used by the User and the Expert to exchange individual information on the content of the Sessions.

 

4. Personal Data of Users managed by third-party services

 

4.1 Within the framework of use of the Site, and in order to collect additional information on the User, the User may be invited to answer questionnaires via the Typeform service. The User is not obliged to answer these questionnaires.

The answers provided by the User in the context of these questionnaires are processed by an external Typeform service. Answers to this questionnaire are optional. If the User answers this impact questionnaire, he consents to his Personal Data being collected when the questionnaire is processed in accordance with Typeform general conditions.

 

4.2 Using the Crisp chat service, the User may ask questions to receive help with his browsing. As part of this service, Crisp uses cookies installed on the Site to collect data on the User. If the User uses the Crisp chat service, he consents to the collection and processing of his Personal Data in accordance with Crisp's terms and conditions.

 

4.3 The User is informed and approves that his Personal Data collected by the aforementioned third-party services will be accessible to SIMUNDIA within the framework of management of the User on the Site.

Within the framework of this data processing, the User will be in direct contact with the third-party services concerned. In this case, the User must refer to the legal notices, the terms and conditions of use and the data protection policies available at the addresses https://admin.typeform.com/to/dwk6gt and crisp.chat/en/privacy/. For any problems or questions related to use of these services and/or compliance with the Regulations by these services, the User can contact the Site at contact@simundia.com.

 

5. The purposes of the processing done by SIMUNDIA

 

Processing done on the legal basis of execution of the contractual obligations of SIMUNDIA and management of the customer relationship:

SIMUNDIA collects and processes the Personal Data of Data Subjects in order to be able to provide the best possible conditions for putting Users in touch with Experts. These data are processed in particular for:

  • Selecting professional and experienced Experts,
  • Collecting feedback on the User from a third-party employee to adapt the training course of the User,
  • Offering the User an Expert suited to their needs,
  • Putting the User in touch with the selected Expert,
  • Allowing the User to book online on the Sessions Site,
  • Providing the User and the Expert with dedicated messaging system,
  • Managing the accounts of Users and Experts (monitoring of the commercial relationship with the client, monitoring of Sessions for billing purposes, accounting),
  • Monitoring Users' opinions on the progress of the Sessions,
  • Allowing the Client individualized follow-up of the training courses selected by its employees, Users.

 

The User consents to the use of his Personal Data when opening his account on the Site and, concerning the aforementioned third-party services, when using these services.

The Expert consents to the use of his Personal Data when opening his account on the Site.

The Third-party employee consents to the use of his Personal Data by connecting to the Site within the framework of sending the feedback request, duly completed.

The Client has consented to the use of the Personal Data of his employees authorized to access the Client area reserved on the Site in the contract binding it to SIMUNDIA.

SIMUNDIA may also be required to process certain Personal Data of Users and Experts for statistical analysis purposes to analyse the Sessions provided and improve the service offers.

SIMUNDIA does not use the Personal Data of Data Subjects for commercial prospecting purposes.

 

6. Duration of retention of personal data collected by SIMUNDIA

 

Personal Data relating to the User and the Third-party employee will be deleted 5 years after the User’s last connection to the Site.

Personal data relative to the Expert will be deleted 5 years after the last Session provided to a User.

Personal Data relative to the Client will be deleted 5 years after the last connection of a User to the Site.

The content of the messaging system will be deleted 5 years after the last connection of the User to the Site.

Access to Personal Data relative to the User processed by the third-party services referred to in article 4 above will be deleted for SIMUNDIA, under the conditions stated in the privacy policies applied by these third-party services, and in a maximum of 5 years after the last use of the third-party service concerned.

As an exception, some of this Personal Data may be archived with restricted access to manage complaints and ongoing disputes as well as to meet legal and/or regulatory obligations and/or to respond to requests from authorised authorities for a maximum of 10 years. The data is then permanently deleted.

 

7. The recipients of Personal data

 

7.1 Data relative to the User

All data relative to the User, described in article 3.2 above, are intended for the SIMUNDIA teams and the Expert responsible for providing Sessions to the User.

