Qomon’s approach is represented by security, confidentiality and continuous protection of personal data (the “Data”) of the users of its services.
The purpose of this policy is to inform you of the rules that we apply with regard to Data protection. More specifically, it describes how we collect and process your personal data and how you can exercise your rights regarding this data.
We apply a strict policy to ensure the protection of your Data; thus:
● We do not sell your Data to third parties
● We ensure that your Data is always safe and secure
This policy complements the master terms of services
It covers the use of:
- our Qomon.com website, landing pages and the services accessible from this site
- our web platform accessible through qomon.app
- our IOS and Android mobile applications as soon as you download
them to your mobile device
This policy also covers contacts through social networks by Qomon’s Customers or prospects, as well as prospects contacted by Qomon (or its subcontracting partners), by email and/or telephone.
The present policy does't cover the use of qomon.org domain and services accessible from this site.
For the Service accessible through qomon.org domain, Qomon acts as a sub-contractor for hosting online services (such as petitions, forms and online surveys) on behalf of its customers. Qomon does not collect any personal data (including tracking systems or cookies) on qomon.org service for its own behalf.
The Customer acts as the data controller and is the owner of the personal data collected through the Service.
The Customers that are legal entities undertake to transmit this information to any natural person likely to be concerned by the Data processing carried out. Qomon undertakes to procure that all its partners or subcontractors comply with the applicable provisions.
Data is collected based on a legal basis provided by applicable laws including the GDPR, UK GDPR and CCPA depending on your country and the entity that bills you (For US & Canada, Qomon inc. and for the rest of the world Dolphins Sas), namely your consent to the processing of your Data, when the processing of your Data is necessary for the performance of the contract by Qomon or in order to take steps at your request prior to entering into a contract, based on a legal obligation or a legitimate interest of Qomon (specifically for the purposes of risk management or the improvement of our offers and services according to the preferences of the Customers).
We collect your Data through forms that you fill in on our website or mobile applications to subscribe to our services. We also collect your Data when you correspond with us, specifically with our sales team or customer success team, by email, chat or phone.
In this case, we keep a copy of this exchange, for the periods indicated below. We may also collect your Data when you interact with us on social networks.
The categories of Data (for most of the field, the collection is optional) we process are as follows:
● Account data: surname, first name, date of birth, photo, postal address, e-mail address, mobile phone number, industry, organisation name, country, preferred langage, notes, favorite features, goal of using Qomon
● Authentication and identification data when using our website or our applications: username, password
● Professional and tax data: VAT number, address, Identification Number
● Transaction data: date, time of transaction, amount, ,country, MCC (Merchant Category Code), payment details
If you do not provide us with such Data, we will not be able to provide you with the services provided for in the terms of services.
For prospects & leads
● We also collect your contact data and data of your interaction with us: messages, emails, calls, interaction on our sites, mobile applications and social networks
● Data from subcontractors: in order to improve our quality of service, we also collect Data from our subcontractors, in particular from -professional databases.
We also collect your Data when you connect to our web app or mobile applications. The Data collected is as follows:
● Technical connection information, specifically your IP address, the type and version of your browser, your time zone, installed plug-ins, the type of device you use to connect, the identification number of your terminal, your operating system, cookie data.
● Information about your visits: the number of connections, connection times, pages visited, connection times, searches made, your response time, links you clicked.
We only process your Data for specific, explicit and legitimate purposes. The purposes pursued are as follows:
● For the purposes of the service, specifically for the performance of the Terms of Services that you sign with us when you start a subscription or contract with us.
● To prevent, investigate and detect attack.
● To deal with your complaints, according to the procedure we implement.
● To improve the service we offer you and to provide you with new features.
● To facilitate your interactions with our services, specifically with our customer support team or sales team, and to be able to help you in the best conditions.
● To improve your navigation on our website or the use of our applications and to ensure that the content we display is tailored to your needs.
● To allow you to give us your opinion on the services we offer you in order to constantly improve them.
● To provide you with offers of products or services that are similar or that may be of interest to you, offered by us
● To ensure the security of your Data and operations.
● Subject to your prior consent, to allow you to automatise certain tasks by connecting account to third party applications.
● To improve our quality of service, we may also record your telephone communications with our customer support.
The Data collected is intended for us and, when strictly necessary, for our subcontractors and partners involved in the provision of our services.
The categories of recipients of the collected Data are as follows:
- Web hosting providers;
- Providers in charge of analysis and marketing (soliciting prospects by email or telephone, contact with Customers);
- Communication Services;
- Customer service support providers;
- Supervisory authorities, regulators and public authorities and administrations;
Personal Data may also be disclosed in response to lawful requests made by government agencies or public authorities —including public officers or debt collection organizations— to meet national security, law enforcement, or any other legal requirements.
