Privacy Policy

The purpose of the Aitenders Privacy Policy is to provide all information about the terms under which Aitenders collects and processes the Personal Information of Users.

The Privacy Policy is part of the GTCU and each term defined in the GTCU has the same meaning in the Privacy Policy.

By accessing and using Aitenders, Users undertake to respect and be bound by this Privacy Policy, which can be changed or updated at any time without notice. Any modification will be posted on the Site.

 

I. Nature of Data Collected by Aitenders

1.1. Aitenders collects and processes data that Users voluntarily provide to access or use Aitenders as well as data concerning the preferences of Users and traffic (such as IP addresses).

The purposes of this Data Processing are to enable Users to create an Account to access Aitenders, to use the Software, to improve services in placing cookies on Users’ devices and sending them commercial offers and marketing.

More precisely, Aitenders processes Users date Data to enable Users to:

  • Consult Aitenders websites
  • Create an Account to access and use the Aitenders Software
  • Register for online demonstrations, events or contests
  • Download our online resources
  • Improve services by placing cookies on users’ devices
  • Send you commercial and marketing offers
 

To open an Account, Users must provide Aitenders with at least the following personal identification information to use the Software:

  • Name
  • Email
  • Company Name
  • Telephone Number

Users can complete their profile with other Personal Data (their address, secondary telephone number, date of birth, company role, the name of their business Unit etc.).

Aitenders will never collect or process sensitive Personal Data in accordance with GDPR regulations, for example regarding racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, health, etc.

1.2. Aitenders also collects Data relating to the commercial relationship with its Users: history, subscribed functionalities, billing and payment, participation in promotional offers, requests and incidents reported to the support service, etc.

1.3. Aitenders automatically collects certain data during visits to the website Aitenders.com. For example, information about the origin of the connection, the type and version of the user’s Internet browser, the duration of connection, etc.

Aitenders uses cookies for the Site and the Tender Management and Contract Management Platform called Aitenders. A cookie is a small text file sent by the website consulted by the User in their Internet browser or on the device used. It does not personally identify the User but has the function of facilitating navigation (memorizing personal Dashboard set up, technical choices, quick search, past activity) and proposing relevant offers and services. Their maximum life is 12 months.

The goal is to facilitate navigation, improve use, benefits and better understand the customer experience.

The Aitenders Cookies Policy is available here.

II. Use of Personal Data of Users

Aitenders uses Personal Data only in the cases provided for by the regulations in force, which are:

  • The execution of the service provision contract relating to the use of the Aitenders Software and/or;
  • Compliance with a legal obligation and/or;
  • Your consent to process your Data
  • Our legitimate interest in conducting prospecting or promotion operation concerning the Aitenders Group, our products, promotions or the events we organize with the Aitenders Grou

Of course, Aitenders never uses personal data for marketing and commercial purposes without respecting the wishes of the data subjects who can always unsubscribe from these communications.

III. Processing of Personal Data

Aitenders collects and processes Users’ Personal Data in a fair and lawful manner and in compliance with the principles of European Regulation 2016/679 of 27 April 2016 (GDPR).

Aitenders is responsible for the processing of Personal Data of Users within the meaning of the GDPR.

Aitenders has appointed a Data Protection Officer (DPO) who continuously monitors Aitenders’s compliance with GDPR principles and rules. Their mission is notably:

  • to make Aitenders employees aware of the protection of Personal Data;
  • to support the teams during the implementation of processing;
  • to respond to requests related to the exercise of Users’ rights in accordance with Article VIII.

The DPO can be contacted via this dedicated email address: contact@aitenders.com

  1.  

IV. Retention of Personal Data of Users

4.1 Security

Aitenders makes every effort to prevent the loss, misappropriation, intrusion, unauthorised disclosure, alteration or destruction of Personal Data disclosed by Users.