Within the framework of monitoring the training course by its employees, the Client will have access to its reserved Customer area on the Site:

  • to the names of Users registered on the Site,
  • to the number of Sessions attended by Users,
  • to the topics selected by Users,
  • to the end-of-course results.

 

7.2 Data relative to Third-party employees

Data relative to Third-party Employees (request for feedback) will be intended for the User, the SIMUNDIA teams and the Expert responsible for providing the Sessions to the User.

 

8. The transfer of personal data

 

8.1 Transfers of User data to the Client

SIMUNDIA may send the Client data on use of the Site by Users.

Under no circumstances may this data concern the content of the Sessions attended by Users.

 

8.2 Other data transfers

SIMUNDIA does not transfer the Personal Data of Data Subjects to third parties. SIMUNDIA nevertheless reserves the right to use technical subcontractors, for example for the hosting and maintenance of personal data.

Personal data is hosted:

  • by AWS for object storage, i.e. the photo of the Users (optional field). The AWS servers used by SIMUNDIA are located in France;
  • by Clevercloud for the application and the database. The Clevercloud servers used by SIMUNDIA are also located in France.

Technical service providers are required to comply with Regulations. These service providers may only use the Personal Data of the Data Subjects on behalf of SIMUNDIA.

The Personal Data of Data Subjects will only be transmitted:

  • if regulations in effect require it;
  • if such transmission is necessary to comply with the law or regulations in effect, with legal proceedings and/or with an administrative or judicial order;
  • in general, to act in urgent circumstances in order to protect the personal safety of Data Subjects.

SIMUNDIA does not transfer Personal Data outside the European Union. 

The Personal Data of Data Subjects are not transferred to any SIMUNDIA commercial partner. 

 

9. Rights of Data Subjects

 

Data subjects have the following rights:

Right of access: Data subjects have the right to ask what data SIMUNDIA holds and to obtain communication thereof.

Right of rectification: Data subjects have the right to request the rectification of inaccurate data concerning them and held by SIMUNDIA.

Right of deletion ("right to be forgotten"): Data subjects have the right, under the conditions provided for by Regulations, to request that SIMUNDIA delete data concerning them.

Right to limitation of processing:  Data subjects have the right to ask SIMUNDIA to suspend the processing of their data until verification can take place (notably to verify the accuracy and relevance of the Personal Data processed by SIMUNDIA).

Right of portability: Data Subjects can have their Personal Data sent to them in a structured format and have the right to have it sent to another data controller.

Right of opposition: Data subjects have the right to object, at any time, to being included in a file for legitimate reasons.

Right to give instructions on the fate of personal data post-mortem: In the absence of instructions or mentions to the contrary in said instructions, the heirs of Data Subjects may have their rights over their Personal Data exercised after their demise.

Right to file a complaint with a regulatory authority

 

For more information concerning the exercise of rights:

https://www.cnil.fr/fr/comprendre-vos-droits

These rights can be exercised by sending a request to SIMUNDIA at the address contact@simundia.com. SIMUNDIA makes every effort to respond to requests within a reasonable turnaround time and, in any event, within the time limit set by Regulations.

 

10. Securitisation of Personal data

 

SIMUNDIA maintains adequate technical and organizational measures to protect Personal Data against destruction, loss, alteration, disclosure or unauthorized access, either accidental or unlawful.

SIMUNDIA ensures the security of Personal Data against any fraudulent access, use or disclosure, by implementing data protection reinforced by the use of appropriate technical physical and logical security measures, so as to guarantee data integrity, as well as their confidential and secure treatment. 

Thus, the measures taken by SIMUNDIA to secure all Personal Data include:

  • Data encryption: The URLs of the Site are encrypted through the use of tokens;
  • Video-conferencing: Sessions between Users and Experts can be conducted by video-conference, using the tool integrated into the Site and developed by Twilio. This tool is based on webrtc technology. For more details on securitisation of tool: https://www.twilio.com/security. No Personal Data is collected by SIMUNDIA during the Sessions.
  • All Experts selected by SIMUNDIA are bound by strict non-disclosure commitments: consequently, they cannot disclose, to SIMUNDIA or to any third party, the information given by the User in the context of the Sessions. Both the Expert and the User agree not to film or record the Session. He also agrees to isolate himself from any third party likely to overhear the conversation during the Session.

