Help Center
How to get helpTable of contents
Privacy Policy of Partoo
Partoo (hereinafter “ Partoo ”, “ we ”, “ us ”) is committed to protecting personal data (hereinafter “ Personal Data ”) and the privacy of you, users of our website, our software solution, and our service offerings (hereinafter the “ Services ”).
As such, and in accordance with the legislation in force regarding the processing and protection of Personal Data, and in particular the European General Data Protection Regulation of April 27, 2016 (hereinafter the “ GDPR ”), Partoo undertakes to respect the confidentiality, integrity, and security of your Personal Data.
As the data controller of your Personal Data, this privacy policy (hereinafter the “ Privacy Policy ”) sets out the conditions under which your Personal Data is processed by us when :
- You browse our website (hereinafter the “ Website ”): we have implemented certain audience measurement tools in order to better understand and interact with visitors to our Website (hereinafter “ Visitor(s) ”). These tools may also collect certain Personal Data about you.
- You contact us to express interest in our services : notably by requesting a demo, as a prospect (hereinafter “ Prospect ”).
- You have entered into a service agreement with us, as a customer (hereinafter “ Customer ”). You may then be required to share Personal Data in order to ensure the proper performance of the said agreement.
- You take part in a recruitment process with the Partoo human resources team, as a candidate for a job offer (hereinafter “ Candidate ”).
Article 1 – WHAT PERSONAL DATA DO WE COLLECT AND FOR WHAT PURPOSES?
By using Partoo’s Services, you consent to our collection and processing of the Personal Data described in the tables below, depending on your situation.
1. When you are a Visitor
| Types of Personal Data | Purposes | Legal Basis |
|---|---|---|
| Technical data: data collected when you connect to our website (IP address, browsing data on the website, cookies when consent has been given). Additional data collected in the context of our interactions via the chatbot. | To produce statistics related to the service and/or to the performance of the website. | Consent of the data subject (Article 6 (1) a of the GDPR): this is the legal basis each time you have accepted the collection of this information on the website. |
2. When you are a Prospect
| Types of Personal Data | Purposes | Legal Basis |
|---|---|---|
| Identification data: name, first name, email address, telephone number, country, job title. Additional data provided in the context of a demo request, a newsletter subscription (in particular the “How can we help you?” field). Conversation data: data that you communicate to us during our exchanges via the chatbot. Technical data: data collected when you connect to our website (IP address, browsing data on the website, cookies when consent has been given). | To respond to requests submitted via our contact forms or via our chatbot. To send marketing communications (including invitations to events and webinars), when you have agreed to receive them by ticking the relevant box for that purpose. | Consent of the data subject (Article 6 (1) a of the GDPR): this is the legal basis each time you have accepted the sending of information from Partoo and when you request information via our contact forms. Legitimate interest of Partoo (Article 6 (1) f of the GDPR): this is the legal basis when the processing of your data is necessary in order to respond to your requests and provide you with the information you have requested. |
3. When you are a Customer
| Types of Personal Data | Purposes | Legal Basis |
|---|---|---|
| Identification data: name, first name. Professional data: professional email address, professional phone number, exact job title. Browsing data on the Partoo platform: data on the use of the platform, when we need to fix a bug or respond to a specific Customer request. Additional data provided during our exchanges (email, chat, etc.). | Manage the contractual relationship (sending quotes and contracts for electronic signature, amendments, etc.). Manage accounting and invoicing (for the execution of tax and accounting obligations of PARTOO). Manage the commercial relationship (Customer relations, collection and analysis of needs, ensuring the continuity of support). Create targeted marketing campaigns according to Customer profiles. Continuously improve our products and services by identifying trends, preferences, and business opportunities. | Legitimate interest of Partoo (Article 6 (1) f of the GDPR): this is the legal basis when the processing of your Personal Data is necessary to respond to your requests and to provide you with the requested information or services. Compliance with a legal obligation (Article 6 (1) c of the GDPR): this is the legal basis when your Personal Data is processed in connection with the signing of a contract, accounting management, or invoicing. Consent of the data subject (Article 6 (1) a of the GDPR): this is the legal basis each time you have consented to receive Partoo’s updates and news. |
