Confidentiality agreement

Updated on 02/01/2022.

Taqt offers tools and a platform marketed under the name "Taqt" that enable improved operations through attendance, incident and satisfaction management. Taqt understands the importance of protecting personal information. For this reason, Taqt strives to implement business procedures and security measures to protect the personal information it processes.

✔ Application and scope

This Privacy Policy ("Policy") is intended to inform Taqt's users and customers of the responsible and transparent practices that Taqt follows in processing personal information for the purposes of conducting its business

✔ Compliance

In the context of carrying out its activity and with regard to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable since 25 May 2018 (hereinafter the « GDPR »), Taqt endorses:

The capacity of data controller for the processing of personal data of persons with whom it is in contact in the context of the performance of its contractual relations with its Customers, as well as for the processing of any data of persons wishing to contact Taqt through the Site;
The capacity of subcontractor for the processing of personal data processed by means of Taqt Solutions and through the Platform.

✔ Definition of personal information

Personal information is defined as "any information relating to an identified or identifiable individual, natural person". This may include, for example, email addresses and contact details. Information that is anonymised and cannot be associated with an identifiable individual is not considered personal information.

1. Taqt's data protection policy in its capacity as data controller

For the management of any request made or any order placed on the Site, Taqt may collect, in whole or in part, the following personal data:

Purposes	List of data collected
To create, set up and administer the Customer's account, to respond to the Customer's requests relating to his account and to contact the Customer about Taqt's services or questions relating to his account	- First name - Last name - Email address
To provide services, including providing the Customer and its users with access to and use of the Taqt platform and customer support	- First name - Last name - Email address
Measure and analyse user behaviour in order to, among other things, monitor, maintain and improve Taqt's services or features and to create new services or features	- First name - Last name - Email address
To personalize or adapt the experience when using the services	- First name - Last name - Email address
To meet legal and regulatory requirements and to enable Taqt to meet the contractual requirements for the services provided to the Customer	- First name - Last name - Email address
Conducting surveys on the quality of Taqt's services or collecting feedback on the services	- First name - Last name - Email address
To provide the Customer with offers of additional products and services which, in Taqt's opinion, may interest him	- First name - Last name - Email address
Carry out a request made by an Internet user on the Site, a request for a trial of the services	- First name - Last name - Email address - and any other information provided by users when they make a request or contact Taqt through the Site.
Personnaliser et adapter l’expérience utilisateur	- First name - Last name - Email address - and any other information provided by users when they make a request or contact Taqt through the Site.
Personalize and adapt the user experience	- First name - Last name - Email address - and any other information provided by users when they make a request or contact Taqt through the Site.

Taqt may also use the information provided by Customers and users to create anonymised data for benchmarking or marketing purposes. Except as required or permitted by law, Taqt will not use the Customer's personal information for any other or new purpose without obtaining prior consent. In application of the principle of data minimisation or « Privacy by default », Taqt ensures that it collects only the data that is strictly necessary for the purpose for which it is processed.

✔ Basis

This collection is systematically based either on the performance of a contract or pre-contractual measures, or on the consent of the data subject, or on compliance with a legal obligation.

✔ Recipients of the data

Taqt only communicates personal data to its authorised internal departments, its subsidiaries or affiliated companies, its subcontractors, and to public bodies, exclusively to meet its legal obligations. Taqt may further share personal information where permitted and/or required by law or as follows:

Service providers. Taqt may grant access to personal information to third party service providers in connection with the performance or improvement of its website and services. Before sharing personal information with any of its third party service providers, Taqt will ensure that the third party concerned applies reasonable data management practices to preserve the confidentiality and security of personal information and to prevent unauthorised access.
As permitted or required by law. Taqt may disclose personal information if required to do so by applicable law or a competent legal or governmental authority. Taqt may also disclose information to its accountants, auditors, agents and attorneys in connection with the enforcement or protection of its rights. Taqt may also disclose certain personal information when it has reasonable grounds to believe that such disclosure is reasonably necessary to protect the rights, property and safety of others and itself, in accordance with or as permitted by law. In the event that Taqt receives a governmental or other regulatory request for a Customer's personal information, Taqt undertakes to inform the Customer immediately so that the Customer has the opportunity to defend against such action. Taqt undertakes to cooperate reasonably with the Customer in this defence.
Business Transaction. Taqt may disclose Personal Information to a third party in connection with a sale or transfer of a business or assets, a merger, reorganization or financing of parts of our business. However, in the event that the transaction is completed, personal information will still be protected by applicable data protection laws. In the event that the transaction is not completed, Taqt will require the other party not to use or disclose the personal information received in any way and to delete such information.

