Confidentiality Policy

1. What is the purpose of our Privacy Policy?

KRAAFT, which manages the Kraaft mobile application, attaches great importance to the protection and confidentiality of your personal data, which represents, for us, a guarantee of seriousness and trust.As such, our Personal Data Privacy Policy precisely testifies to our desire to ensure that, within KRAAFT, the applicable rules for the protection of personal data and, more particularly, those of the General Data Protection Regulation (“RGPD”). In particular, our Privacy Policy aims to inform you about how and why we process your personal data as part of the services we provide to you.

2. Who is our Privacy Policy for?

Our Privacy Policy is addressed to you, regardless of your place of residence, as long as you are at least 15 years old and you are a user of our Kraaft mobile application.

3. Why do we process your personal data and on what basis?

We process your personal data mainly for the following reasons:

- To use and benefit from our service (mobile application for site monitoring) and all its functionalities (e.g.: sharing reports, locating photos, etc.) based on our General Terms of Use.

- To ensure the management of user accounts (e.g. account creation, access to the service and deletion of accounts) on the basis of our General Terms of Use.

- To exchange between users via our internal messaging system made available on the basis of our general conditions of use.

- To use social media features based on our General Terms of Use

- To write free comments on the management of your files based on our general terms of use.

- To communicate with our support department via our internal messaging system based on our general terms of use.

- To receive our technical emails (e.g. password changes, etc.) essential for the proper functioning of our service on the basis of our general conditions of use.

- To be able to download and import documents on our platform based on our general conditions of use.

- To guarantee and strengthen the security and quality of our services on a daily basis (e.g. statistics, data security, etc.) on the basis of legal obligations imposed on us, our general conditions of use and our legitimate interest in ensuring the proper functioning of our services.

Your data is collected directly from you as soon as you are a user of our Kraaft mobile application and we are committed to processing your data only for the reasons described above.

4. What personal data do we process and for how long?

Below we have summarized the categories of personal data and their respective retention periods:

- Professional identification data (e.g. name, first name, position, company, etc.) and contact details (e.g. email address and professional telephone, etc.) kept for the duration of the provision of the service to which are added the legal limitation periods, which are generally 5 years.

- Email address to receive our technical messages kept until your account is deleted.

- Connection data (e.g. logs, IP address, etc.) kept for a period of 1 year.

At the expiration of the applicable retention periods, the deletion of your personal data is irreversible and we will no longer be able to communicate them to you after this period. At most, we can only keep anonymous data for statistical purposes.

Please also note that in the event of litigation, we are obliged to keep all the data concerning you for the duration of the processing of the file even after the expiry of their retention periods described above.

5. What rights do you have to control the use of your personal data?

The applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge, in order to control the use we make of your data.

- Right to access and copy your personal data as long as this request is not in contradiction with business secrecy, confidentiality, or even the secrecy of correspondence.

- Right to rectify personal data that is erroneous, obsolete or incomplete.

- Right to request the deletion (“right to be forgotten”) of your personal data that would not be essential for the proper functioning of our services.

- Right to the limitation of your personal data, which allows you to photograph the use of your data in the event of a dispute over the legitimacy of a treatment.

- Right to the portability of your data that allows you to recover part of your personal data in order to store or transmit them easily from one information system to another.

- Right to give instructions on the fate of your data in the event of death, either through you, or through a trusted third party or a beneficiary

For a request to be taken into account, it is imperative that it be made directly by you at dpo@kraaft.co. Any request that is not completed in this manner cannot be processed.

Requests cannot come from anyone other than you. We may therefore ask you to provide proof of identity in case of doubt about the identity of the applicant.

We will respond to your request as soon as possible with a maximum of three months from receipt in the event that the request is technically complex or if we receive numerous requests at the same time.

Please note that we may always refuse to respond to any excessive or unfounded request, particularly in view of its repetitive nature.

6. Who can have access to your personal data?

Your personal data is processed by our teams for the sole purpose of managing applications.

We specify that we check all our technical service providers before recruiting them in order to ensure that they scrupulously respect the applicable rules for the protection of personal data.

‍IN ADDITION, WE GUARANTEE THAT WE WILL NEVER TRANSFER OR RESELL YOUR DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS.‍

7. Can your personal data be transferred outside of the European Union?

The personal data processed by our Kraaft mobile application is exclusively hosted on servers located within the European Union.

In addition, we do our best to use only technical tools whose servers are also located within the European Union. If, however, this is not the case, we carefully ensure that they implement the appropriate guarantees required to ensure the confidentiality and protection of your personal data.

8. How do we protect your personal data?

We implement the following technical and organizational means to guarantee the security of your personal data on a daily basis and, in particular, to combat any risk of destruction, loss, alteration, or disclosure.

Technical security measures: Antibot, User password encryption (“Front” side), User password database (“Back” side) separated from identifiers, Encryption of user passwords (“Back” side), Encryption of the “users” database at rest and in transit, A/B Testing, A/B Testing, HTTPS protocol, HTTPS protocol, Penetration tests, Anti-spam for Kraaft team terminals, Complex password for KRAAFT teams' terminals.

Organizational security measures: Access badge, Information systems charter, Rules of good conduct, Awareness-raising and training for teams twice a year.

9. Do we use cookies when you use our mobile application?

‍WE GUARANTEE THAT WE DO NOT USE ANY ADVERTISING OR STATISTICAL COOKIES IN THE CONTEXT OF THE OPERATION OF OUR MOBILE APPLICATION.

‍We only use technical cookies that are necessary for the proper functioning of our mobile application, which we recommend not to remove and which does not require a cookie banner.

However, if you still wish to object to their use, you can use your browser settings by following the following instructions: Chrome, Microsoft Edge, Safari, Firefox and Opera.

10. Who can you contact for more information about the use of your personal data?

To best guarantee the protection and integrity of your data, we have officially appointed an independent Data Protection Officer (“DPO”) to our supervisory authority.

11. How can you contact the CNIL?

You can contact the “Commission Nationale de l'Informatique et des Libertés” or “CNIL” at any time at the following coordinates: CNIL Complaints Department, 3 place de Fontenoy — TSA 80751, 75334 Paris Cedex 07 or by telephone at 01.53.73.22.22.

12. Can the Privacy Policy be changed?

We may change our Privacy Policy at any time to adapt it to new legal requirements as well as to new treatments that we may implement in the future.

A question? Email us at contact@kraaft.co! 😉