4. When you are a Candidate
| Types of Personal Data | Purposes | Legal Basis |
|---|---|---|
| Identification data: name, first name, postal address, date and place of birth, email address, mobile phone number, landline number, image (photograph and video recording). Professional data: career path, education, professional training, textual content (cover letter, CV, emails, etc.), content of skills tests. Personal data: family situation (when provided to us). Technical data: data collected when you connect to our website (IP address, browsing data on the website). | To identify relevant profiles for available positions ( candidate pool ). To initiate the recruitment process (contacting candidates, assessing the candidate’s ability to occupy the proposed position, monitoring the candidate experience , etc.). To organise events (social gatherings, employer branding events, meet-ups). | Legitimate interest of Partoo (Article 6 (1) f of the GDPR): this is the legal basis when the processing of your Personal Data is necessary to respond to your applications and to provide you with the requested information. Consent of the data subject (Article 6 (1) a of the GDPR): this is the legal basis each time you have accepted the collection of this information on the website, as well as the processing of your Personal Data in the context of the recruitment process. |
For any other Personal Data collected by any other means, a specific information notice will be provided to you at the time of such collection, specifying the applicable rules in the event that they differ from those set out in this Privacy Policy.
Article 2 – HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
Partoo retains Personal Data only for the strictly necessary period to achieve the purpose of each processing activity, unless otherwise required by law. These retention periods are communicated in the tables below, depending on your situation.
1. When you are a Visitor
| Categories of Personal Data | Retention Period | Legal Basis / Purpose |
|---|---|---|
| Technical data, Conversation data | 2 years after their initial collection for technical data, and 2 years for conversation data. | To ensure the proper functioning of the website and user navigation. To establish statistics concerning your use of our website. |
2. When you are a Prospect
| Categories of Personal Data | Retention Period | Legal Basis / Purpose |
|---|---|---|
| Identification data, Professional data, Technical data, Conversation data | 2 years after their initial collection, unless you request deletion of your Personal Data. | To provide you with a demonstration and to contact you. |
3. When you are a Customer
| Categories of Personal Data | Retention Period | Legal Basis / Purpose |
|---|---|---|
| Identification data | For the duration of the contract, and 2 years after its termination. | To compile statistics and, more generally, for evidential purposes. |
| Billing data | For the duration of the contract, and 10 years after its termination. | For the recovery of unpaid debts and, more generally, for evidential purposes in accordance with the law. |
| Contractual documents that may contain personal data. | For the duration of the contract, then 5 years after its termination. | To align with the limitation period, as most claims are subject to a 5-year limitation period. |
| Browsing data on the Partoo software | For the duration of the contract, then 60 days after its termination. | To align with the reversibility conditions provided for in our General Terms and Conditions of Sale. |
| Data shared with Partoo teams, including Customer support. | For the duration of the contract, then 1 year after its termination. | To ensure continuous follow-up of interactions, incidents, and requests. |
4. When you are a Candidate
| Categories of Personal Data | Retention Period | Legal Basis / Purpose |
|---|---|---|
| Identification data, Professional data, Personal data | 2 years from the last contact with Partoo, unless you request deletion of your Personal Data. | To allow us to retain your contact details and profile information in order to offer you potential future opportunities. |
In accordance with the GDPR, it is possible that your Personal Data may be retained for periods corresponding to the applicable statute of limitation for legal actions. At the end of these periods, your Personal Data will be either deleted or anonymised irreversibly.
When we no longer have a legitimate interest in processing your Personal Data, we will delete it as soon as technically possible.
Article 3 – WHO HAS ACCESS TO YOUR PERSONAL DATA AND WITH WHOM IS IT SHARED?
