Privacy Policy

1. Definitions

Recipient:
Means the natural or legal person, public authority, service, or other body that receives personal data, whether or not it is a third party.
Personal data:
Means any information relating to an identified or identifiable natural person (hereinafter referred to as “Data Subject”). An ‘identifiable natural person’ is a person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to his physical, physiological, genetic, mental, economic, cultural or social identity.
Data controller:
Designates the natural or legal person, public authority, department, or other body which, alone or jointly with others, determines the purposes and means of the processing.
Processor:
Means the natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.
Processing:
Means any operation or set of operations, whether or not carried out by automated means and applied to personal data or sets of personal data. This includes the collection, recording, organization, structuring, conservation, adaptation or modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, reconciliation or interconnection, limitation, erasure or destruction.

2. Who are we?

The Company myDid SA (also referred to as the “Company” or “we” in this policy), is a public limited company whose registered office is located at rue des Beaux-Arts 8, c/o LEAX Avocats Sàrl, 2000 Neuchâtel, Switzerland, registered under number CHE-433.448.148.

The Company operates the publicly available websites at https://mydid.com/ and the mobile application available on the stores.

The director of the publication is Frédéric Martin.

The main activity of the Company is the creation, development, marketing, operation of applications, software and secure platforms for mobile, smartphones, tablets, computers and derivatives in particular in the field of new technologies.

2.2 These applications are designed to:

Provide users with information enabling them to discover the activity and services offered by the Company, as well as its news (events, publications,...);
Provide features and/or information to allow users to contact the Company and present the services offered by the Company, the projects carried out by the Company and future, or the team working on these projects;
Provide users with an online account and access to a platform and various related services as detailed in our Terms and Conditions.
The Company also maintains pages presenting its activities and allowing it to publish content on social networks and interact with Internet users.

During your exploration of the Site, your interactions on the pages administered by the Company on social networks, or in general, during your exchanges with the Company, the latter may collect and process Personal Data concerning you. This applies to the management of the activities it carries out and on its own behalf, acting as Data Controller. Whether you are a customer, prospect, contact, internet user, candidate, supplier, service provider, or partner, potential or current, you are also referred to as “you” or “the relevant person(s)” or “the user(s)” in this policy.

In this context, the Company complies with the principles set out in the legal and regulatory provisions on the protection of personal data, in particular in the context of Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data (“GDPR”) and of Law 78-17 of 6 January 1978 relating to data processing, files and freedoms (known as “data processing law and freedoms”) and its implementing decrees.

3. Collection arrangements

3.1 Your Personal Data is collected directly from you or indirectly from third parties.

3.1.1. By browsing the Site, interacting with it, or providing information in data collection forms, you consent to the collection of your Personal Data. This also includes your exchanges with the Company and the sharing of content of the Site via the sharing buttons on social networks. In summary, your Personal Data is collected directly from you in these circumstances.

3.1.2. However, your Personal Data may also be collected through third parties. We may enrich or collect information about you through third-party sources, such as social media, public data, websites, or through other employees or contacts within your organization.

In the context of our recruitment activities, we use the information you provide to us, as indicated in your CV, and may also use third parties such as recruitment agencies, previous employers, or various sources of information to evaluate your application or professional profile.

To comply with certain legal or regulatory obligations, the collection of your Personal Data is mandatory to use certain features.
If the processing is subject to your consent, the communication of the data is optional, but the absence of communication could hinder the processing.
If the processing is necessary for the performance of a contract, the communication of the data is necessary for this purpose.
If the processing is based on our legitimate interests, the communication of the data is necessary, and the absence of communication could hinder the processing.

In the case of collection forms with mandatory data, asterisks shall indicate the necessary fields and the consequences of failure to communicate shall be specified. Data not specified as mandatory is optional.

3.2 Except where specifically required by law, we do not collect so-called "special" personal data, such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, health data, sex life data or sexual orientation data.