Taqt operates on a global scale and therefore, in some cases, information managed by Taqt may be transferred, processed and stored in other countries, although at all times Taqt ensures that personal information is protected by privacy and security procedures and safeguards that apply measures that provide the same degree of data protection as that established by the GDPR.

✔ Data retention period

Data collected in the context of placing an order on the Site

Your personal data is kept for the duration of your contractual relationship with us and for one (1) year from the last order placed by you on our Site. It is then archived for a period of five (5) years, for evidential purposes.

Data collected on the basis of the data subject's consent

Your personal data is kept for a period of three (3) years from the time of its collection from the moment you expressed your consent in this respect and provided you have not subsequently withdrawn your consent. This period is renewed each time you express a positive response to a personalised solicitation.

Data collected in other situations

Your personal data is kept for a period of three (3) years from the date of collection.

✔ Data security

Taqt ensures the security of personal data by implementing enhanced organisational and technical security measures. In particular, Taqt will store and process personal information in a manner consistent with industry security standards. Taqt has implemented technical, organisational and administrative systems, policies and procedures to help ensure the security, integrity and confidentiality of personal information and to reduce the risk of unauthorised access to or use of personal information, including (i) a security design to prevent compromise of its own information systems, computer networks or data files by unauthorised users, viruses or malicious computer programs ; (ii) appropriate internal practices, including encryption of data in transit; use of appropriate firewall and anti-virus software; updating these countermeasures, operating systems and other applications with up-to-date virus definitions and security patches to avoid any negative impact on the personal information it manages; Establishing an appropriate logging and alerting system to monitor access controls and ensure data integrity and confidentiality; allowing access to systems and applications only to authorised users; for this purpose, those who have authorised access to personal information are those who have a genuine business need to have access to it ("security programme").

✔ Training and supervision

Taqt maintains adequate training programs to ensure that its employees and others acting on its behalf are aware of and comply with its security program. Taqt exercises the necessary and appropriate supervision over its relevant employees to maintain the appropriate confidentiality and security of the personal information it manages.

✔ Data incidents involving personal information

Taqt undertakes, where legally required to do so, to promptly notify the Customer of any reasonably suspected or actual loss of data or breach or compromise of its security program that results or may result in the loss or unauthorized access, disclosure, use or acquisition of the Customer's personal information (including paper records) or otherwise presents a potential threat to such information ("Data Incident"). Although the initial notice may be in summary form, full written notice may be given to the customer within the time limits required by law. The notice shall summarize in reasonable detail the nature and scope of the Data Incident (including each type of data element) and the corrective action already taken or to be taken by Taqt. Taqt will promptly take all necessary and desirable corrective actions, and will cooperate fully with the Customer in all reasonable efforts to mitigate the adverse effects of the Data Incident and to prevent its recurrence.

✔ Your rights

You have the right to access, rectify, object to, restrict (i.e. have the data temporarily made inaccessible), erase your personal data, as well as the right to portability. By exercising the right to portability, the user can either (i) request the return of their personal data or (ii) request the transfer of the same data to a third party that they have designated. To exercise these rights, you must send an email to Taqt at the following email address contact@taqt.com. Each request must be accompanied by proof of identity. In case of reasonable doubt as to your identity, you may be asked for additional information necessary to confirm your identity. In the event of manifestly unfounded, excessive or repeated requests, Taqt reserves the right to refuse to comply.

2. Taqt's data protection policy with regard to its capacity as a data processor

The purpose of the following provisions is to define the conditions under which Taqt, in its capacity as the Customer's subcontractor, undertakes to carry out, on behalf of the Customer, the personal data processing operations defined below.

✔ Nature of the personal data processed

Taqt may process, on behalf of the Customer and according to its instructions, the following personal data of its staff and/or users of the Taqt Solutions and/or the Platform (hereinafter the « Personal Data »): surname, first name, email address and, where applicable, photo.

✔ Nature and purpose of the processing

The Customer expressly authorises Taqt to process, on its behalf, the Personal Data necessary for the provision of the Services as defined herein. The Personal Data is processed for the purposes of operating the Taqt Solutions and providing the Services.

