What is the purpose of this policy?

NA3D, which manages the autrice.ai website, attaches great importance to the protection and confidentiality of your personal data, which represents for us a guarantee of seriousness and trust.

The data privacy policy clearly demonstrates our commitment to ensuring that NA3D complies with applicable data protection rules, and more specifically, those of the General Data Protection Regulation ("GDPR").

In particular, the privacy policy aims to inform you about how and why we process your data in the context of the services we provide.

Why do we process your data?

As part of the services we offer, we necessarily process your personal data to:

● browse our website, use our services, and respond to your requests (e.g., information requests, complaints, etc.) based on our terms of service and our legitimate interest in providing you with the best possible service.

● keep you informed of our latest offers and events by email and phone, based on our legitimate interest in building customer loyalty and prospecting for new potential customers.

● follow and comment on our posts on social media based on our legitimate interest in having a dedicated page on social media.

● schedule appointments with our teams based on our legitimate interest in providing you with an easy way to schedule appointments with us.

● enable the downloading of documents based on our terms of service.

Your data is collected directly from you when you use our website, and we commit to processing your data only for the reasons described above.

However, when you voluntarily publish content on the pages we publish on social media, you acknowledge that you are fully responsible for any personal information you may transmit, regardless of the nature and origin of the information provided.

For information about cookies, please consult our dedicated Cookie Policy, which is available on our website.

What data do we process and for how long?

We have summarized the categories of personal data we collect and their respective retention periods. If you would like more details on the retention periods applicable to your data, you can contact us at: dpo@autrice.ai.

● Professional identification data (e.g., name, surname, position, company, etc.) and contact details (e.g., email address and professional telephone number, etc.) are kept for the entire duration of the service provision, plus the statutory limitation periods, which are generally 5 years.

● When there is confusion between the name of your organization and your personal name (e.g., sole trader, micro-enterprise, etc.), economic and financial data (e.g., bank account number, verification code, etc.) are kept for the time necessary for the transaction and the management of invoicing and payments, plus the statutory limitation periods, which are generally 5 to 10 years.

● Email address for our email marketing campaigns, kept for a maximum of 3 years from our last contact with you.

● Telephone number for our telephone marketing campaigns, kept for a maximum of 3 years from our last contact with you.

● Data provided in your CV and cover letter, kept for the duration of the recruitment process and then for 2 years from the date of your application.

● Connection data (e.g., logs, IP address, etc.) kept for 1 year.

● Cookies, which are generally kept for a maximum of 13 months. For more details on how we use your cookies, please see our cookie policy, accessible at any time on our website.

Once the retention periods described above have expired, the deletion of your personal data is irreversible, and we will no longer be able to provide it to you after this period. At most, we may only retain anonymized data for statistical purposes.

Please also note that in the event of a legal dispute, we are obligated to retain all data concerning you for the entire duration of the case processing, even after the expiry of the retention periods described above.

What rights do you have to control the use of your data?

Applicable data protection regulations grant you specific rights that you can exercise, at any time and free of charge, to control how we use your data.

● Right to access and copy your personal data, provided that this request does not conflict with trade secrets, confidentiality, or the secrecy of correspondence.

● Right to rectify personal data that is inaccurate, outdated, or incomplete.

● Right to object to the processing of your personal data for marketing purposes.

● Right to request the erasure (“right to be forgotten”) of your personal data that is not essential for the proper functioning of our services.

● Right to restrict the processing of your personal data, which allows you to review the use of your data in the event of a dispute regarding the legitimacy of processing.

● Right to data portability, which allows you to retrieve some of your personal data in order to store it or easily transfer it from one information system to another.

● Right to provide instructions regarding the fate of your data in the event of your death, either directly or through a trusted third party or legal representative.

For a request to be considered, it is essential that it be made directly by you to dpo@autrice.ai. Any request not made in this way cannot be processed.

Requests cannot be made by anyone other than you. We may therefore ask you to provide proof of identity if we have any doubt about the identity of the requester.

We will respond to your request as soon as possible, within one month of receipt, unless the request is complex or repetitive.

In that case, the response time may be up to three months. Please note that we may always refuse to respond to any excessive or unfounded request, particularly due to its repetitive nature.

Who can access your data?

WE NEVER TRANSFER OR SELL YOUR DATA TO THIRD PARTIES OR BUSINESS PARTNERS. ALL OF YOUR PERSONAL DATA IS USED EXCLUSIVELY BY OUR TEAMS OR OUR IT PROVIDERS.

More specifically, we only share your data with people duly authorized to use it to provide you with our service, such as our IT department or our customer service department.

Your personal data is also transferred to our IT service providers for the sole purpose of ensuring the technical operation of our service (e.g., data hosting).

We specify that we vet all our IT service providers before hiring them to ensure that they strictly comply with applicable personal data protection regulations.

How do we protect your data?

We implement all the technical and organizational means required to guarantee the security of your data on a daily basis and, in particular, to combat any risk of destruction, loss, alteration, or unauthorized disclosure of your data (e.g., training, access control, passwords, antivirus, backup servers, "https", etc.).

Can your data be transferred outside the European Union?

Unless strictly necessary and in exceptional circumstances, we never transfer your data outside the European Union, and your data is always hosted within Europe. Furthermore, we make every effort to only use service providers who host your data within the European Union.

In the unlikely event that our service providers are required to transfer your personal data outside the European Union, we meticulously ensure that they implement appropriate safeguards to guarantee the confidentiality and protection of your data.

Who can you contact for more information?

To best ensure the protection and integrity of your data, we have officially appointed an independent Data Protection Officer (“DPO”) to our supervisory authority.

You can contact our DPO at any time, free of charge, at dpo@autrice.ai to obtain more information or details on how we process your data.

How can you contact the CNIL?

You can contact the French “National Commission for Information Technology and Freedoms” or “CNIL” at any time using the following contact details: CNIL Complaints Department, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07 - France or by telephone at +33.(0)1.53.73.22.22.

Can the policy be changed?

We may change our privacy policy at any time to adapt it to new legal requirements and new processing that we may implement in the future.

Compliance certified by Dipeeo®