Data Legal Drive (hereinafter “DLD” or “we”), acting as a data controller within the meaning of the European Regulation No. 2016-679 of 27 April 2016 and the amended French Data Protection Act of 6 January 1978 (hereinafter, together, the “Regulations”), attaches great importance to the protection of personal data and respect for your privacy.
The purpose of this policy (hereinafter the “Policy”) is to inform you about the way in which we collect, use and share the personal data you provide to us via our website, datalegaldrive.com (hereinafter the “Site”), or our platform, Data Legal Drive (hereinafter the “Platform”).
This Policy is intended to apply only to the processing of information (hereinafter the “Personal Data”) that may identify or make identifiable the users of the Site or the Platform (hereinafter the “Users”), directly or indirectly.
Data Legal Drive undertakes to limit the processing of Personal Data to the cases listed in this Policy, and to update this Policy in order to guarantee a high level of protection of Personal Data in accordance with the applicable Regulations.
What data do we collect?
By using our Site or Platform, you may be required to provide us with Personal Data, either directly or indirectly (i.e. via third party sources), or through your use of the Site and Platform.
Thus, we collect your Personal Data in three ways:
- data that you provide to us,
- data we obtain from third party sources,
- and finally through the use you make of our Services.
The Personal Data collected may therefore include:
- Identification data, such as name, email or postal address, telephone number and social networks of the data subject;
- Transaction data, such as subscription amount and credit card number;
- Technical data, such as IP address, browser type and version, operating system used;
- Platform subscription data, such as username and password;
- Chat-related data, such as comments, requests, questions and information sent to our customer service via chat;
- Work-related data, such as company name, work email and occupation;
- Connection data, such as functions used, pages visited, settings selected, time stamps of visits and search terms;
- Location data, such as the geographical location of the User.
With respect to data collected from other sources, we may also obtain your contact and other personal information from our affiliates and other third parties, including :
- social networks where you grant permission to access your data on a social network;
- service providers who help us determine your location so that we can tailor certain services to your location;
- companies with whom we offer joint services and who warrant to us that they have obtained your data lawfully; and/or publicly available sources (and/or data providers from whom we obtain data).
Some of this Personal Data is collected via cookies on our Site or Platform. To learn more about how we manage these cookies, you can view our Cookie Policy at any time.
When collecting your Personal Information, you may be informed that some of it must be filled in to achieve the expected result. Failure to provide this mandatory information may make it impossible to execute the request.
Why do we collect your Personal Information?
We collect and process Personal Data from our Users only for the following purposes:
- To manage your access to and use of our Platform;
- To process your subscription request to our Platform;
- To respond to your requests for information and/or comments;
- To provide you with technical support and maintenance to ensure the proper functioning and security of our Site and Platform;
- To improve the functionality and quality of your experience on our Site and Platform by conducting tests, research, analysis, studies and surveys;
- To manage applications for recruitment purposes via our Site;
- To offer you relevant content, adapted and personalised to your interests and your geographical location;
- To carry out commercial prospecting operations;
- To promote our Platform;
- To send you changes, updates or any other news relating to our Site or Platform;
- To invite you to events that we organise, alone or in partnership;
- To invite you to participate in our customer satisfaction surveys, contests and promotions;
- To determine the impact of our promotional activities and to evaluate our marketing performance, surveys and other investigations, by identifying trends in the use of our Site and Platform;
- To comply with our legal obligations;
- To anticipate and resolve potential disputes;
- To perform and enforce all of our contracts.
On what legal grounds do we collect your Personal Data?
- We collect and process your Personal Data in accordance with the Regulations and only for the following legal purposes.
- Where necessary for the performance of a contract with you;
- Where necessary to comply with our legal obligations;
- Where you have expressly consented to the processing of your Personal Data;
- Where it is necessary to protect our legitimate interests (e.g. to detect, investigate and prevent technical, fraud and security problems, to protect our rights, property or the safety of our Users and employees, or in connection with marketing to professionals).
We inform you that when the processing of your Personal Data is based on your consent, you have the possibility to withdraw it at any time.
Who are the recipients of your Personal Data?
The Personal Data of our Users is strictly confidential and intended exclusively for Data Legal Drive.
Except if required by law, accounting or judicial authorities, we will not disclose, rent, transfer or transmit in any way your Personal Data to third parties other than :
- The host of our Website and Platform (located in France), for the purpose of performing database maintenance and hosting services;
- The publisher of a third-party application on our Site or Platform, for the purposes of accessing and using said application;
- Our service providers, distributors, representatives, subcontractors and partners, for the purposes of accessing the services requested, carrying out a transaction or responding to your requests for advice and information.
Why do we share your Personal Information?
We only share your Personal Data in the following cases:
- At the request of the competent authorities in the context of the search for offenders;
- In order to have third-party companies perform the IT services necessary for the proper functioning of our Site and Platform;
- In order to have our partners carry out your requests for legal information and your orders for legal services or specific support;
- In order to carry out a secure hosting of your Personal Data;
- For the purposes of commercial statistics and direct prospecting.
How long do we keep your Personal Data?