✔ Category of data subjects

The data subjects of this processing are as follows:

The Client's staff ;
The Customer's customers and/or suppliers ;
And more generally, any user of Taqt Solutions and Services.

✔ Obligations of Taqt as a subcontractor

In its capacity as subcontractor, Taqt undertakes to respect and comply with the following obligations:

To process the Personal Data collected solely for the sole purpose(s) that is/are the subject of the subcontracting as listed in the article « Nature and purposes of the processing »;
To process the Personal Data only on the instructions of the Customer, who undertakes to notify it in writing, and in accordance with these instructions. In the event that Taqt considers that an instruction constitutes a violation of the GDPR or of any other provision of Union law or the law of the Member States relating to data protection, it undertakes to inform the Customer immediately. In addition, if Taqt is required to transfer data to a third country or to an international organisation by virtue of the law of the Union or the law of the Member State to which it is subject, it undertakes to inform the Customer of this prior to any processing, unless the law concerned prohibits such information for important reasons of public interest;
To guarantee the confidentiality of the Personal Data processed in the context of the execution of the present contract ;
To ensure that persons authorised to process Personal Data hereunder:

are committed to confidentiality or are subject to an appropriate legal obligation of confidentiality ;
receive the necessary training in the protection of Personal Data.

Take into account, with respect to its tools, products, applications or services, the principles of data protection by design and data protection by default.

✔ Subcontracting

The Parties agree that Taqt may, in its performance of the Services, call upon another subcontractor (hereinafter the « Subsequent Subcontractor ») to carry out specific processing activities. In this case, it is required to inform the Customer in advance and in writing of any change envisaged concerning the addition or replacement of subsequent Subcontractors. The Client has a period of fifteen (15) days from the date of receipt of this information to present its objections. Such subsequent subcontracting may only be implemented if the Client has not raised any objections within the agreed period. The subsequent Subcontractor shall be obliged to fulfil the obligations hereunder on behalf of and in accordance with the instructions of the Customer. In this respect, it is Taqt's responsibility to ensure that the Subsequent Subcontractor presents the same sufficient guarantees regarding the implementation of appropriate technical and organisational measures so that the processing meets the requirements of the RGPD. In the event that the Subcontractor does not fulfil its data protection obligations, Taqt acknowledges and accepts that it shall remain fully responsible to the Customer for the performance by the Subcontractor of its obligations.

✔ Right to information of the persons concerned

The Client acknowledges and agrees that it is obliged to inform the data subjects of the processing that is carried out in relation to their Personal Data at the time of collection.

✔ Exercising the rights of the persons concerned

Taqt undertakes to use its best efforts to assist the Customer in fulfilling its obligation to comply with requests to exercise the rights of data subjects.

✔ Notification of Personal Data breaches

Taqt is required to notify the Customer of any breach of Personal Data as soon as possible after becoming aware of it, by any means deemed useful. This notification must be accompanied by any useful documentation to enable the Customer, if necessary, to notify this breach to the competent supervisory authority. The notification must contain at least the following information :

a description of the nature of the Personal Data breach including, if possible, the categories and approximate number of persons affected by the breach and the categories and approximate number of Personal Data records affected ;
the name and contact details of the Data Protection Officer (DPO) or other point of contact from whom further information can be obtained ;
a description of the likely consequences of the Personal Data breach ;
a description of the measures taken or proposed to be taken by Taqt to remedy the Personal Data breach, including, where appropriate, measures to mitigate any negative consequences. Insofar as it is not possible to provide all this information at the same time, the information may be communicated in a staggered manner. When this breach is likely to result in a high risk for the rights and freedoms of a natural person, Taqt undertakes to communicate, in the name and on behalf of the Customer and after the latter's agreement, the Personal Data breach to the person concerned as soon as possible. The communication to the data subject must describe, in clear and simple terms, the nature of the Personal Data breach and contain at least :

a description of the nature of the Personal Data breach ;
the name and contact details of the Data Protection Officer (DPO) or other point of contact from whom further information can be obtained ;
a description of the likely consequences of the Personal Data breach ;
a description of the measures taken, or proposed to be taken, by Taqt to remedy the Personal Data breach, including, where appropriate, measures to mitigate any negative consequences.

✔ Security measures

Taking into account the state of knowledge, the costs of implementation and the nature, scope, context and purposes of the processing as well as the risks, which vary in probability and severity, to the rights and freedoms of natural persons, the Customer and Taqt declare that they implement the appropriate technical and organisational measures in order to guarantee a level of security appropriate to the risk.

