Privacy Policy

1. Field of application

This policy defines Otoqi obligations and resolutions in the safe processing of your personal data, in compliance with relevant regulation especially Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, synthetically called General Data Protection Regulation (hereafter GDPR).

2.Otoqi’s responsibility

Otoqi, located at 130 rue de Lourmel, 75015 Paris, is the data controller within the meaning of the RGPD, for the collection and processing of personal data carried out on the site accessible at the URL address: https://Otoqi.com/, hereinafter "the site"

" The site " ensures that the User's personal information is collected and processed with respect for privacy in accordance with the French Data Protection Act no. 78-17 of January 6, 1978, as well as the new European legislation on the protection of personal data.

Your requests for information or to exercise your rights may be sent to our Data Protection Officer at the following address: privacy@otoqi.com

3. Your personal data processing

During the visit of our website, we may collect some of your personal data:
- IP address
- Information related to your browser (cookies)
- HTTP response code
- Your identity (name, first name, phone number, e-mail address) if you communicate it voluntarily
- Data included in your CV if you answer a job advert.

Otoqi may collect and process your data in the following cases:
- When you contact us directly to request information on our products and services for which you have an interest or for any other question.
- When you become a client and use our products
- When you answer a marketing campaign, for example by completing a response card or using contact form on our website.
- When you answer a job advert.
 To optimize website functioning.

4. Lawful bases for our processing

We don’t process your personal data unless a legal provision allows us to do so. We process your data particularly based on GDPR art. 6 and 9 as well as on your consent gathered in compliance with GDPR art. 7. Processing of your data is based on following lawful bases:

5. Security measures

We deploy security measures to protect and maintain the confidentiality, integrity, and availability of your data. Nevertheless, an inherent risk exists in the transmission of data through internet, particularly risk of intrusion.

We, our subcontractors, and commercial partners work together to ensure the physical and electronic security of your data. We use, among others, following measures: data encryption, connection securing, access restriction, firewalls, anti-virus.

All your data is stored on secured servers. These servers may be ours or our subcontractors or commercial partners' property. They are used in compliance with our policies and security norms.

6. Data storage

We store your data as long as necessary for the purpose on which we gathered them. Access to your data is restricted to employees having proper authorizations and a need to access these data on a specific purpose.

Your data might be stored for a longer period, especially to comply with a legal obligation or exercise our rights. In such cases, we don’t store our data longer than applicable legal prescription, regarding prescription period and extinction of judiciary action.

7. Data transfers

We formally prohibit ourselves from disclosing, assigning, transferring, or communicating all or part of your information to third parties, with the exception of:
- Service providers, commercial partners strictly necessary for the provision on our behalf of products and services:
‍
Google for messaging
OVH for the hosting of our websites
Hubspot for the management of the CRM
‍
- Third parties to whom we are obliged to provide information for legal or regulatory purposes: police and judicial authorities in particular.

If any of these third parties are located outside the European Economic Area, we will ensure that they agree to apply the same level of protection as that required in France. In the event that a transfer outside the EU should be made, we will ensure that appropriate legal safeguards are implemented according to the particular circumstances of the place of receipt of the data.

8. Automated decision

Otoqi doesn’t proceed to any automated processing of your personal data, including profiling.

9. Your rights on your personal data

As a data subject, you have the following rights:
- The right of access to your data
- The right to rectification of your data
- The right to erasure of your data
- The right to limitation of the processing of your data
- The right to portability of your data
- The right to object to the processing of your data
- The right to withdraw your consent in the case of data processing with a legal basis
-The right to organize what happens to your data after your death

These rights can be exercised by sending a request to our Data Protection Officer, either by e-mail to the following address
privacy@otoqi.com
Or by post to the following address:
130 rue de Lourmel, 75015 Paris

We always aim to respond to all requests within 30 days. However, this time limit may be extended if necessary, for reasons linked to the specific law of the party concerned or to the complexity of your request.

Before granting your request and in the event of reasonable doubt as to your identity, we may require the production of proof of identity enabling us to remove this doubt.

In the event that it is not possible for us to grant your request, we will inform you of its rejection and the reasons for it.

10. Supervisory authority

If you consider that we didn’t answer properly to your request, you may contact the controlling authority of your country:
www.CNIL.fr

or by post:
3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France