3.3 Data of protected minors or adults: Our services are reserved for adults with legal capacity. The use of the Site by minors or incapacitated persons is not authorized, and the Company cannot be held responsible for the consequences related to the processing of their Personal Data. However, exceptions may be made for the processing of personal data of minors of at least fifteen years in the context of job applications or internships.

4. Data collected, purposes, processing

As the controller, we may process your personal data for the following purposes:

4.1.1 Management, processing and follow-up of requests for information and exchanges with users, or its contacts in the broad sense:

Purpose of the Processing: We process your personal data for the purpose of processing, managing and following up on any request for contact or information sent by you. This includes interactions via the Site, exchanges on our social media pages (including the management, processing, tracking and possible moderation of your messages or comments). In general, these activities aim to ensure the processing, management and follow-up of requests and responses to them. This data is also used for the purpose of managing the relationship with our contacts as a whole.
Processed data: The processed data include identity (civility, surname, first name), username or pseudonym/alias, if necessary contact details (including postal address, telephone number, e-mail address), function and business of attachment if applicable, as well as the request for contact, information or documentation, and correspondence exchanged.
Legal basis of the Processing: The processing of your personal data in this context is deemed necessary for the pursuit of the legitimate interests of the Company, in particular to respond to your requests, to make you benefit from the functionalities offered on the Site, and more generally, to ensure the management and follow-up of its relations with its contacts.
Data retention period: The data is retained for the period necessary to provide you with an answer to your request or to manage your relationship with the Company. In the event of termination of the relationship, the data may be retained for a period of three years from the end of your relationship with the Company or from your last contact with us. This includes managing relationships with our contacts in a broader context, including for prospecting purposes.

4.1.2 Management of our relations with our customer users:

Purpose of Processing: We collect personal data from our customers and/or our contacts at our customers for the purpose of managing our pre-contractual, contractual and post-contractual relationships. This includes the provision, management and tracking of online accounts, the management of services provided, the execution of contracts, payments and transactions, related invoicing/accounting, as well as the overall management of the customer relationship. We also use this data to manage and track accounts receivable, process complaints, manage litigation and outstanding payments, as well as to carry out studies, analyzes, reports and statistics, including for commercial purposes.
Processed data:

Identity (civility, surname, first name, identifier, date of birth)
Contact details (e-mail address, mailing address, telephone number, etc.)

Legal basis of the Processing: The processing of personal data of customers is mainly necessary for the execution of pre-contractual measures taken at the request of the customer or of a contract concluded with the latter. The sub-purposes related to the management and monitoring of the relations with the customers as a whole are necessary for the pursuit of the legitimate interests of the Company to ensure effective management. As regards the personal data of our customers' contacts, the processing is based on our legitimate interests in managing and monitoring our relations with our customers, in particular for the organization and execution of the tasks or services entrusted to us.
Data retention period: The data is retained for the duration of our customer relations and then, if applicable, for a period of three years from the end of the relationship with the Company or from the last contact to our attention. The purpose of this retention is to manage our customer relationships in a comprehensive manner, including for prospecting purposes. In a particular case, in the absence of the user's connection to his online account for three years and provided that no assets are held in this account, the Company will proceed to the closure and deletion of this account, as well as the associated data, while reserving the possibility to keep some of this data for other purposes according to the conditions and modalities specified in this paragraph.
Other Data Controllers: Users are informed that, when using the services accessible via the Site, their personal data may be processed by third parties involved in these services. These third parties are entities independent of the Company, solely responsible for the processing of their own personal data. The Company has no power of determination or control over these treatments. Therefore, users are invited to consult the personal data protection policies of these entities and any documentation made available by them concerning the processing of personal data that they implement.

