Last update: 10/07/2024
SysDream particularly committed to the protection of privacy, undertakes vis-à-vis individual users (hereinafter referred to as "the User") of this application (hereinafter referred to as "the Application") to process personal data concerning them in compliance with French and European legislation and regulations, in particular the French Data Protection Act (Loi Informatique et Libertés) and the General Data Protection Regulation (GDPR) (together hereinafter referred to as the "Applicable Regulations").
For the understanding of the following stipulations, the terms "Personal Data", "Sensitive Data", "Processing", "Data Controller", "Transfer", "Data Subject", "Legal basis", "Data Protection Officer" and "Purpose" shall have the meaning defined by the Applicable Regulations.
The purpose of this privacy policy is to inform the User of the manner in which his or her Personal Data is processed in the context of the use of the Application.
SysDream reserves the right to modify this policy at any time, in whole or in part, in particular in order to adapt to the technological, regulatory or legal environment. The User is therefore invited to consult this policy on a regular basis in order to remain informed of any updates.
a) SysDream, a simplified joint stock company, having its registered office at 14 Place Marie-Jeanne Bassot - 92300 LEVALLOIS-PERRET, registered in the Paris Trade and Companies Register under number 451 676 126, acts as a Data Controller for the processing operations identified in section 2 in accordance with this Privacy Policy. The contact details of its Data Protection Team is stipulated in article "Exercise of the rights of the Data subject".
b) The Processing of Personal Data not listed in this Privacy Policy is carried out by SysDream, as Data Processor exclusively according to the instructions provided by your employer.
Personal data is any information relating to a natural person that can be identified, directly or indirectly, by cross-referenced data.
SysDream collects the following personal data from Users:
As part of the provision of the Platform, SysDream processes Personal Data concerning the User for the following Purposes:
| Purpose of the processing | Personal data processed | Legal basis for processing |
|---|---|---|
| Managing the contractual relationship with our clients | Identification data | Legitimate interest of SysDream – Managing the contractual relationship with its clients, i.e., your employer, including invoicing and collection |
| Verification of compliance by the User with the Application's General Terms of Use | Identification data & Technical Data | Legitimate interest of SysDream – Ensuring proper use of the Application in accordance with the Application's General Terms of Use accepted by Users |
| Sending information about the Application and its features | Identification data | Legitimate interest of SysDream – to inform Users of the functionalities of the Application and its overall operation |
| Analysis of Users' requests for support/tickets to improve services and performance | Identification data & Technical Data | Legitimate interest of SysDream – to improve its customer service, in order to offer high-quality customer service |
| Elaboration of statistics for the improvement of the Application | Technical Data | Legitimate interest of SysDream – to improve its Services (e.g.: accessibility, bug fixing, etc.). |
| Ensuring and maintaining the Application's IT security | Technical Data | Legitimate interest of SysDream – To offer Services on a secure Application. |
| Defense of our interests, management of litigation, subpoena or any other judicial or administrative proceedings | Identification data & Technical Data | Legitimate interest of SysDream - To assert its rights. |
| Fight against fraud | Identification data & Technical Data | Legitimate interest of SysDream – To offer Services on a secure Application. |
| Follow-up and technical improvements Challenges | Identification data & Technical Data | SysDream's legitimate interest - To develop Challenges according to results and compile statistics on the difficulty of the Challenges |
| User account management | Identification data & Technical Data | SysDream's legitimate interest - To manage user accounts |
| Publication of rankings | Identification data | Legitimate interest of SysDream - To create a ranking of the winners of the Challenges |
| Responses to support requests from Challenge participants | Identification data & Technical Data & Zone de commentaire libre | SysDream's legitimate interest - To answer participants' questions about Challenges |
| Set up coaching sessions for participants | Identification data | Legitimate interest of SysDream - To provide coaching services |
We ensure that your data is kept for no longer than is necessary for the purposes listed above and in accordance with applicable legal provisions (for example, in the event of litigation or to comply with tax or legal obligations). After expiry of the retention period in the active database and the archiving period, your personal data will be deleted.
For further information concerning retention periods, the User may contact SysDream data protection team, whose contact details are given in the article “Exercising the rights of Data Subjects” below.
