The purpose of this Personal Data Protection and Cookies Policy is to inform you of:
- The types of personal data collected about you
- How your personal data is processed by Swipe and its possible partners and subcontractors
- The terms and conditions of use of your personal data and your rights in this respect, in compliance with European and French legislation applicable to Swipe
All operations on your personal data are carried out in compliance with the regulations in force and in particular with Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereafter the "GDPR"), and any national legislation applicable to data protection.
“Personal data” All information relating to an individual who is identified or who may be identified, directly or indirectly, by reference to an identification number or one or more elements specific to him;
“Data subject” The natural person to whom the data being processed relates;
“Data processing” Any operation or set of operations relating to such data, regardless of the process used, and in particular the collection, recording, organisation, retention, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, reconciliation or interconnection, as well as locking, deletion or destruction;
“File” Any structured and stable set of personal data accessible according to specified criteria;
“Data controller” The natural or legal person, public authority, service or other body which, alone or in conjunction with others, collects and processes personal data;
“Subcontractor or Third Party Partner” The natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller;
“Recipient” A natural or legal person, public authority, service or another body, to which the personal data is disclosed, whether a third party or not; and
“Authorised third parties” The authorities legally authorised, in the context of a particular task or the exercise of a right of communication, to ask the Data Controller to communicate personal data to them.
2. Processing of personal data
As part of the operation of the website www.Swipe.io, Swipe collects data about you. This data is processed in accordance with the purposes for which it is collected, some information being mandatory and others optional, as indicated in the collection forms.
In addition, Swipe may collect personal data for other purposes, taking care to comply with the legislation on the protection of personal data.
- The processing operations implemented on the site www.Swipe.io are intended to allow:
- Management of customer accounts
- Performance of customer loyalty operations
2.2 Legal basis
- Data processing is necessary for:
- the execution of a contract for the provision of services to which the User is a party or the execution of pre-contractual measures taken at the User's request in accordance with Article 6(1)(b) of the GDPR;
- compliance with legal obligations to which the data controller is subject in accordance with Article 6(1)(c) of the GDPR, such as the fight against money laundering and terrorist financing;
- the purposes of the legitimate interests pursued by the data controller in accordance with Article 6(1)(f) of the GDPR, such as the fight against fraud, carrying out prospecting operations, etc.’ and
- Data processing may also be based on the prior consent of the data subjects in accordance with Article 6(1)(a) of the GDPR, in particular during prospecting operations.
2.3 Data processed
- The personal data that may be collected is as follows:
- Identity Surname, first name, date and place of birth and proof of identity;
- Personal life Personal email address, personal telephone number, personal postal address and proof of address; and
- Professional life Employer, professional email address, professional telephone number, professional postal address, position, CV and skills.
3. Retention periods
Swipe will keep your personal data in a secure environment for a maximum period of five (5) years from the termination of the business relationship or for the maximum retention period provided by the applicable legislation in the United Kingdom in case of dispute.
4. Individuals’ rights
In accordance with Regulation (EU) 2016/679 on the protection of personal data, you have the right to ask the data controller for access to your personal data, its rectification or erasure or the limitation of the processing of your personal data.
You also have the right to object at any time to the processing of your personal data for legitimate reasons, as well as a right to object to your data being used for commercial prospecting purposes.
You also have a right to request portability for the data provided and which is necessary for the contract or processing based on your consent. You may also withdraw your consent at any time, when it has been previously given.