4.1.3 Managing our relationships with our partners, suppliers and suppliers:

Purpose of the Processing: We collect personal data concerning our current and/or potential partners, as well as their staff members, and more generally our contacts at our partners. This collection aims to find new partners, manage, track and respond to requests from partners, quotes or service proposals, as well as manage our relations with them. This includes the management and monitoring of the execution of contracts, orders/services entrusted, deliveries, invoices, payments and transactions, the associated accounting, including the management and monitoring of partner accounts, the partner relationship as a whole, and any claims or pre-litigation/litigation.
Processed data: Processed data include identity (civility, surname, first name), contact details (e-mail address, postal address, telephone number, etc.), the parent company and function, information on requests for partnerships, quotes and proposals for services, details of orders/services/contracts, data on payments and means of payment, data on transactions, data on monitoring of contracts and relationships, and data on invoices.
Legal basis of the Processing: For the personal data of natural partners, the processing is generally necessary for the execution of pre-contractual measures taken at their request or a contract concluded with the Company. As regards the personal data of the contacts at the partners, the processing is based on the legitimate interests of the Company to ensure the management and follow-up of its relations with its partners, in particular for the organization and the proper execution of the tasks or services entrusted to them. Sub-purposes related to finding new partners and managing and monitoring relationships with partners as a whole are also necessary to pursue the legitimate interests of the Company. For the personal data of other data subjects (staff members/contacts at our partners), the processing is based on the legitimate interests of the Company to ensure the management and monitoring of its relations with its partners, with a view to the organization and proper execution of the tasks or services entrusted to them. Finally, the management of invoices and the associated accounting may result from the legal obligations of the Company.
Data retention period: The data retention period extends to the period of the pre-contractual, contractual or commercial relationship with the Company.

4.1.4 Events

Purpose of the Processing: We may process personal data concerning you in the context of the organization and follow-up of the events that we propose, which includes the planning of interventions, the management, processing and follow-up of registrations, as well as the response to inquiries, etc.
Processed data: Processed data includes identity, contact details, function and business of attachment, as well as information on registrations and participation in events.
Legal basis of the Processing: Generally speaking, the processing of your personal data in this situation is necessary for the organization and management of events, and is therefore based on the performance of a contract to which you are a party.
Data Retention Time: Data is retained for the time necessary to organize and track the event. Then, if applicable, they may be kept for a period of three years from the end of your relationship with the Company or your last contact with us. The purpose of this retention is to manage our relations with our contacts in general, in particular for prospecting purposes.

4.1.5 Postal and telephone prospecting and solicitation:

Purpose of Processing: We may process the personal data of our customers, prospects and, in general, our contacts for the purpose of carrying out our commercial, communication, solicitation, prospecting, loyalty or marketing operations. This includes technical operations such as segmentation and targeting by post or telephone, in particular to send information to them by means such as e-mail or SMS. This information may relate to product and service proposals that may be of interest to them, news and/or activities on our part, other information or prospecting documents, as well as studies, surveys, promotions or satisfaction surveys.
Processed data: Processed data includes identity and contact information.
Legal basis of the Processing: This processing is based on the pursuit of our legitimate interests to make known our products and services on the market, as well as to carry out communication operations. It is important to note that the recipient of such surveys has the right to object at any time, without having to provide any reason or explanation.
Data retention period: Personal data are retained for a period of three years from the collection or termination of our relationships, or from the last contact from the data subject to our attention. For example, for a customer, the period starts from an operation or the use/execution of a service, the end of a service contract, the general conditions that bind us, or the last contact from the customer. For a prospect, the period starts from the last contact from the prospect, whether it's an online request, an email or postal mail, a phone call, or a click in an email sent to him by the Company, etc.

