Privacy Policy

Download the document - February 9, 2021 version

Preamble

Hyperlex SAS is committed to the protection of personal data and the privacy of Users. In this respect, and in application of the General Data Protection Regulation (hereinafter referred to as the "GDPR"), we hereby inform you of the conditions under which your personal data will be processed by us.

This Charter concerns Internet users or prospects

Such persons are hereinafter referred to as "Affected Persons".

This Charter is subject to change: we therefore invite you to consult it regularly. Information specific to cookies (publishers, duration, use) can be consulted on our website: hyperlex.ai

Last version date: February 9, 2021

Person in charge of processing
HYPERLEX SAS
12 rue Anselme 93400 Saint-Ouen
N° RCS : 832146237

1. What personal data do we process?

Hyperlex SAS is required to process the following categories of Users' personal data:

  • Identification data: surname, first name, postal address, email address, telephone number, user name and password.
  • Data related to professional life: function, company, level of experience, curriculum vitae
  • Connection data: logs, timestamp, browsing path, browser type
  • Location data: country
  • Internet data: IP address, browser language

Your personal data normally comes directly from you.

Please note that the following personal data have been transmitted to us by Kompass, Linkedin, in the context of our commercial prospecting:

  • To carry out mailing and phoning operations: legitimate interest.
    Source not accessible to the public.
  • For the realization of technical operations allowing to select the canvassed persons, to enrich the quality of the database of canvassing (Ex: Normalization, enrichment, deduplication): legitimate interest.
    Source not accessible to the public

Hyperlex SAS only processes personal data that is strictly necessary to achieve the determined and legitimate purposes defined in the following sections.

Hyperlex SAS therefore does not process any sensitive data such as the racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership of the data subjects. The same applies to any information on the life or sexual orientation, genetic, biometric or health data of the data subjects.

2. Why and how do we process your personal data?

Hyperlex SAS is required to process the personal data of the Persons Concerned for these purposes:

Commercial prospecting

 

Objectives and bases of legality :

  • To respond to requests for information, documentation or demonstration (pre-contractual obligation)
  • To issue offers to sell and sales contracts (pre-contractual obligation)
  • To invite clients to events and to organize them (contractual obligation)
  • To carry out emailing and phoning actions (BtoB Prospecting) (Legitimate interest)
  • For the realization of technical operations allowing to select the persons canvassed, to enrich the quality of the prospecting database (Ex: Standardization, enrichment, deduplication) (Legitimate interest)
  • For the realization of commercial profiles (e.g. maturity scoring) (Legitimate interest)
  • To compile trade statistics (Legitimate interest)
  • To have a website presenting the company's offers and services (Legitimate Interest)
  • To track the visits and behaviour of visitors to the company's website (Legitimate Interest)
  • To post videos on the company's website (Legitimate interest)
  • To keep your choices in terms of consent to cookies - Axeptio (Legitimate interest)
  • To feed behavioural information to the files from the CRM (Hubspot) (Consent)
  • To identify the origin of visitors - Google Analytics & Google Ads, Facebook, Linkedin, Capterra - (Consent)
  • To run remarketing campaigns - Google Analytics & Google Ads - (Consent)
  • To measure the effectiveness of advertising campaigns - Google Analytics & Google Ads - (Consent)
  • To measure the audience and analyze the behavior of visitors to the site - Google Analytics & Google Ads, Hubspot - (Consent)
  • To dispose of evidence in case of litigation or administrative review (Legitimate interest)

Retention period:
Until the right of objection is exercised
3 years from the right of objection the legal department

Category of addressees: Sales and Marketing Department; Legal Department

Data Sources : Persons concerned

Compulsory or optional nature of data collection and consequences of not providing the data: Necessary for the commercial management of the enterprise and its development.

RGPD

 

Objectives and Bases of Legality: Responding to the Exercise of PGD Rights (Legal Obligation)

Retention period:
3 years after the closure of a request for opposition (Statute of limitations for an offence)
1 year after the closure of a request for access, deletion or rectification (Statute of limitations for an offence)

Categories of addressees: CNIL; Service in charge of RGPD applications; Service in charge of litigation

Data Sources : Persons concerned

Compulsory or optional nature of data collection and consequences for failure to provide the data: Necessary for the fulfilment of legal obligations regarding the declaration of violations and the exercise of rights.

In view of the purpose of each processing operation, Hyperlex SAS implements the necessary means to ensure that personal data is only accessible by its internal services having to know about it, third party recipients designated by the Law or subcontractors necessary to carry out the processing operations (Cf. .3).

Hyperlex SAS keeps the data collected for the time strictly necessary to achieve the purpose of each treatment, unless otherwise provided by law. These retention periods are communicated in the table opposite. In application of the RGPD, it is possible that your data may be kept by us for the time that the limitation periods for legal action are reached. If this is the case, only the persons in charge of litigation within the company have access to it. At the end of these periods, your data will either be deleted or irreversibly anonymised.