1. Partoo staff
Given the purpose of each processing activity, Partoo implements the necessary measures to ensure that Personal Data is accessible only to its internal teams who are strictly authorised, have a legitimate interest in accessing it, and only when such access is necessary for the proper performance of their duties.
An access segregation system has been implemented to ensure that each team has access only to the data relevant to the performance of its missions.
Personal Data is therefore transferred within the competent departments of Partoo, depending on the type of data and the purpose of the processing.
2. Service providers
As part of its business operations and for the provision of its Services, Partoo may share your Personal Data with third-party service providers.
The types of service providers used by Partoo are described in the tables below.
a. Operational services
| Name of Service Provider | Categories of Personal Data | Purpose |
|---|---|---|
| Google Workspace | Identification data, professional data, and any other Personal Data that you share with us when you contact us by email. | To manage our emails and our daily operations. |
| Pack office | Identification data and any other Personal Data that you share with us when you enter into contractual relations with us. | To manage daily operations. |
| Slack | Identification data, professional data, and any other Personal Data that you share with us when communicating on Slack. | To allow us to centralise and streamline communication and real-time collaboration within teams. |
| Jira | Identification data, professional data. | To allow us to plan, monitor and efficiently manage projects and day-to-day tasks. |
b. Statistics and marketing services
All statistics and marketing service providers used by Partoo are listed in our Cookie Policy, available here.
c. Customer Relationship Management and Development
| Name of Service Provider | Categories of Personal Data | Purpose |
|---|---|---|
| Docusign | Identification data and professional data. | To manage the signing of contracts. |
| Tomorro | Identification data and professional data (Customer). | To negotiate and sign Customer contracts. |
| Salesforce | Identification data and professional data, as well as any other Personal Data shared by Customers and/or Prospects with us. | To manage the CRM. |
| Hubspot | Identification data and professional data, as well as any other Personal Data shared by Customers and/or Prospects with us. | To manage the CRM, send commercial solicitations, and manage Customer relationships. |
| Livestorm | Identification data and professional data. | To enable us to organise and efficiently manage our webinars and online meetings. |
| Intercom | Identification data and professional data. | To enable us to communicate directly with our users and provide them with personalised support. |
d. Candidate relationship management
| Name of Service Provider | Categories of Personal Data | Purpose |
|---|---|---|
| Pandadoc, Lucca (Signaturit) | Identification data and professional data. | To manage the signing of contracts. |
| Docusign | Identification data and professional data. | To manage the signing of contracts. |
| Lever | Any Personal Data provided by Candidates when applying for a job offer at Partoo. | To manage applications and the recruitment process. |
| LinkedIn Recruiting Solutions | Any Personal Data provided by Candidates when applying for a job offer at Partoo. | To search for profiles, and to manage applications and the recruitment process. |
| Job teaser, Glassdoor | Identification data, professional data, and any other Personal Data shared during the application process. | To manage applications and the recruitment process. |
3. Subprocessors
When these service providers intervene as part of the provision of our Services and thus process Personal Data provided by our Customers on our behalf and under our instructions, in accordance with the GDPR, they act as data sub-processors (hereinafter the “ Sub-processors ”).
The complete list of our Sub-processors is available on our Website, at the following address: https://www.partoo.co/fr/legal/gdpr-subprocessors-listing/
4. Specific Cases
We may also share your Personal Data in the following specific situations:
- When required or authorised by law, a regulatory provision in force, a court order, or a regulation, or when such disclosure is necessary as part of an investigation or legal proceeding, whether in France or abroad;
- In the event of an audit carried out in connection with investments and/or in the event of a transfer of a Partoo entity or its assets to any potential purchaser;
- When we transmit non-personal data to third parties, such as aggregated statistical data.
Article 4 – WHERE IS YOUR PERSONAL DATA STORED?
Depending on the type of Personal Data collected and the category of data subject, the data may be hosted on different infrastructures, in accordance with the distribution of service providers detailed above.