Depending on where you are located, we might have to enforce local regulations and requirements where the use of a local phone number requires verification of customer's identity and collection and storage of user details (in particular, first/last name and address) in the event we should receive an official request from a competent local authority.
If you are located in Europe, South America, Oceania, Asia, or Africa:
The Data we collect is stored on the servers of ours providers either OVH and Scaleway for users and Customers of Qomon Services and the data collected by our Customers (qomon.app and qomon.org) or Amazon Web Services for visitors of our marketing website (qomon.com), which both ensure a high level of security. These servers are located within the European Union, in France, Germany and Luxembourg.
If you are located in North America (US or Canada):
The Data we collect is stored on the servers of our provider Amazon Web Services for users, visitors of our marketing websites,customers of Qomon Services and the data collected by our Customers (qomon.app and qomon.org).
European Personal Transfer of Data for Customer of Qomon
If your billing address is located in North America (United States or Canada), Qomon inc.Terms and conditions (link) apply, please visit our legal center (link)
For the purposes of the service, we may transfer some of your Personal Data to our subcontractors, some of whom are located outside the European Union or the European Economic Area. Personal Data can also be processed by mere access by individuals working outside Europe who work for us or for one of our trusted service providers (Data Processors). In this case, we ensure that they are located in a country considered adequate by the European Union in terms of Data protection (most notably as per the requirements of the GDPR) or we ask them to contractually commit to implement equivalent measures to ensure the protection of your Data (European Commission’s standard contractual clauses and additional measures if necessary ).
Qomon also keeps monitoring the legislative development and latest guidance in relation to the personal data transfers outside Europe and commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities.
The transmission of your Data via the Internet is secured through the HTTPS connection protected by an SSL certificate.
We have a security specialist within the team and our systems are audited very regularly.
Access to your Qomon account is secured by your username and password which must be strong enough and not shared.
We store your Data only as long as is necessary for the purposes for which they were collected.
With regard to the telephone communications that we record, these will be stored for a maximum period of 60 days as from the recording.
In accordance with the applicable regulations, you have rights when your Data is processed:
Right of access: you have the right to obtain confirmation from us as to whether or not Data concerning you are being processed and to receive a copy of all the Data that we hold on you.
Right to portability: when the processing is based on your consent or on a contract and is carried out using automated processes, you may receive from us Data concerning you in a structured, commonly used and machine-readable format, in particular for the purposes of transmit Data to a third party. Where technically possible, you also have the right to have your Data transmitted directly to this third party.
Right to rectification: you have the right to request the rectification of the Data we hold on you if the latter are incomplete or inaccurate. In this case, we may ask you to verify the new Data provided.
Right to be forgotten: in certain circumstances provided for by international privacy law standards, you can ask us to erase your Data. The applicable regulations provide for exceptions to the exercise of this right, specifically when processing voter files or public services files.
Right to restriction: you can obtain from us the restriction of the processing of your Data.
Right to object: you may object at any time for reasons relating to your particular situation to the processing of your Data based on our legitimate interest, including for profiling purposes, except for legitimate and compelling reasons that would prevail or for the establishment, exercise or defense of rights in court. When your Data is processed for marketing purposes, you have the right to object at any time to such processing, including profiling related to such marketing.
Right to withdraw your consent: where it constitutes the legal basis for the processing of your Data, you have the right to withdraw your consent to the processing of your Data at any time, which shall not render unlawful any prior processing based on such consent.
Right related to automated decision-making and profiling: you have the right not to be subject to a decision based exclusively on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way. This right is subject to exceptions, in particular where automated decision making or profiling is necessary for entering into, or performance of, a contract. In this case, the data subject retains the right to obtain human intervention by the data controller, to express his or her views and to challenge the decision.
Right to lodge a complaint: you can lodge a complaint with the supervisory authority located in the state or country in which you’re based/
Right to issue advance directives: you have the right to issue directives concerning the storage, erasure and communication of your Data after your death. These directives are either general or specific.
You can exercise your rights using our dedicated portal online accessible through this link.
You can also send you request to our Data Protection Officer (DPO) or to our Customer Support at the addresses below. All applications for the exercise of a right must be accompanied by an identity document of the applicant, containing photograph of the applicant. A reply will be sent to you within one month of receipt of your request. To this end, we may request additional information or documents from you.
If you have any questions regarding the processing of your personal data or if you have any comments, requests or complaints regarding their confidentiality, you can contact our Data Protection Officer:
If you are located in North America (US or Canada):
Qomon inc. - Data Protection Officer
33 W 46th, Suite 800
New York, NY 10036
If you are located in Europe, South America, Oceania, Asia, or Africa:
Qomon - Dolphins sas (Data Protection Officer)
7 place de l’hotel de ville
93600 Aulnay sous Bois
By submitting a request to exercise your rights on the dedicated portal accessible here