Last updated:
CREATIVAS (hereafter “the Company” or “the Data Controller”) is committed to respecting your privacy and the data protection regulations. The data protection regulations include the European General Data Protection Regulation 2016/679 of 27 April 2016 (hereafter referred to as “the GDPR”) and the French law n°78-17 of January 6th, 1978 on information technology, data files and civil liberties modified by the French law n°2018-493 of June 20th, 2018 (hereafter referred to as “the French Data Protection Act”).
Please read the following to learn more about the Company’s privacy policy (hereafter “the Policy”). This Policy refers to websites of the Company available at the following URLs: https://creativas.io/ and https://help.creativas.io (hereafter “the Site(s)”) and also the purchase of Creativas products on the Atlassian marketplace exploited by the company Atlassian Corporation Plc.
Please do not submit or provide any personal data to the Company without having read, understood, and accepted this Policy in full. If you have any question about this Policy, please contact the Company:
CREATIVAS CONSULTING,
9 rue des colonnes
75002 Paris
France
Or send an email to gdpr@creativas.io
1. DATA CONTROLLER IDENTITY
The Data Controller is CREATIVAS CONSULTING, registered in the Trade Registry of Paris as number 952 012 250, with its head office at 9 rue des colonnes, 75002 Paris, France, represented by Hichem Jouini in his capacity as Chief executive officer. This means that the Company is the legal entity that processes the personal data on the Sites and implements procedures to safeguard this data and respect the rights of the data subjects.
2. FOR WHICH PURPOSES DOES THE COMPANY USE YOUR PERSONAL DATA?
The Company collects your personal data for the following purposes:
To send you information about the CREATIVAS services: after signing up for our communications, an email will be sent to you;
To meet your requests: after requesting information, the Company will contact you;
To perform the requested CREATIVAS services and products you purchase on the Atlassian marketplace;
To perform the requested support and maintenance services on the CREATIVAS Support and Maintenance Platform;
To conduct statistical analysis in order to understand our audience and adapt our services to your needs. These statistics are kept at the Sites of our various service providers.
3. ON WHICH LEGAL BASIS DOES THE COMPANY USE YOUR PERSONAL DATA?
The Company collects and processes information about you only where it has a legal basis to do so. In addition to instances where your consent has been collected, the processing of your personal data for the aforementioned purposes is necessary for the Company to:
Comply with a legal obligation;
Serve the following Company’s legitimate interests:
Processing of your personal data for research, product development and improvements;
Processing of your personal data for direct marketing – of the same, or similar, or related products and services;
Processing of your personal data for the purpose of security and protection of the Company’s legal rights and interests:
Prevention, detection and investigation of security incidents (unauthorized access, intrusion, misuse of company systems, networks, computers and information, including prevention of personal data breaches and cyber attacks);
IP rights protection and IP theft prevention.
4. WHICH PERSONAL DATA DOES THE COMPANY COLLECT?
4.1. Data you send to the Company directly
You directly provide to the Company personal data when you use the Sites or interact with the Company. This occurs on the following actions:
create an account;
leave a comment;
give us some feedback;
sign up for our communications (email lists, newsletters, etc.) or for any communication related to the products and services provided by the Company;
use the support and maintenance services on our Support and Maintenance Platform.
The personal data the Company collects when you use the Sites are:
Display name; [Mandatory]
Email address; [Mandatory]
Languages; [Optional]
Depending on the context of the communication (statutory or contractual requirement, or a requirement necessary to enter into a contract), if you do not provide us with this information, the Company will not be able to process your request.
4.2. Data the Company indirectly collects
The Company collects your personal data when you purchase Company’s products via the Atlassian marketplace exploited by Atlassian Corporation Plc. The personal data collected via the Atlassian marketplace are:
Email address; [Mandatory]
First name; [Mandatory]
Last name; [Mandatory]
Phone number; [Mandatory]
Languages; [Optional]
Company name; [Mandatory]
Country; [Mandatory]
Address; [Mandatory]
City; [Mandatory]
State/Province; [Optional]
Zip/Postcode; [Optional]
VAT Number; [Optional]
Billing contact; [Optional]
Email address; [Mandatory]
First name; [Mandatory]
Last name; [Mandatory]
Phone number; [Mandatory]
Technical contact; [Optional]
Email address; [Mandatory]
First name; [Mandatory]
Last name; [Mandatory]
Phone number; [Mandatory]
End user company; [Optional – when client is a reseller]
Country; [Mandatory]
Address; [Mandatory]
City; [Mandatory]
State/Province; [Optional]
Zip/Postcode; [Optional]
4.3 Data the Company collects via cookies
To improve your user experience when browsing on the Sites, the Company uses “cookies”.
A cookie is a component stored and read when you browse on the Sites, which collects personal data to optimize your user browsing experience. Cookies are used to save information about your browsing history of the Sites, making it possible to decipher that information when you visit again the Sites, thereby making subsequent browsing easier (such as adjusting the language settings).