✔ Fate of the data

At the end of the contractual relationship, Taqt undertakes to destroy all the Personal Data. Once destroyed, Taqt is required to justify the destruction to the Customer in writing.

✔ Register of categories of processing activities

Taqt declares that it keeps a written register of all categories of processing activities carried out on behalf of the Customer (hereinafter the « Register »). The Register includes the following information in particular :

the name and contact details of the Client ;
the categories of processing carried out on behalf of the Customer ;
where applicable, transfers of personal data to a third country or to an international organisation, including the identification of that third country or international organisation and, in the case of transfers referred to in the second subparagraph of Article 49(1) of the GDPR, the documents attesting to the existence of appropriate safeguards ;
to the extent possible, a general description of the technical and organisational security measures including, inter alia, as appropriate:

pseudonymisation and encryption of Personal Data ;
means to ensure the continued confidentiality, integrity, availability and resilience of processing systems and services ;
means to restore the availability of and access to Personal Data within an appropriate timeframe in the event of a physical or technical incident ;
a procedure to regularly test, analyse and evaluate the effectiveness of technical and organisational measures to ensure the security of processing.

✔ Documentation

Taqt undertakes to make available to the Customer the documentation necessary to demonstrate compliance with all its obligations and to allow audits and inspections to be carried out by the Customer or any other auditor appointed by it, and to contribute to them.

✔ Obligations of the Customer towards Taqt

As a data controller, the Customer undertakes to :

To document, in writing, all instructions concerning the processing of data by Taqt ;
To ensure, beforehand and throughout the processing, that Taqt complies with its obligations under the RGPD ;

Supervise the processing of Personal Data by Taqt.

3. Policy on the use of cookies

This section informs you of your rights, the origin and use of navigation information processed during your visit to the Site.

✔ The cookies we issue on our platform

A cookie is a text file, often encrypted, stored in your browser. It is created when your browser loads a given website: the website sends information to the browser, which then creates a text file: the cookie. Each time you return to the same site, the browser retrieves this file and sends it to the website's server. Two types of cookies can be distinguished, which do not have the same purpose: technical cookies and advertising cookies:

Technical cookies are used throughout your navigation on the Site, in order to facilitate it and to perform certain functions. A technical cookie may, for example, be used to remember the answers you give in a form or your preferences regarding the language or presentation of a website, where such options are available.
Advertising cookies may be created not only by the website you are browsing, but also by other websites displaying advertisements, announcements, widgets or other elements on the page displayed. These cookies can be used to carry out targeted advertising, i.e. advertising determined according to your navigation.

Taqt uses technical and advertising cookies. The cookies we issue are used for the purposes described below, subject to your choices, which result from the settings of your browser software used when you visit our platform that you can express to us at any time. This information is kept for a maximum of 13 months.

✔ The purposes of depositing cookies:

⮚ Personalised advertising These cookies allow us to analyse your browsing and to define your centres of interest in order to offer you more relevant advertising, adapted to your centres of interest. Deactivating them has no impact on the volume of advertisements you receive, but they will not be personalised. ⮚ Audience measurement These cookies enable us to establish statistics and volumes of visits to our site and the use of the various elements that make up our platform (sections and content visited, paths taken). Deactivating them prevents us from monitoring and improving the quality of navigation on our Site. ⮚ Maintaining the continuity of the services offered on the Site By depositing these cookies, Taqt memorises information relating to a form that you have filled in on our platform (registration or access to your account) or to products, services or information that you have chosen on our platform (subscribed service, contents of an order basket, etc.); The cookies used for this purpose ensure that the choices you have made on the Site are kept in memory so that you do not have to re-express these choices each time you browse the Site. Deactivating them will result in Taqt proposing actions or choices to the user each time he/she browses the Site, even if the user has expressed these choices during previous browsing of the Site. ⮚ Adaptation and maintenance of display preferences expressed on the Site The placement of this cookie enables the presentation of our platform to be adapted to the display preferences of your terminal (language used, display resolution, operating system used, etc.) during your visits to our platform, according to the hardware and software for viewing or reading that your terminal has ; ⮚ Implementation of security measures, for example when you are asked to connect again to a content or service after a certain period of time.