 

 

COOKIES

When viewing the Site, cookies are placed on the computer of the User and/or Expert, his mobile or his tablet.

Cookies are text files placed on the computer when visiting a site. Their main purpose is to collect information relative to browsing on the sites. Cookies are managed by the web browser.

Different types of cookies are used on the Site.

Analytical cookies

These are cookies that make it possible to know the use and performance of the Site.

Google Analytics tracks the number of times the User and/or Expert has visited the Site, calculates how long the User and/or Expert has stayed on the Site and tracks which search engine the User and/or Expert has used.

Third-party cookies

These are cookies provided by third parties, installed on the Site, which make it possible to create a link (exchange of information) with a social network. 

 

Facebook Pixel which tracks the User's and/or Expert's navigation on the Site and makes the link with the SIMUNDIA Facebook page.

This type of cookie can allow the social network concerned to follow navigation on the Site, simply because the account of the User and/or the Expert in the social network concerned is activated on his terminal (open session) during navigation on the Site. 

SIMUNDIA has no control over the process used by social networks to collect information relative to navigation on the Site and associated with the personal data at their disposal. SIMUNDIA invites the User and/or the Expert to consult the privacy protection policies of these social networks in order to become familiar with the purposes of use, notably advertising, of the navigation information that they can collect thanks to these Cookies. In particular, these protection policies must allow the User and/or the Expert to exercise their choices with these social networks, notably by setting up their user accounts for each of these networks.

Crisp: which makes it possible to answer the User's questions on the Site through a chat system. SIMUNDIA invites the User and/or the Expert to consult the privacy protection policies of the Crisp service in order to become familiar with the purposes of use, the conditions of use of the data collected and the retention period of the data.

By continuing to browse the Site, the User and/or the Expert accepts the use of these cookies.

The data collected through cookies is kept by SIMUNDIA for a maximum of 13 months. 

Nonetheless, the User and/or the Expert can choose to deactivate cookies at any time by configuring their web browser.

The User and/or the Expert can also configure his browser to indicate the cookies that are placed on his computer and have it ask him whether or not to accept them.

The User and/or the Expert can accept or refuse cookies on a case-by-case basis or refuse them systematically once and for all.

The setting of the web browser is nevertheless likely to modify the conditions of access to the services offered by the Site. Thus, if the browser is configured to refuse all cookies, the User and/or the Expert may be blocked from certain essential functions of the Site.

 

The User and/or the Expert can deactivate cookies by following the instructions hereafter:

1/ Internet Explorer browser

In Internet Explorer, click the Tools button, then Internet Options.

On the General tab, under Browsing history, click Settings.

Click the View Files button.

Click the Name column heading to sort all files alphabetically, then browse the list until you see files beginning with the prefix "Cookie". (All cookies have this prefix and usually contain the name of the website that created the cookie).

Select the cookie(s) including the name "….. ” and delete them

Close the window that contains the list of files, then click OK twice to return to Internet Explorer.

 

2/ Firefox browser

Go to the "Tools" tab of the browser then select the "Options" menu

In the window that appears, choose "Privacy" and click "Show cookies

Locate the files that contain the name "……"
Select them and delete them.

 

3/ Safari browser

In your browser, choose Edit menu> Preferences.

Click on Security.

Click on Show cookies.

Select the cookies that contain the name "…….. ” and click on Erase or on Erase All.

After deleting the cookies, click on Done.

 

4/ Google Chrome browser

Click on the Tools menu icon.

Select Options.

Click on the Advanced options tab and go to the "Confidentiality" section.

Click on the Show cookies button.

Locate the files that contain the name "…. ” Select them and delete them.

Click on »Close« to return to your browser

 

For more information on cookies:

On the CNIL website: http://www.cnil.fr/vos-droits/vos-traces/les-cookies