“Qomon” is the trading name of the company DOLPHINS SAS.
Dolphins’s approach is represented by security, confidentiality and continuous protection of personal data (the “Data”) of the users of its services, in accordance with current European regulations, specifically the French Data Protection Law [Loi Informatique et Libertés] of 6 January 1978, as amended (LIL) and the General Data Protection Regulation of 27 April 2016 (GDPR).
The purpose of this policy is to inform you of the rules that we apply with regard to Data protection. More specifically, it describes how we collect and process your personal data and how you can exercise your rights regarding this data.
We apply a strict policy to ensure the protection of your Data; thus:
● We do not sell your Data to third parties
● We ensure that your Data is always safe and secure
This policy complements the master terms of services
It covers the use of:
- our Qomon.com website, landing pages and the services accessible from this site
- our web platform accessible through qomon.app
- our iOS and Android mobile applications as soon as you download
them to your mobile device
This policy also covers contacts through social networks by DOLPHINS’s Customers or prospects, as well as prospects contacted by DOLPHINS (or its subcontracting partners), by email and/or telephone.
The Customers that are legal entities undertake to transmit this information to any natural person likely to be concerned by the Data processing carried out. Dolphins undertakes to procure that all its partners or subcontractors comply with the applicable provisions.
Data are collected based on a legal basis provided by the GDPR (or UK GDPR), namely your consent to the processing of your Data, when the processing of your Data is necessary for the performance of the contract by Dolphins or in order to take steps at your request prior to entering into a contract, based on a legal obligation or a legitimate interest of Dolphins (specifically for the purposes of risk management or the improvement of our offers and services according to the preferences of the Customers).
We collect your Data through forms that you fill in on our website or mobile applications to subscribe to our services. We also collect your Data when you correspond with us, specifically with our sales team or customer success team, by email, chat or phone.
In this case, we keep a copy of this exchange, for the periods indicated below. We may also collect your Data when you interact with us on social networks.
For customers, the categories of Data we process are as follows:
● Account data: surname, first name, date of birth, photo, postal address, e-mail address, mobile phone number, industry, organisation name, country, preferred langage, notes
● Authentication and identification data when using our website or our applications: username, password
● Professional and tax data: VAT number, address, Identification Number
● Transaction data: date, time of transaction, amount, ,country, MCC (Merchant Category Code), payment derails
If you do not provide us with such Data, we will not be able to provide you with the services provided for in the terms of services.
For prospects & leads
● We also collect your contact data and data of your interaction with us: messages, emails, calls, interaction on our sites, mobile applications and social networks
● Data from subcontractors: in order to improve our quality of service, we also collect Data from our subcontractors, in particular from -professional databases.
We also collect your Data when you connect to our web app or mobile applications. The Data collected is as follows:
● Technical connection information, specifically your IP address, the type and version of your browser, your time zone, installed plug-ins, the type of device you use to connect, the identification number of your terminal, your operating system, cookie data.
● Information about your visits: the number of connections, connection times, pages visited, connection times, searches made, your response time, links you clicked.
We only process your Data for specific, explicit and legitimate purposes. The purposes pursued are as follows:
● For the purposes of the service, specifically for the performance of the Terms of Services that you sign with us when you start a subscription or contract with us.
● To prevent, investigate and detect attack.
● To deal with your complaints, according to the procedure we implement.
● To improve the service we offer you and to provide you with new features.
● To facilitate your interactions with our services, specifically with our customer support team or sales team, and to be able to help you in the best conditions.
● To improve your navigation on our website or the use of our applications and to ensure that the content we display is tailored to your needs.
● To allow you to give us your opinion on the services we offer you in order to constantly improve them.
● To provide you with offers of products or services that are similar or that may be of interest to you, offered by us
● To ensure the security of your Data and operations.
● Subject to your prior consent, to allow you to automatise certain tasks by connecting account to third party applications.
● To improve our quality of service, we may also record your telephone communications with our customer support.
The Data collected is intended for us and, when strictly necessary, for our subcontractors and partners involved in the provision of our services.