✔ Third party cookies

Taqt uses the following third-party solutions that deposit cookies: ⮚ Analytics and performance cookies

Google Analytics | Taqt uses Google Analytics which is a statistical audience analysis tool that generates a cookie to measure information about website user activity, including but not limited to page views, source and time spent on our website. This information is de-identified and displayed as numbers, which means it cannot be traced back to individuals. Users can opt out of the use of Google Analytics by Taqt by visiting the Google Analytics opt-out page.

Google Tag Manager | Cookie Policy

⮚ Targeting Cookie

Facebook Ads | Cookie Policy - Privacy Policy
Google Adwords | Taqt uses Google AdWords Remarketing to advertise Taqt on the Internet and to advertise on third party websites (including Google) to previous site visitors. AdWords Remarketing will display ads to users based on which parts of Taqt's website they have visited by placing a cookie on the user's web browser. This could mean that Taqt advertises to previous visitors who have not completed a task on the site or it could take the form of an ad on the Google search results page, or on a Google Display Network site. This cookie in no way identifies the user or provides access to their computer or mobile device. The cookie is only used to tell other websites that the user has visited a particular page on the site, so that they can show the user ads for that page. If users do not wish to participate in Google AdWords remarketing, they can do so by visiting Google's ad preferences manager.
Linkedin Insight Tag | Cookie Policy - Privacy Policy

⮚ Other third party cookie tools

Hubspot | Taqt uses HubSpot to view information about website users' activities, including, but not limited to, page views, source and time spent on our website. However, this information is not de-identified and users cannot opt-out of Taqt's use of HubSpot.
Other analytics or data trackers (SDK or ServerSide)
MailChimp | Privacy Policy

Taqt may also allow a limited number of trusted third parties to place cookies on users' hard drives from the website. The website may include third party advertisements and links to other websites which may be used to generate personalised advertisements. Personalised advertisements, sometimes called interest-based or behavioural advertisements, are advertisements based on information about users, such as pages viewed on the site, requests for information or purchases on the site. Taqt does not provide any personal information to advertisers or third party sites that serve interest-based ads on the site. However, advertisers and other third parties (including ad networks, ad serving companies and other service providers they may use) may assume that users who interact with or click on a personalized ad or content displayed on the website are part of the group for which the ad or content is intended.

✔ Your choices regarding cookies

You can configure your browser software so that cookies are stored on your terminal or, on the contrary, that they are rejected, either systematically or according to their sender. You can also configure your browser software so that you are offered the option of accepting or rejecting cookies from time to time, before a cookie is likely to be stored in your terminal.

Agreement on cookies

The recording of a cookie in a terminal is essentially subject to the will of the terminal user, which he or she can express and modify at any time and free of charge through the choices offered by his or her browser software. If you have accepted the storage of cookies in your terminal, the cookies integrated into the pages and content that you have consulted may be stored temporarily in a dedicated space on your terminal. They will only be readable by their sender.

Refusing cookies

If you refuse to accept cookies on your terminal, or if you delete the cookies stored on your terminal, you will no longer be able to benefit from a certain number of functions which are nevertheless necessary for browsing in certain areas of our platform. This would be the case if you tried to access our content or services that require you to be identified. This would also be the case if we - or our service providers - were unable to recognise, for technical compatibility purposes, the type of browser used by your terminal, its language and display settings or the country from which your terminal appears to be connected to the Internet. Where applicable, we decline all responsibility for the consequences linked to the degraded functioning of our services resulting from the impossibility for us to record or consult the cookies necessary for their functioning and which you would have refused or deleted.

How to exercise your choices, depending on the browser you use?

For the management of cookies and your choices, the configuration of each browser is different. It is described in the help menu of your browser, which will allow you to know how to modify your wishes regarding cookies:

Internet Explorer
Safari
Chrome
Firefox
Opera

Advertisers or advertising companies working on their behalf sometimes use technology to serve ads that appear on the website directly to users' browsers. They may also use cookies to measure the effectiveness of their advertisements and to personalise the content of the advertisements. Taqt has no access to or control over cookies or other features that advertisers and third party sites may use, and the information practices of such advertisers and third party sites are not covered by this policy. Please contact them directly for more information about their privacy practices. Users may also generally opt out of receiving personalized advertisements from third party advertisers and ad networks.

✔ Changes to the Privacy Policy

Taqt will review and update its policies and procedures as necessary to keep pace with rules and regulations, new technologies, standards and customer concerns. This policy may therefore change from time to time. This policy was last updated on 22/12/2021.