4.1.6 E-mail Prospecting and Solicitation:

Purpose of Processing: We may process the personal data of our customers, prospects and, in general, our contacts for the purpose of carrying out our commercial, communication, solicitation, prospecting, loyalty or marketing operations by email. This includes technical operations such as segmentation and targeting. We use this means to send information such as proposals for products and services that may be of interest to the person, information about our news and/or activities (e.g. newsletter), other prospecting documents, as well as studies, surveys, promotions or satisfaction surveys. We can also analyze the performance of our prospecting campaigns by using tracking information about the actions taken in the emails we send.
Processed data: Processed data includes identity, e-mail address, and data related to actions performed in e-mails (openings, clicks, etc.).
Legal basis of the Processing: Where such operations do not require the prior consent of the data subjects (i.e. in cases where they are intended for professionals on a professional e-mail address in connection with their profession, or for customers concerning products or services similar to those already provided by us), the Processing is carried out on the basis of our legitimate interests in making known our products and services on the market. It is emphasized that the addressee has the right to object at any time. In other cases, the Processing is based on the consent of the data subject. The person has the option of refusing or withdrawing consent at any time, without having to provide any reason or explanation.
Data retention period: Personal data are retained for a period of three years from the collection or termination of our relationships, or from the last contact from the data subject to our attention. For example, for a customer, the period starts from an operation or the use/execution of a service, the end of a service contract, the general conditions that bind us, or the last contact from the customer. For a prospect, the period starts from the last contact from the prospect (online request, email or postal mail, phone call, or click in an email sent by the Company, etc.).

4.1.7 Use of cookies or similar technologies:

Purpose of the Processing: When you use the Site and in general our digital media (other than social networks or features related to social networks), we process your personal data for the purpose of monitoring your navigation. This includes conducting and developing studies, analyzes, reports and statistics, as well as managing and monitoring the proper functioning, including securing our Site, and improving the user experience. We also collect personal data to make certain services or features available on the Site, as well as to track and measure the audience and performance of the Site. Personal data may also be collected and processed to display advertisements to you on the Site or on third-party sites, possibly targeted (or behavioral or programmatic advertisements), depending on your profile, your browsing, your location and your interactions with the websites you visit. The use of cookies or other similar technologies is subject to your consent, and therefore optional.
Processed data: The processed data includes session, connection and internet browsing data, including information about your browser or terminal and its configuration. This also includes the history and traffic and navigation information on the Site, information relating to the traceability of actions and interactions with the Site, identifiers linked to your terminal, your hardware or your operating system, scoring information, information on your preferences for browsing and using the Site, or even third-party websites, location data, information relating to the network, your language, as well as non-nominative personal data.
Legal basis of the Processing: Where the Processing of your data is exclusively for the purpose of enabling or facilitating communication by electronic means, or is strictly necessary for the provision of an online communication service at your express request (for example, to enable you to browse our Site and benefit from the features offered), it is based on our legitimate interest in facilitating your navigation on our Site. In other cases, the Processing is subject to your prior consent to the use of cookies and other similar technologies for the aforementioned purposes. You have the option not to consent to it or, if you consent, to withdraw your consent at any time, without having to provide any reason or explanation. To learn more about the cookies, tracers and other similar technologies used by us and our partners on our Site, as well as how to set them, please refer to our cookie management policy.
Maximum lifetime of cookies and retention of personal data collected by this means: six months from the deposit of cookies in your browser or terminal.

4.1.8 Use of cookies or similar technologies with social networks and marketing tools:

Purpose of Processing: For the purpose of providing interactive features between our Site and social networks, as well as tracking, understanding and studying the use of our pages on social networks and interactions between our Site and social networks, we make available to you on our Site links to our pages on social networks, configure these pages as an administrator, or suggest you use tools created or offered by these social networks. In this context, we process Personal Data about you, in particular to provide you with the aforementioned interactivity features. We also use this data to improve your user experience, measure the audience and performance of our pages on social networks and the interactions between our Site and these networks, as well as to compile statistics, including navigation statistics. Personal Data about you may also be collected and processed in order to allow the display to your attention on social networks of advertisements, possibly targeted, according to your profile, your navigation, your location and your interactions with our pages on social networks, but also with our Site, or with other websites you visit. The collection of this Personal Data is carried out by means of cookies or other similar technologies, and the use thereof is subject to your consent, therefore optional.
Processed data: The processed data includes session, connection and internet browsing data, including information about your browser or terminal and its configuration, the history of traffic and browsing on our social media pages, information about the traceability of actions on and interactions with our social media pages or between our Site and social networks, information such as “identifiers” related to your terminal, your hardware, social networks or your operating system, location data, network information, your language, as well as non-personal data.
Legal basis of the Processing: This Processing is subject to your prior consent to the use of cookies and other similar technologies for the aforementioned purposes. This gives you the option of not consenting to it, or, if you do consent, withdrawing your consent at any time, without having to provide any reason or explanation. To learn more about cookies, tracers and other similar technologies used by us, please refer to our cookie management policy.
Joint Data Controllers: Where our setting up of a social networking tool has an impact on the nature of the Personal Data processed or the characteristics of this Processing, and more specifically where it can be considered that the Company jointly contributes to determining the purposes and/or means of the processing of Personal Data, we may be jointly responsible for the Processing with the social network concerned. In this case, the social network, which determines primarily the purpose and means of the processing, as well as the nature and the modalities of the deposit of cookies, has the main responsibility of the Processing. We recommend that you consult the privacy policies and cookie policies of these third parties for detailed information about their practices for collecting and processing your personal data. The social networks involved are Instagram, Tekegram, Pinterest, Youtube, Twitter, LinkedIn and Discord. For more information on how these social networks process your personal data, please consult their respective privacy policies and cookie policies.
Maximum lifetime of cookies and storage of personal data collected by this means: six months from the deposit of cookies in your browser or terminal.

