Trustpair, a French société par actions simplifiée, with its registered office located at 174, quai de Jemmapes, 75010, Paris, France, and registered with the Paris Trade and Companies Register under number 832 940 670, collects and processes personal data in its capacity as data controller and, to an extent, as data processor.
The data processed by Trustpair are collected, recorded and stored in accordance with the provisions of the law n°78-17 of 6 January, 1978 in its current version, as well as with the provisions of the General Data Protection Regulation (Regulation (EU) n°2016/679 “GDPR”).
The data collected by Trustpair as data controller under the meaning of the GDPR are mostly professional contact details of the representatives of Trustpair’s clients and prospects as well as, if applicable, the content of their requests and interactions with the website www.trustpair.fr (the “Website”), the application https://app.trustpair.fr, the API https://app.trustpair.fr/api/v1, and as a whole, any solution published by Trustpair (the “Applications”).
The data collected on the Website are collected with the consent of the data subjects, and for their pre-contractual relations with Trustpair when they request information on Trustpair’s products and services or apply to join Trustpair.
The data collected from the Applications are collected for the purpose of executing the contracts between Trustpair and its clients, and between the clients and their suppliers and beneficiaries.
The processing of these data is necessary for Trustpair to provide the services of the Website and Applications. It allows Trustpair to provide a fraud and payment error detection service, to know how the data subjects use or wish to use the services, to respond to requests (contact, demo, expertise) and to maintain its relations with clients and prospects.
When representatives of clients and prospects engage with Trustpair’s employees, the data collected may be used to send them newsletters and to follow up on their interests in the services.
Connection logs and accesses to the Website and the Applications are collected on the basis of Trustpair’s legitimate interest in securing the Website and the Applications and in preventing fraud.
When using the Website, only the data marked with an asterisk are mandatory. Trustpair mainly collects the following data from the Website:
Additionally, Trustpair collects, for the security of its IT system, the logs and technical information of connection to the Website and the Applications, namely: IP address, logs, identification of terminals, time stamps, origin of the mail server, use of the system, access, modification, extraction, and deletion of files/data and time spent on the computer system.
When Trustpair processes IBANs containing personal data (such as when the IBAN provided for authentication belongs to someone who is self-employed or a shareholder of a client), Trustpair acts as a sub-processor of the client’s personal data under the meaning of the GDPR.
Trustpair collects the business telephone number, and in specific cases (self-employed/freelance/shareholders/policy holder): name, first name of the person, home address (on the IBAN) and telephone number.
When acting as a sub-processor Trustpair always follows the instructions of the client acting as data processor.
Upon reaching the end of these terms, the data are deleted.
Data subjects have the right to access, modify, rectify, delete and, where applicable, object to a processing and request to port their personal data, in accordance with the Law n°78-17 in its current version and the provisions of the GDPR.
When an employee of a client requests to exercise his/her rights and Trustpair is acting as a data processor under the meaning of the GDPR, the requests are addressed to the client responsible for processing as the client alone determines the follow-up to these requests.
When the processing is based on the consent of the data subject, the latter can withdraw his/her consent at any time, without this affecting the lawfulness of the processing previously carried out on his/her personal data.
These rights can be exercised at the following email address: privacy@trustpair.fr.
Trustpair has also appointed a Data Protection Officer: the company Virtual-DPO. VIRTUAL-DPO can be contacted at any time through the email address: contact@virtual-dpo.fr or via its website www.virtual-dpo.fr.
In case of difficulties in connection with the management of their personal data, the data subjects may lodge a complaint with the CNIL or with any competent supervisory authority.