The categories of recipients of the collected Data are as follows:
- Web hosting providers;
- Providers in charge of analysis and marketing (soliciting prospects by email or telephone, contact with Customers);
- Communication Services;
- Customer service support providers;
- Business intelligence solutions;
- Supervisory authorities, regulators and public authorities and administrations;
Your Data may also be transmitted to the competent authorities, at their request, in the context of legal proceedings, requests for information from the authorities or simply to comply with legal obligations.
The Data we collect is stored on the servers of ours providers either OVH or Amazon Web Services, which both ensure a high level of security. These servers are located within the European Union, in France, Germany and Luxembourg.
For the purposes of the service, we may transfer some of your Personal Data to our subcontractors, some of whom are located outside the European Union or the European Economic Area. In this case, we ensure that they are located in a country considered adequate by the European Union in terms of Data protection or we ask them to contractually commit to implement equivalent measures to ensure the protection of your Data (European Commission’s standard contractual clauses and additional measures if necessary )
The transmission of your Data via the Internet is secured through the HTTPS connection protected by an SSL certificate.
We have a security specialist within the team and our systems are audited very regularly.
Access to your Qomon account is secured by your username and password which must be strong enough and not shared.
We store your Data only as long as is necessary for the purposes for which they were collected.
With regard to the telephone communications that we record, these will be stored for a maximum period of 60 days as from the recording.
In accordance with the applicable regulations, you have rights when your Data is processed:
Right of access: you have the right to obtain confirmation from us as to whether or not Data concerning you are being processed and to receive a copy of all the Data that we hold on you under the conditions provided for in Article 15 of the GDPR.
Right to portability: when the processing is based on your consent or on a contract and iscarried out using automated processes, you may, under the conditions provided for in Article 20 of the GDPR, receive from us Data concerning you in a structured, commonly used and machine-readable format, in particular for the purposes of transmit Data to a third party. Where technically possible, you also have the right to have your Data transmitted directly to this third party.
Right to rectification: in accordance with article 16 of the GDPR, you have the right to request the rectification of the Data we hold on you if the latter are incomplete or inaccurate. In this case, we may ask you to verify the new Data provided.
Right to be forgotten: if one of the reasons provided for in Article 17 of the GDPR allows it, you can ask us to erase your Data. The applicable regulations provide for exceptions to the exercise of this right, specifically when processing voter files or public services files.
Right to restriction: in the cases provided for in article 18 of the GDPR, you can obtain from u sthe restriction of the processing of your Data.
Right to object: in accordance with Article 21 of the GDPR, you may object at any time for reasons relating to your particular situation to the processing of your Data based on our legitimate interest, including for profiling purposes, except for legitimate and compelling reasons that would prevail or for the establishment, exercise or defence of rights in court. When your Data is processed for marketing purposes, you have the right to object at any time to such processing, including profiling related to such marketing.
Right to withdraw your consent: where it constitutes the legal basis for the processing of your Data, you have the right to withdraw your consent to the processing of your Data at any time, which shall not render unlawful any prior processing based on such consent.
Right related to automated decision-making and profiling: you have the right not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way. This right is subject to exceptions as provided for in Article 22 of the GDPR, in particular where automated decision making or profiling is necessary for entering into, or performance of, a contract. In this case, the data subject retains the right to obtain human intervention by the data controller, t oexpress his or her views and to challenge the decision.
Right to lodge a complaint: you can lodge a complaint with the supervisory authority located in the Member State where you are, in France this is the CNIL (Commission Nationale de l’Informatique et des Libertés).
Right to issue advance directives: you have the right to issue directives concerning the storage, erasure and communication of your Data after your death. These directives are either general or specific.
You can exercise your rights by sending a request to our Data Protection Officer (DPO) or to our Customer Support at the addresses below. All applications for the exercise of a right must be accompanied by an identity document of the applicant, containing photograph of the applicant. A reply will be sent to you within one month of receipt of your request. To this end, we may request additional information or documents from you.
If you have any questions regarding the processing of your personal data or if you have any comments, requests or complaints regarding their confidentiality, you can contact our Data Protection Officer:
● By mail to the following address:
Dolphins sas (Qomon)-Data Protection Officer, 7 place de l'Hotel de ville 93600 Aulnay-sous-bois, France
● By e-mail to the following address: firstname.lastname@example.org
● By contacting our support team: By email email@example.com or by chat