of the Beeshake web application
Beeshake guarantees to comply with the modified law n°78-17 of January 6, 1978 known as "Informatique et Libertés" and, from May 25, 2018, with the provisions of the General Data Protection Regulation (2016/679) (GDPR).
In this respect, the data protection officer is Mélanie ROUZE and can be reached by e-mail at Melanie.Rouze@cospirit.com..
The processing of personal data is subject to the applicable regulations on personal data.
Personal data processing by Beeshake
Beeshake is committed to:
- process the customer's personal data only on the customer's prior written instruction, including the transfer of the customer's personal data outside the European Economic Area (EEA) and/or outside the country in which the customer is established or in which the personal data is collected;
- not to take any copy of documents and data carriers containing personal data unless it is necessary for the execution of its service, and only after having obtained the prior written consent of the client;
- not to use for personal purposes, including commercial or statistical purposes and/or for the purposes of analysis, research and study, the customer's personal data or the data resulting from the processing of said personal data, including when said processing results in the de-identification or anonymization of said data;
- to keep the customer's personal data, in a form that allows the persons concerned to be identified, only for as long as is necessary for the performance of the services;
- transmit, at the latest within ten (10) working days from the customer's request, all information allowing the customer to satisfy any request for right of access and transmission of personal data processed on his behalf by Beeshake and communicated by a data subject;
- promptly notify the client of any access request that may be directly submitted to it by a data subject and assist the client in responding to the request by providing the necessary information as indicated above;
- inform the customer without delay of any request for access or communication from a third party claiming an authorization arising from the application of legal or regulatory provisions;
Security and confidentiality of treatment
Beeshake implements the following security measures:
- complete anonymization of the customer's personal data upon request within a maximum of 5 working days;
- the purging of the customer's personal data beyond the retention period of the personal data provided for in the collaboration with the customer;
Privacy by Design, Privacy by Default and Data Portability
Beeshake takes appropriate technical and organizational measures:
- designed to effectively implement the principles of minimization and limited retention of personal data,
- to ensure that, by default, only the customer's personal data necessary for each specific purpose of processing is processed, including the implementation of manual anonymization solutions.
Beeshake uses interoperable formats (csv as standard) allowing the portability of the customer's personal data required by the applicable regulations on personal data, and implements technical and organizational measures allowing the customer to respect the rights of the data subjects, in particular the right to access their personal data, the right to obtain the rectification or deletion of their personal data
International Transfers of Personal Data
Beeshake undertakes to process the customer's personal data exclusively on the territory of an EEA Member State.
Beeshake will not disclose, make available or transfer any of the Customer's personal data even for routing purposes to any processing entity or subcontractor established in a third country outside the EEA, except with the Customer's prior written consent.
Beeshake guarantees that no customer's personal data will be transferred outside the EEA by its own subcontractors or partners, unless the customer has given specific prior written consent.
For this purpose, the list of countries in which the servers used to provide the hosted services are located is provided in the technical documentation. If Beeshake has the servers hosted in other countries, Beeshake will inform the Customer in advance and obtain the Customer's prior written consent. In the event of a change of countries, Beeshake will provide the Customer with an updated list of the destination countries.
Retention of Personal Data
Beeshake may provide the customer with a notice of the actual destruction of the personal data within fifteen (15) business days upon request by the customer.