Reveal, a simplified joint stock company with a share capital of 318 885,10 euros, registered in the Paris Trade and Companies Register under number 793 618 729, whose registered office is located 14 avenue de l'Opéra, 75001, Paris, in the person of its legal representatives;
Hereinafter referred to as "Reveal";
And the User of the services developed by Reveal;
Hereinafter referred to as "the User";
Hereinafter referred to together as "the Parties".
Preamble
Reveal SAS ("Reveal") provides their service via its app.reveal.co platform ("Reveal Service" or "Reveal Services" or "the Services" ).
Ensuring the protection of Personal Data collected for the purposes of its business is of particular importance to Reveal, publisher of the website https://reveal.co and of the Reveal SaaS Application, available at https://app.reveal.co.
In this context, Reveal agrees to comply with the provisions of the current regulations relative to the protection of personal data and, in particular, the French Data Protection Act, in its current version on the date hereof and the EU Regulation 2016/679 of 27 April 2016, known as the "GDPR".
In doing so, Reveal offers its services within a secure and clear legal framework, after implementing a Personal Data security approach to minimize the risk of data breach and, in the event of an incident, provide an effective and timely response.
Article 1 // Purpose
The purpose of this Privacy Policy is to present with the terms of the current Privacy Policy at Reveal regarding the collection, use, processing, storage and protection of the collected Personal Data (“Data”).
Article 2 // Awareness and acknowledgement of the user
By purchasing or benefiting from a Reveal service, the duly authorized User acknowledges having read this Policy, and, as for the General Terms and Conditions (https://www.reveal.co/legals/terms), having fully understood and accepted its content.
Article 3 // Development of the privacy policy in time.
In order to meet its legal obligations in terms of Data protection and to provide with secure and efficient services, Reveal reserves the right to make changes to this Policy at its discretion, in particular to ensure compliance with applicable law.
Consequently, you are encouraged to regularly check the Privacy Policy, in order to be informed of its latest changes.
Article 4 // Data Protection Officer (DPO)
Reveal has appointed Mr. Alexandre Sadones as the Data Protection Officer (DPO). He can be contacted for any question:
By email, at the following address: team@reveal.co
By post, at the following address: Reveal SAS - 14 avenue de l'Opéra, 75015 Paris, FRANCE
In the absence of a satisfactory response from us, you may contact the French supervisory authority, the Commission Nationale de l'Informatique et des Libertés ("CNIL"), located at 3 Place de Fontenoy - TSA 80715, 75334 PARIS CEDEX 07.
Article 5 // Collected and Processed Personal Data
Data processed are strictly limited to what is necessary in relation to the purposes for which they are processed.
Your Data are processed with your consent, which you may withdraw at any time, or, when necessary, to (i) provide you with the subscribed services or demos; (ii) answer your questions; (iii) comply with a legal obligation to which we are subject; (iv) in our legitimate interests, to ensure the security and proper functioning of the Site or to communicate our offers to you by e-mail as part of our BtoB relationship. If you no longer wish to receive our communications, you can click on the unsubscribe link provided in the e-mail to this effect, or by writing to us at the following address : team@reveal.co.
5.2. Personal Data Security
The technical resources implemented to protect Personal Data are the following:
Encryption of data at rest;
SSL encryption of all incoming and outgoing communications in the database;
Method for authenticating the User through an individual password stored in a non-reversible manner in the form of a hash computed via the bcrypt algorithm, version 2a;
Systematic access control within the application.
Control mechanisms are simultaneously implemented in the process of developing and providing services:
Systematic code review including security elements to be verified
Regular review of access controls within the infrastructure hosting the services
5.3. Transmission of Data to third parties
Your Data may be transmitted to our authorised service providers to provide you with the services, and to the following third parties:
The names, first names and emails of the User may be transmitted to Designated Third Parties for which the User has explicitly validated the transfer, for the purpose of establishing contact between the sales teams of the concerned companies.
The User, who collects the Personal Data housed in his Data Source, remains responsible for informing the persons concerned of the transfer and processing of said Data by Reveal, whose responsibility, as subcontractor of the processing, can only be engaged within this limit.
In any case, Reveal cannot sell any Data to third parties.
Your Data is not transferred outside European Union. However, should this happen, only authorised service providers will receive your Data, with the implementation of appropriate safeguards. Please note that your Data may be transferred to third parties who are legally entitled to access it upon specific request, in certain cases provided for by law: judicial authority, administrative authority, etc. Your Data may also be communicated to third parties if this is necessary to protect and/or defend our rights, to enforce compliance with these provisions.
Article 6 // User's rights
To exercise your rights as listed below, you must contact the DPO at one of the addresses listed in Article 4 and provide him with any useful information to clearly identify him.
More specifically, you must provide proof of your identity, your email address and, if need be, the reference of your Special Agreement or your user account.
We will reply to requests to exercise your rights by email to the address provided in your request as soon as possible and, in any event, within the legal deadlines.
Any request that is abusive or unfounded with regard to laws and regulations may be rejected.
In accordance with the Regulations, in particular articles 15 to 22 of the RGPD, you benefit from the following rights concerning the processing of your Data, within the legal limits:
Right of information: to obtain information on the conditions of processing (recipients, purposes, categories of data, etc.);
Right of access: to obtain confirmation as to whether or not your Data concerning are being processed, and, where that is the case, to obtain information on your Data and a copy of your Data;
Right to rectification: to correct or update your Data when they are inaccurate or incomplete;
Right to erasure: to request the deletion of one's Data;
Right to restriction of processing: to request not to process all or part of the Data temporarily, without requesting their deletion;
Right to data portability: to receive your Data in a structured, commonly used and machine-readable format and to be able to easily transmit them to a third party;
Right to object: to object to processing for reasons related to your particular situation, or to withdraw your consent for processing based on this legal basis;
Right to define specific guidelines for the processing of your post-mortem Data.