4.1.9 Applications and the recruitment process:

Purpose of the Processing: The Company may process your Personal Data in the context of the management and follow-up of applications in response to job or internship offers, or which are sent to us spontaneously. This includes operations related to the recruitment process, such as the active monitoring and search of professional profiles corresponding to positions to be filled within the Company, the reception and study of applications, the evaluation and selection of applications and professional profiles, the establishment of a database of candidates, the use of recruitment assistance methods and techniques, the calling of candidates and the conduct of recruitment interviews, and the decision-making that follows from them.
Processed data: The processed data includes your identity, your contact details, information about your professional life, details about your training, experience and career path, your professional skills/references, information related to the job you hold, economic and financial elements, as well as all the information contained in your CV.
Legal basis of the Processing: Such Processing is necessary for the pursuit of our legitimate interests with a view to the search and recruitment of new employees.
Data retention period: Your Personal Data is kept for the period necessary to process your application. Unless you object, they may be retained until the expiration of two years from the receipt of your application. This period allows you to contact you again during this period if a position related to your profile becomes available.

4.2.1 Management of requests to exercise the rights of data subjects in relation to the protection of personal data:

Purpose of Processing: In the context of our legal and regulatory obligations related to the protection of Personal Data, in particular in response to requests to exercise the rights of data subjects, we may process Personal Data concerning you in relation to this purpose.
Processed data: Processed data include the identity, contact details, content and content of the request, exchanges and response, as well as additional information or a copy of an identity document, but only when the situation warrants it.
Legal basis of the Processing: This processing is necessary to comply with our legal and regulatory obligations mentioned above.
Data retention period: The data is retained for the period necessary to process the request. Thereafter, the data necessary to take account of the exercise of those rights may be retained for a period of three years from the request made by the data subject to the Company. It is specified that, in the event of a request to object to prospecting, your data will be kept for this purpose in a list of objections for three years. Where a copy of an identity document is collected in connection with a request to exercise your rights, it shall be immediately deleted if it has been communicated by you when the request does not require the transmission of such an identity document. It shall be deleted as soon as the identity of the person making the request is verified, where the situation requires such verification.