The data collected through cookies is intended for the internal departments of the Company and its sub-contractors for the purpose of executing tasks assigned by the Company regarding the use of the Sites.
According to your browser preferences, the Company stores on your computer or mobile devices cookies for the following purposes:
To enable you to use the features of the Sites;
To save your browser preferences and personalize the interface of the Sites (language);
To manage statistics in order to improve your user experience on the Sites and services the Company offers you;
To share information with other websites you previously visited.
5. HOW LONG DOES THE COMPANY KEEP YOUR PERSONAL DATA?
The Company will not retain your personal data longer than necessary to fulfill the purposes for which it was collected or to fulfill legal obligations, or as permitted by law, e.g. to defend legal claims. Afterwards, the Company will delete your personal data. The individual retention periods depend on the type of personal data and the purpose of its processing.
Depending on the type of data collected, the Company applies the following retention periods:
Type of personal data | Retention period |
Cookies stored by the Company on your computer or mobile devices | Twelve (12) months from the date of your consent |
Data for prospection purposes | Three (3) years from the date of inactivity on your account |
Inactive customer or user account | Three (3) years from the date of inactivity on your account |
User name in blog or support issue signature | Three (3) years from the date of inactivity on your account |
6. WHO RECEIVES YOUR PERSONAL DATA?
6.1. Recipients of your personal data
The data collected on the Sites are communicated to the Company’s marketing, sales, and human resources departments to fulfill the aforementioned purposes.
The Company also discloses your personal data to its authorized partners:
Disqus
Youtube
Google Analytics
Mailchimp
In these specific cases, the Company requires its partners to respect data privacy regulations by implementing strict confidentiality and data protection policies.
Please note that the Company will not disclose your personal data to third parties that are not authorized to process them.
6.2. International transfer of your personal data
Some of the aforementioned recipients may not be located in the European Union (hereafter referred as to the “EU”). For that reason, the Company may transfer your personal data outside the EU.
In this case, the Company guarantees an adequate level of protection of your personal data by implementing contractual restrictions regarding confidentiality and security in line with applicable data protection regulations.
The Company verifies annually each U.S.-based company has a valid Privacy Shield on the site https://www.privacyshield.gov/european-businesses
7. WHAT ARE YOUR PRIVACY RIGHTS?
In accordance with the GDPR and the French Data Protection Act, and to the extent permitted by applicable data protection regulations, you have the right to:
Access to the personal data held by the Company about you;
Request their update or correction in case of inaccuracy;
Request the deletion of your personal data if it is no longer needed by the Company for the purposes for which they were collected or otherwise processed;
Data portability, which allows you to obtain your personal data in an electronic format for you or for another controller;
Object to or restrict the processing of your personal data;
When the legal basis of the data processing was the consent, withdraw your consent at any time where your personal data was processed with your consent, without affecting the lawfulness of processing based on consent before its withdrawal or where there is another legal basis for processing your data (e.g. overriding legitimate interests);
File a complaint with the data controller, and/or the relevant data protection authority.
Questions, comments, requests, and complaints must be emailed to the following address: gdpr@creativas.io, or mailed to the Company:
CREATIVAS CONSULTING,
9 rue des colonnes
75002 Paris
France
All requests will be handled promptly, and no longer than one month after receiving the request. This period may be extended to two (2) months considering the complexity and number of requests. The Company will inform you by electronic means when the request was made by electronic means unless otherwise requested by you in case of extension of the period of one (1) month, within one (1) month of receipt of the request, together with the reasons of the delay.
8. BLOG COMMENTS
Articles posted to the Company’s Blog (the “Blog” available at the following URLs: https://creativas.io/blog) may be freely viewed by you and may receive comments via Disqus, a free service for adding comments to several areas of the Blog.
In order to post a comment, you must sign in by creating a Disqus account or logging in to his or her existing Disqus account if he or she already has one.
If you intend to post a comment on the Blog, please read Disqus’ privacy policy before signing up. You can find it at the following address: https://help.disqus.com/customer/portal/articles/466259-privacy-policy .
Disqus Inc. is a company under American law. Data collected by Disqus is hosted and processed in the United States.
For any request or dispute with Disqus Inc. Regarding your personal data, you can contact it at privacy@disqus.com.
9. LINKS TO OTHER SITES AND SOCIAL MEDIA
The Sites may contain links to the websites of our partners or third-party companies.
Note that these websites have their own privacy policies and that the Company waives all liability for how these sites use the information collected when you click on those links.
Please review these sites’ privacy policies before sending them your personal data.
10. AMENDMENTS TO THIS POLICY
The Company reserves the right to update this Policy in order to adapt it to new practices and service plans or to changes in the present applicable data protection regulations.
Any substantial change of this Policy relating to how the Company processes your personal data will be announced visibly on the Sites. In the event of an update, the Policy date will be updated to indicate the day when the amendments were made.