The Personal Data we process in connection with the provision of our products and services is stored by our hosting provider, Amazon Web Services, on servers located within the European Union. In order to perform our services, we may, however, transfer certain data outside the European Union. In such cases, all selected service providers ensure that hosting complies with GDPR requirements, particularly in terms of security, confidentiality and traceability.
Article 5 – WHAT INTERNATIONAL TRANSFERS OF PERSONAL DATA DO WE CARRY OUT?
Partoo may be required to transfer Personal Data outside the European Union. In the event that we are required to carry out such transfers, they will only occur indirectly through our Sub-processors.
As Partoo is subject to the GDPR, if we plan to engage any Sub-processor for activities that involve the transfer of Customer Personal Data to a country outside the European Union, we commit to ensuring that the security and confidentiality of such Personal Data are preserved. This is ensured in particular through:
- Data protection agreements implemented between the European Union and the destination countries;
- Standard contractual clauses issued by the European Commission or a supervisory authority, in accordance with Article 46 of the GDPR;
- Data processing agreements in compliance with Article 28 of the GDPR.
Article 6 – HOW DO WE ENSURE THE SECURITY OF YOUR PERSONAL DATA?
In order to ensure the security of the Personal Data that you transmit to us, we have implemented a range of appropriate technical and organisational measures. In particular, the security of your Personal Data is ensured through:
- Authentication of Partoo’s permanent or temporary members before accessing Personal Data;
- The implementation of access controls and a management system for user authorisations;
- Pseudonymisation and encryption of Personal Data, whenever possible;
- The implementation of a logging system;
- Measures designed to guarantee the confidentiality, integrity, availability and resilience of systems and processing services on an ongoing basis;
- Measures designed to restore the availability of Personal Data and access thereto in a timely manner in the event of a physical or technical incident;
- A suitable backup system.
Article 7 – WHAT RIGHTS DO YOU HAVE OVER YOUR PERSONAL DATA AND HOW CAN YOU EXERCISE THEM?
1. Nature of your rights
In accordance with the GDPR, you have the following rights:
- Right of access (Article 15 of the GDPR): the right to question Partoo in order to obtain and receive a copy of your Personal Data, as well as information regarding its processing (purposes, recipients, retention period, etc.).
- Right to data portability (Article 20 of the GDPR): the right to request that we transmit your Personal Data in a structured, commonly used and machine-readable format for transmission to a third party.
- Right to rectification (Article 16 of the GDPR): the right to ask us to correct or update your Personal Data if it is inaccurate or incomplete.
- Right to erasure (Article 17 of the GDPR): the right to request the deletion of your Personal Data when it is no longer necessary for the purposes for which it was collected or when its processing is no longer justified.
- Right to restriction of processing (Article 18 of the GDPR): the right to ask us to temporarily suspend the processing of your Personal Data in certain cases (e.g. contesting accuracy, objection, unlawful processing, etc.).
- Right to object (Article 21 of the GDPR): the right to object to the processing of your Personal Data for marketing purposes or where processing is based on legitimate interest, unless there are compelling legitimate grounds on our part.
2. Exercising Your Rights
To exercise your rights, you are invited to send your request directly by email to the following address: personaldata@partoo.fr and/or legal@partoo.fr.
We kindly ask you to specify in your request the following information:
- Your name, first name, and email address;
- The subject of your request, the nature of the right you wish to exercise, and the reasons justifying it.
In accordance with the applicable legislation, we may ask you to provide proof of your identity.
We will then have a maximum period of 1 month to respond to your request, which may be extended by 2 months depending on the complexity of the request. If we do not act upon your request, we will inform you of the reasons and of your right to lodge a complaint with a supervisory authority and to seek judicial remedy.
Article 8 – USE OF COOKIES AND OTHER SIMILAR TECHNOLOGIES
Please read our Cookie Policy.
Finally, please note that we may modify this Privacy Policy at any time to ensure transparency regarding the processing of your Personal Data. We therefore invite you to consult it regularly.