4.2.2 Pre-litigation and litigation

Purpose of the Processing: The processing of personal data concerning you is aimed at the management and follow-up of pre-litigation and litigation, including commercial disputes with customers, partners, suppliers, suppliers, and other contacts. This includes the preparation, exercise and follow-up of litigation, as well as the enforcement of decisions rendered, and the management of actions to establish, exercise or defend a right in court.
Processed data: Processed data include identity, marital status, economic and financial information, data relating to the persons involved, victims, witnesses, court officials mandated in the dispute, history of exchanges with the Company, information on the financial situation, special data, and any other information necessary for the subject of the dispute. This may also include data relating to offenses, convictions or security measures, if strictly necessary for the purpose of establishing, exercising or defending a right in court.
Legal basis of the Processing: This processing is based on the legitimate interests of the Company to preserve and enforce its rights in legal proceedings, in particular in the context of its relations with customers, partners, contacts, candidates, etc. Personal data may be processed if strictly necessary for these purposes. Likewise, data relating to offenses, convictions or security measures may be processed in order to prepare, exercise, monitor legal proceedings and enforce the judgment given.
Data retention period: The data are kept beyond the legal time limits, in the form of archives, during the limitation periods, in particular for probative purposes. In the event of pre-litigation, the data are retained until the amicable settlement of the dispute or, failing this, deleted as soon as the legal action is time-barred. In the event of a dispute, the data is kept for the duration of the proceedings and until the expiry of the remedies against the decision. The decisions pronounced may be retained until the decision has been fully implemented, or even as a final record.

4.2.3 Personal data that may be stored beyond the periods mentioned:

either after obtaining your consent;
or, in the form of archives, to comply with any legal and regulatory obligations imposed on the Company (for example, ten years for the retention of accounting documents, electronic contracts, five years for obligations to combat money laundering and terrorist financing, etc.), or during the statutory limitation periods, in particular for probationary purposes (for example, five years for the limitation period under ordinary law in civil matters, six years for the limitation period under ordinary law in criminal matters, two to five years in labor law matters).

5. Recipients and sharing of Personal Data

5.1 We ensure that only authorized persons within the Company can access your Personal Data when such access is necessary for the performance of their duties and/or missions. This concerns in particular the Company's staff, including employees, trainees, agency workers, etc., exercising responsibilities in the fields of marketing, communication, commerce, recruitment, human resources, customer and prospect relations, administration, finance, legal, development, IT, projects, etc.

5.2 External Recipients may also receive communication of your Personal Data, including:

the staff of the departments responsible for the control of our Company (auditors, departments responsible for internal or external control procedures, bodies authorized to carry out controls, etc.);
the staff of our advisors (legal, financial, etc.);
the personnel of our partners, including our suppliers and suppliers, subject to contracts specifying their obligations
the staff of our contractual or commercial partners, as well as of third-party companies, such as social network publishers, third-party website publishers, or publishers of cookies used on our Site, for example in the context of prospecting, communication operations, etc., or in the management of our digital marketing and the proper functioning of our Site. It is important to note that if you publish content disclosing your Personal Data on the Internet, in particular on our Site or on the Company's social media pages, this content may be accessible to any Internet user
staff of technical providers or other parties whose access to Personal Data is strictly necessary and/or justified in the context of their activities or missions. This category of recipients may include publishers of applications, computer programs or tools, as well as payment service or verification service providers used in the course of our activities or to provide you with the services accessible through the Site, as well as any IT or maintenance provider of the applications, computer programs and/or tools we use and in which your Personal Data may be processed;
the Company's customers for certain Personal Data;
the staff of the social and fiscal bodies authorized to receive, in certain cases, the Personal Data;
staff of agencies, judicial officers and ministerial officers involved in particular in their task of recovering debts;
where appropriate, the staff of the body responsible for managing the list of objections to telephone solicitation;
court clerks, ministerial officers and, where appropriate, staff of the courts or competent authorities to enable the sale or transfer of all or part of our activities or assets, or in the context of the management and follow-up of pre-litigation and/or litigation;
our insurers and/or insurance brokers, including their staff.

5.3 Certain partners or third parties, including their personnel, are also recipients of your Personal Data when you use the services accessible through the Site.

It is important to note that the Company is not responsible for the Processing of Personal Data carried out by these partners and third parties. These entities carry out their own respective Processing of Personal Data, for which they are solely responsible. The Company has no power of determination or control over these Treatments. For information purposes, users are invited to consult the personal data protection policies of these entities and any other documentation made available by these entities concerning the personal data processing they implement.

