_rzilient Platform
Privacy Policy
Last updated: 2023-06-12
Google OAuth consent page notice
This Privacy Policy describes how the Rzilient platform collects, uses, and discloses your personal information in connection with the use of our services. Information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
Rzilient’s use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements as well.
- Collection of Information: We collect personal information when you register with Rzilient, when you use our services, and when you visit our pages or partner pages.
- Use of Information: We use personal information to fulfill requests, improve services, contact you, and conduct research. The app uses the
admin.directory.userscope for Google OAuth to view and manage provisioning of users on your domain, necessary for app functionality. - Information Sharing: We do not rent, sell, or share personal information except to provide products/services you requested or with your permission.
- Confidentiality and Security: Access to personal information is limited to employees who reasonably need it to provide services or perform their job.
- Changes: We may update this policy and will notify you via account email or a prominent notice on our site.
_rzilient group, headquartered at 146, rue de montmartre, 75002 Paris (“_rzilient”), is the data controller for the personal data you provide through the platform available at join.rzilient.club (the “Platform”).
_rzilient is committed to privacy and to protecting users’ personal data in accordance with applicable laws, including the French Data Protection Act and the EU GDPR (Regulation (EU) 2016/679).
Definitions
- Subscription: contractual model allowing the Client to access maintenance services under the Terms.
- Administrator: a Client representative authorized to manage an Administrator Account and create/supervise Collaborator Accounts.
- Client: a legal entity acting as a professional customer of Rzilient.
- Administrator Account: account used to create Collaborator Accounts and access platform services.
- Collaborator Account: account created by invitation from an Administrator Account holder.
- User Account: account accessible with identifiers to use the Platform (covers Administrator & Collaborator accounts).
- Terms: the general terms of use of the Platform.
- Collaborator: an individual within the Client organization authorized to use the Platform through a Collaborator Account.
- Personal Data: any information relating to an identified or identifiable natural person.
- Identifiers: your email address and personal password.
- French Data Protection Act: Law n°78-17 of 6 January 1978 (as amended).
- GDPR: Regulation (EU) 2016/679 of 27 April 2016.
- Platform: the website available at join.rzilient.club.
- Cookie Policy: Rzilient’s cookie policy.
- Products: IT equipment available for purchase and/or leasing via the Platform.
- Services: features made available through use of the Platform.
- User: any person using the Platform.
Who collects your personal data?
When you use the Platform, Rzilient collects and processes certain Personal Data that you enter directly on the Platform.
If you have questions about this policy or the processing of your Personal Data, you can contact us at [email protected].
When do we collect Personal Data?
We collect Personal Data through different means:
- When a User completes the registration form (as an Administrator, or as a Collaborator invited by an Administrator);
- Through cookies used on the Platform (see the Cookie Policy).
On each data-collection form, required fields are marked with an asterisk (*). If required information is not provided, the requested service cannot be delivered.
Purposes, legal bases, and retention periods
| Purpose | Data collected | Legal basis | Retention |
|---|---|---|---|
| Purchasing Products via the Platform | Administrator’s first/last name, phone number, email | Contract performance | Purchase history and identifiers needed to consult/re-issue invoices: 10 years from the last purchase. |
| Creating an Administrator Account | Job title, first/last name, phone number, email | Contract performance | For the duration of the contractual relationship (Administrator deemed to represent the Client). Deleted at end of the relationship. Archived separately for 5 years after end of the relationship (contractual limitation period). |
| Creating a Collaborator Account | Job title, first/last name, phone number, email | Contract performance | Kept while the Collaborator has an account. Deleted immediately (i) when the contract ends, or (ii) upon deletion request by an Administrator. Accounts unused for 3 years are considered inactive; deletion occurs after a notice sent 1 month in advance to the Collaborator and the Administrator. |
| Issuing invoices related to Subscriptions | Administrator’s first/last name, phone number, email | Contract performance | Identifiers necessary to consult/re-issue invoices: 10 years from the end of the contractual relationship. |
| Informing Clients about Rzilient offers | Administrator’s first/last name, phone number, email | Rzilient’s legitimate interest | For the contractual relationship; deleted at the end; archived separately for 5 years. |
| Contacting Users for maintenance services | First/last name, phone number, email (Administrators and Collaborators) | Contract performance | For the duration of the contractual relationship. |
| Contacting prospects who did not complete registration | First/last name, phone number, email | Rzilient’s legitimate interest | 3 years from collection or from the last contact from the User (e.g., request for info, click on a link). |
| Cookies (optimization and audience measurement) | Connection and browsing data | Consent | 6 months from the initial placement of the cookie. |
Who can access your data? Who do we share it with?
_rzilient is the recipient of the Personal Data it collects and processes, and grants access only to authorized staff on a need-to-know basis.
We may share Personal Data with processors, for example for:
- IT development, support, and maintenance;
- Hosting of Personal Data;
- Operations necessary for the Platform and services;
- Administrative, accounting, and legal obligations.
Processors must keep data confidential and may not use it for other purposes. They implement appropriate security measures. Processors host data within the EU; if transfers outside the EU occur, Rzilient ensures appropriate safeguards (e.g., Standard Contractual Clauses).
Rzilient may disclose Personal Data as required by law or to protect its legitimate interests (e.g., civil or criminal proceedings). A list of processors is available upon request (see Contact).
Your rights
Under applicable law, you have rights regarding your Personal Data. To exercise your rights, send a request to Rzilient indicating the subject of your request. Requests must be accompanied by a copy of an identity document to prevent fraud or unlawful access.
More information about rights (CNIL): https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles
Withdraw consent
You may withdraw consent at any time when processing is based on consent. Withdrawal prevents further use for the future period, without affecting the lawfulness of processing carried out before withdrawal.
Access, objection, restriction, and rectification
- Access your Personal Data held by Rzilient;
- Rectify and update your Personal Data;
- Restrict how Rzilient processes your Personal Data;
- Request a copy of the Personal Data held about you;
- Object to the use of your Personal Data.
Data portability
You have the right to data portability for Personal Data you provided when processing is based on consent or contract performance and is automated. Data will be provided in a structured, commonly used, machine-readable format.
Portability applies to data actively and knowingly provided or generated by your activity, excluding derived or inferred data.
Right to erasure
You may request deletion of your Personal Data. This right is not absolute; Rzilient may need to retain certain data for legal or legitimate reasons.
Lodge a complaint with the CNIL
You may lodge a complaint with the CNIL: https://www.cnil.fr/fr/plaintes.
Security
Rzilient implements organizational and technical measures to ensure integrity and confidentiality of Personal Data and protect it from unauthorized access, use, or disclosure. Sensitive information transmitted online is protected using encryption.
Updates to this policy
Rzilient may update this Privacy Policy at any time, notably in the event of changes to practices or Platform features. The “last updated” date will be displayed at the top, and Users will be informed of substantial changes via a visible notice on the Platform.
Contact
- Email: [email protected]
- Postal: _rzilient group – 146, rue de montmartre, 75002 Paris, France