Therefore:

  • The data is stored on Aitenders’s own servers, hosted within the infrastructure of Microsoft France. The server security check and the update of operating software is carried out in real time.
  • All information sent to Aitenders is encrypted [256-bit TLS protocol].
  • Aitenders employees are subject to an obligation of confidentiality and non-disclosure and have all signed a specific commitment to the protection of Personal Data.
  • Access to Data is governed by a strict access control policy, reserved to authorised persons, under defined conditions.
  • When Aitenders uses subprocessors to process Personal Data, Aitenders ensures that these subprocessors guarantee an equivalent level of security protection.

4.2. Term

Aitenders retains Personal Data in accordance with legal provisions:

Aitenders keeps the information relating to the management of the Customer Account, orders, billing, payments 10 years after the end of the contract or the last contact from the Inactive Customer;

Aitenders keeps the information related to the creation and management of prospecting files 3 years from the collection of data or the last contact from the prospect;

Aitenders keeps inactive Customer Data for the purpose of sending information about the commercial and marketing offers, within 3 years after the end of the business relationship.

Aitenders has the obligation to keep, for one year, the Personal Data following the creation, modification, or removal of User Content:

  • Login identification;
  • The identification given by the terminal;
  • Types of protocols;
  • Nature of the operation;
  • Date and time of the operation;
  • Identification used by the author of the operation.

When the retention of the Data is no longer justified by the management of a Customer Account, a legal obligation or commercial requirements, and notwithstanding the exercise of the rights of deletion or modification, Aitenders will delete the Data in a secure fashion.

4.3. Account Cancellation

Users may also request that their Account be deleted in accordance with the Terms. Their data will be deleted by Aitenders without prejudice to Article 4.2 above.

V. Access to the Personal Data of Users

5.1. Access to Data by Aitenders Employees

According to the purposes defined in Article 1, the customer service, support, administrative, accounting, technical, marketing and sales departments are likely to have access to Personal Data.

Access to your data is based on individual access permissions as specified in Article 4.1.

5.2. Data Transmission

Aitenders can outsource the following services:

  • Hosting
  • Providers sending postal or digital mail
  • Maintenance and technical development providers

Pursuant to Article 28 of the GDPR, Aitenders’s subcontractors’ access to the Data is provided for by a contract signed between Aitenders and the subprocessor, which sets out its obligations with respect to the protection of Personal Data that are available to Aitenders.

VI. Transfer of Personal Data

Aitenders retains Personal Data in the European Union.

If the Data collected by Aitenders in connection with the Services were to be transferred, in a very marginal way, to subcontractors located in other countries, Aitenders shall ensure that appropriate safeguards are provided to control any transfer of Personal Data.

Aitenders may provide Users’ Personal Data only if it is required by law or ordered by a French court.

VII. Communication from Aitenders

7.1 Aitenders can send emails to Users at the email address associated with their account for technical or administrative reasons or to inform the Users of the change of the services.

7.2 Aitenders can also send Users SMS messages or emails containing commercial and marketing offers or concerning your participation in events, under the conditions of Article VIII. A deactivation link allows Users to unsubscribe at any time.

If you are unsubscribed from these communications you will nevertheless continue to receive the communication listed in Article 7.1.

VIII. Exercise of User Rights

In accordance with the French Data Protection Act and the European Regulation 2016/679 of 27 April 2016 (GDPR), in force on 25 May 2018, Users have the following rights concerning the processing:

  • right of access
  • right to rectification
  • right to object
  • right to erasure
  • right to data portability
  • right to restriction of processing

Users may exercise these rights by writing to the DTO of Aitenders at their postal address: 20 rue prof Benoit Lauras 42000 Saint Etienne or contact the Team directly at contact@Aitenders.com.

All requests must be justified and accompanied by a copy of a valid ID.

Users may also:

  • modify their Personal Data directly from their Account, if they have one
  • manage the receipt of promotional communications (not related to a transaction) by simply clicking on the “unsubscribe” link at the bottom of emails sent by Aitenders
  • manage the reception of SMS messages by sending a “STOP” text message