SysDream uses cookies and similar technologies to power, protect and improve the Application.
See our cookie policy to learn how and why SysDream uses these technologies.
When the User provides Personal Data to SysDream, he/she undertakes to provide only accurate, sincere and up-to-date information about his/her situation, as well as his/her true identity.
In the context of forms to be completed, when Personal Data are identified as mandatory (in particular with "*"), the User must provide them, failing which he/she will not be able to benefit from the proposed service.
SysDream does not process Sensitive Data via the Application. By voluntarily providing SysDream with such data without it being requested (for example via the free comment fields), the User acknowledges that this information will be deleted as soon as possible by the Data Controller once the latter becomes aware of its sensitive nature within the meaning of the GDPR.
The recipients of Personal Data in connection with the use of the Application are:
Authorized persons in the SysDream departments concerned;
Teach Up, the company providing the training module;
Amazon AWS when using the mail server.
At the request of duly authorized judicial and administrative authorities, SysDream will transmit Users' personal data to said authorities in compliance with applicable regulations.
SysDream undertakes to implement appropriate technical and organizational measures to ensure the confidentiality and security of Personal Data processed and ensures that its employees (and service providers, where applicable) involved in the Processing of Personal Data comply with these measures.
SysDream ensures the confidentiality and security of the User's Personal Data by implementing appropriate technical and organizational measures, in accordance with applicable regulations.
Various protective measures have been put in place for this purpose (non-exhaustive list):
Access control and limited user access: SysDream authorizes access only to authorized personnel and only to the extent necessary for the maintenance and provision of Services.
Vulnerability control and assessment: SysDream conducts penetration tests to investigate identified problems and ensure their resolution if necessary.
Data Integrity: SysDream will maintain controls designed to ensure data integrity during transmission, storage and processing within the Platform.
Incident management: SysDream will follow corrective action plans and incident response plans to address potential security threats.
Employee security training: SysDream will implement and maintain employee security training programs regarding security requirements.
Data encryption
Installation of firewalls
Physical access controls: SysDream implements protocols designed to prevent unauthorized physical access, damage or interference with the Platform.
Data Center access controls (Equinix).
Within the framework of the Application and in compliance with the applicable Regulations, transfers to organizations located outside the EEA are carried out by Amazon AWS, in its capacity as Data Processor (see Article 5 “Recipients of Personal Data”).
To ensure the compliance of transfers, the Data Processor has implemented contractual measures, as well as technical and organizational measures.
For further information on the Transfers of Personal Data carried out within the framework of the Application, the User may contact Hub One's Data Protection Officer at the contact details stipulated in Article 9 “Exercising the rights of Data Subjects” below, or visit the following links:
Privacy features of AWS services (amazon.com)
RGPD - Amazon Web Services (AWS)
https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA
As a Data Subject, the User has specific rights. These rights are as follows:
Right of access: in particular, you may request a copy of all your personal data held by us.
Right of rectification: you may request rectification of your personal data if it is inaccurate or incomplete.
Right to erasure: you may request the erasure of your personal data under the conditions set out in Article 17 of the GDPR.
Right to restrict processing: you may request the restriction of the processing of your personal data.
Right to object: you may object at any time to the processing of your personal data insofar as this is justified by reasons relating to your particular situation under the conditions provided for in Article 21 of the GDPR.
Right to define the fate of your data after your death: you may define directives relating to the fate of your personal data after your death (concerning its retention, deletion, and where appropriate its communication), in accordance with Articles 48 and 85 of the French Data Protection Act.
Right to lodge a complaint with a competent personal data protection authority: you have the right to lodge a complaint with the CNIL, whose website is accessible at the following address: www.cnil.fr and whose head office is located at 3 Place Fontenoy, 75007 Paris.
To exercise these rights or if you have any other questions about the processing of your personal data, please send any request to Hub One’s Data Protection Team of which SysDream is a part, at the following address:
or
Mr. Data Protection Officer of Hub One
Legal Department
Continental Square, Mercure Building,
2 place de Londres,
93290 TREMBLAY-EN-FRANCE