Your Personal Data is kept only for the period of time strictly necessary to achieve the purposes set out in this Policy, in accordance with the applicable laws and regulations. After this period, your Personal Data will be deleted.
In order to ensure total transparency in our relationship with our Users, we provide you with the following table summarizing the retention periods implemented by DLD.
| Purpose of the processing | Legal basis | Shelf life in active base | Retention period for archiving | Useful information |
| Application management | Legitimate interest | 2 years | N/A | The data of an unsuccessful candidate is kept in the active database for a maximum of 2 years |
| Conducting customer satisfaction surveys and studies | Legitimate interest | 3 years from the last customer contact or 2 years from the closure of the user account by the customer if applicable | N/A | |
| Offering personalised content through tracking and tracing of customer navigation | Consent | Until consent is withdrawn | N/A | Users may withdraw their consent to this processing at any time
|
| Evaluating business performance by identifying usage and navigation trends | Intérêt Legitimate interest | 3 years | N/A | |
| Sending invitations to events, competitions, sponsorships, promotions, and surveys | Consent | Until consent is withdrawn | N/A | Users may withdraw their consent to this processing at any time |
| Commercial prospecting | Consent / contract / legitimate interest | Until withdrawal of consent / duration of the contractual relationship + 5 years / for a period of 3 years from the last contact (e.g. a click on a hyperlink in an e-mail) | Intermediate archiving if we are legally obliged to do so (to meet accounting or tax obligations) or to provide evidence in the event of litigation | |
| Management of Platform user accounts and subscription requests | Contract | Duration of the contractual relationship | N/A | |
| Necessary management of the Site and the Platform | Law | 1 an | N/A | The retention period in the active database of data necessary for the management of a website (identity of visitors, connection data) is set at 1 year by Article 3 of Decree 2011-19 of 25 February 2011 |
| Management of Users’ requests for information and comments | Legitimate interest | 3 years | N/A | |
| Provision of technical support and maintenance | Legitimate interest / contract | 3 years / duration of the contractual relationship | N/A | |
| Management of the billing of subscriptions to the Platform | Law / contract | Duration of the contractual relationship | 10 years | Invoice data must be archived for 10 years according to Article L.123-22 of the Commercial Code |
| Information about updates and news sent by e-mail or sms | Legitimate interest / contract | 3 years for prospects or the duration of the contractual relationship for sending to customers | N/A | |
| Retention of prospect data for the promotion of the Platform | Consent / Legitimate interest | Until withdrawal of consent or 3 years from the last contact of the prospect | N/A | |
| Customer file retention | Contract | Duration of the contractual relationship and 5 years after the end of the relationship | N/A | |
| Retention of contracts and supplier files | Contract | Duration of the contractual relationship and 5 years after the end of the relationship | N/A | |
| Retention of data necessary for the prevention of possible litigation | Law | Duration of the legal prescription | N/A | The common legal limitation periods are as follows: 5 years in civil law and commercial law (Article 2224 of the Civil Code and Article L.110-4 of the Commercial Code), 2 years in consumer law (Article L.218-2 of the Consumer Code) |
Where do we transfer your Personal Data?
DLD mainly chooses service providers who host their data within the European Union. However, when necessary, we may transfer your Personal Data to service providers operating outside the European Union.
If these service providers operate in a country that is not considered to provide adequate protection by the European Commission, we implement the Standard Contractual Clauses approved by the European Commission and we also include a Data Processing Agreement (“DPA”) as part of our contractual relationship with these service providers.
How do we protect your Personal Information?
DLD undertakes to take all necessary and appropriate technical and organisational measures to guarantee the security and integrity of its Users’ Personal Data. These measures guarantee the protection of this data against any unauthorised access, modification, alteration, disclosure, loss or destruction.
If we use a service provider acting on our behalf as a subcontractor, we ensure that the latter complies with its security obligations prior to any communication of your Personal Data.
What are your rights regarding your Personal Data?
DLD guarantees the effective exercise of all the rights granted to you by the Regulation. You can therefore free of charge:
- Have access to your Personal Data;
- Rectify inaccurate Personal Data concerning you;
- Obtain the deletion of your Personal Data;
- Restrict our processing of your Personal Data;
- Withdraw your consent to the processing of your Personal Data;
- Object to the processing of your Personal Data;
- Obtain a copy of your Personal Data (right to data portability).
To exercise these rights, you can contact us at the following address: rgpd@datalegaldrive.com
We may require proof of identity to protect your privacy and security.
Further information
Changes to this Policy
We may amend this Policy to incorporate regulatory, legal, editorial or technical developments that raise the level of protection for your Personal Information.
For minor changes, we will change the “last updated” date to indicate the date the changes were made.
However, if we make substantial changes to this Policy, we will notify you directly, by e-mail or text message, of the changes made.
We also recommend that you check this page regularly for any changes or updates to our Policy.
Contact
If you have any questions about this Policy, you can contact us by sending an e-mail to the following address : rgpd@datalegaldrive.com
You may also refer to our Cookie Policy at any time if you wish to learn more about how we handle your Personal Data collected via cookies.