3. To whom is your personal data transmitted outside the company?

Hyperlex SAS may communicate your personal data to organisations within the framework provided by the Law. These recipients are indicated below (see 2.).

Hyperlex SAS uses subcontractors selected by Hyperlex SAS to carry out all or part of the treatments indicated. Exceptionally, Hyperlex SAS may use service providers located outside the European Union. Where applicable, Hyperlex SAS ensures that the transfer of data outside the European Union benefits from the guarantees of protection provided by the RGPD.

Subcontractor : Typeform
Category: Good functioning and use of IT resources and Sales Management: Customer survey
Country: USA
Warranty type (if outside EU): DPA and CCT

Subcontractor: CNIL
Category: RGPD: DPO declaration and violations
Country: France
Type of guarantee (if outside EU): DPA and CCT

Subcontractor: Axeptio
Category: CNIL: Cookie management and consent collection
Country: Luxembourg
Type of guarantee (if outside EU): DPA and CCT

Subcontractor: SiteGround
Category: Business Development: Hosting of Hyperlex's commercial and corporate website
Country: European Union
Type of guarantee (if outside EU): DPA and CCT

Subcontractor: Hubspot
Category: Sales Management and Prospecting: Collection, contact, scoring, database building and contact automation
Country: USA
Warranty type (if outside EU): DPA and CCT

Subcontractor: Google suite
Category: Good working order and use of IT resources
Country: European Union
Type of guarantee (if outside EU): DPA and CCT

Subcontractor: Google Analytics
Category: Proper functioning and use of IT resources
Country: USA
Type of warranty (if outside EU): DPA and CCT

Subcontractor: RingOver Group
Category: VOIP Telephony
Country: France

Subcontractor: Zoom
Category: Video conferencing system
Country: USA
Warranty type (if outside EU): DPA and CCT

Subcontractor: Swipedon
Category: Record of visits to our offices in Paris
Country: New Zealand and USA
Type of warranty (if outside EU): Privacy Policy

To obtain a copy or the location of guarantees related to data transfers outside the European Union, please contact us:

dpo@hyperlex.ai
Hyperlex SAS
DPO
12 rue Anselme
93400 Saint-Ouen

4. What security measures do we put in place to protect your data?

Hyperlex SAS implements all organisational and technical measures to ensure an appropriate level of security for your personal data, and in particular to avoid any loss of confidentiality, integrity or accessibility.

5. What rights do you have over your personal data?

You can exercise the following rights on your personal data with Hyperlex SAS:

  • You can give your consent to the deposit of a cookie or withdraw it on our site, by clicking on "Cookie" at the bottom right of the screen.
  • A right of rectification: you have the right to obtain the rectification of inaccurate data concerning you. You also have the right to complete incomplete data concerning you by providing a supplementary declaration. If you exercise this right, we undertake to communicate any rectification to all the recipients of your data as far as possible.
  • A right of deletion: in certain cases, you have the right to have your data deleted. However, this is not an absolute right and we may, for legal or legitimate reasons, retain such data.
  • A right to limitation of processing: in certain cases, you have the right to obtain limitation of processing on your data.
  • A right to the portability of your personal data: you have the right to receive the data you have provided us with, in a structured, commonly used and machine-readable format, for your personal use or to pass it on to a third party of your choice. This right only applies when the processing of your data is based on your consent, on a contract or when such processing is carried out by automated means. Furthermore, Hyperlex SAS may refuse to exercise this right if it requires technical means deemed excessive.
  • A right to object to the processing: you have the right to object at any time to the processing of your data for processing based on our legitimate interest, a mission of public interest. This is not an absolute right and we may for legal or legitimate reasons refuse your request for opposition.
  • The right to withdraw your consent at any time: you may withdraw your consent to the processing of your data where the processing is based on your consent. Withdrawal of consent does not affect the lawfulness of the processing based on the consent given prior to such withdrawal.
  • The right to complain to a supervisory authority: you have the right to contact your data protection authority to complain about our personal data protection practices,
  • The right to give instructions regarding the fate of your data after your death.

Hyperlex SAS shall follow up any exercise of rights as soon as possible and in any event within 30 days of receipt of the request. Hyperlex SAS reserves the right :

  • To request proof of the applicant's identity in case of reasonable doubt as to the applicant's identity in order to respect the applicant's obligation of confidentiality,
  • To extend the time limit for reply by two months, then informing the applicant of this extension and the reasons for the extension within one month of receipt of the request,
  • To refuse to respond to an exercise of right if it is considered abusive (in view of their number, repetitive or systematic nature).

6. How can you exercise your rights to your personal data?

To exercise your rights, please contact us:
HYPERLEX
12 rue Anselme
93400 Saint-Ouen
dpo@hyperlex.ai

If, despite our efforts and our commitments, you feel that your rights concerning your personal data are not being respected, you can make a complaint to the Commission Nationale Informatique et Libertés :

CNIL
3 Place de Fontenoy
TSA 80715
75334 Paris Cedex 07
On-line complaint