5.4 Furthermore, in the context of legitimate requests from public or authorized authorities, we may be obliged to disclose your Personal Data. Such requests may arise from the obligation to respect the right to personal data, national security concerns, the fight against fraud, money laundering, terrorist financing, or more generally, the application of legal or regulatory provisions. Your Personal Data could thus be communicated to any competent authority, in particular in the event of a request from judicial, police or administrative authorities. In such situations, we carefully consider the applicable provisions, the nature of the request, as well as its legitimacy and the proportionality of the information required. In addition, we reserve the right to report to public authorities activities that we consider in good faith to be illegal and alleged abuses.

5.5 It is important to note that the Recipients mentioned above are not necessarily the beneficiaries of all your Personal Data. They shall receive only the information strictly necessary for the purpose for which the communication takes place.

6. Your rights

6.1 According to the terms and conditions defined by the legal and regulatory provisions on the protection of Personal Data, you have the following rights concerning your Data:

Right of access: You have the right to obtain confirmation of the processing of Personal Data concerning you by the Company. When such processing is carried out, you have the right to access this data, as well as certain information relating to the processing operations and associated characteristics.
Right of rectification: You have the possibility to request the correction of your Personal Data that you consider incomplete or inaccurate.
Right to erasure: In certain circumstances, you may request the deletion of your Personal Data, unless their processing is necessary for the performance of contractual relations with the Company, for the fulfillment of legal or regulatory obligations, or for the establishment, exercise or defense of legal rights.
Right to restriction of processing: You have the right to request the restriction of the processing of your Personal Data in certain situations, thus allowing to mark your data in order to limit their future processing.
Right to portability of your Data: Under certain conditions, you have the right to request to receive your Personal Data provided to the Company or, where technically possible, to transfer it to a third party in a machine-readable format. This right applies only to processing based on your consent or on the performance of contractual relations, provided that the processing is carried out using automated processes.
Right to withdraw consent: If the processing is based on your consent, you have the right to withdraw that consent without affecting the lawfulness of the processing carried out before the withdrawal.
Right to set guidelines after your death: You have the right to set guidelines for the retention, erasure or disclosure of your Personal Data after your death. In the event of death, your Personal Data will normally be deleted, unless there is a need to keep it for legal and regulatory reasons, or in accordance with the statutory limitation and mandatory retention periods mentioned in paragraph 4 of the processing specifications. This data may also be communicated to a third party whom you may have designated.

6.2 Regarding the exercise of your rights relating to the Processing of your Personal Data implemented by the Company, you can exercise them either by email to the following address: dpo@mydid.com, or by post to the following address: myDid SA, rue des Beaux-Arts 8, c/o LEAX Avocats Sàrl, 2000 Neuchâtel, Switzerland.

In the event of reasonable doubt as to the identity of the person making the request to exercise his rights, the Company reserves the right to request additional information to confirm the identity of the Data Subject. In this case, the response time will be suspended until the necessary information is received.

The Company undertakes to respond to any request as soon as possible and, in any case, within a maximum of one month from receipt of the request. If necessary, this period may be extended by two months due to the complexity and number of applications, and the applicant will be informed if necessary.

The request may be made by the Data Subject or by a person specially authorized for this purpose, provided that this authorized person provides proof of his identity and of the identity of the principal, his mandate, its duration and its precise purpose. The mandate must also specify whether the agent can receive the response.

6.3 In addition, it is recalled that in certain situations, we may be considered jointly responsible for the Processing of your Personal Data with the social networks on which we have dedicated pages or with which we propose interactions.

6.4 You also have the right to lodge a complaint with the competent supervisory authority (in France, the Commission Nationale de l'Informatique et des Libertés, known as "Cnil": 3 place de Fontenoy - TSA 80715, 75334 Paris cedex 07; tel. 01 53 73 22 22) if you consider that the Processing of your Personal Data does not comply with the legal and regulatory provisions on the protection of Personal Data. To better understand your rights, you can consult the explanations provided by the Commission here: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.

6.5 Under articles L.223-1 et seq. of the Consumer Code, if you are a consumer, you have the right to object at any time to being contacted by telephone by registering free of charge on the website: https://www.bloctel.gouv.fr.

7. Security of Personal Data

7.1 The Company implements appropriate organizational and technical security measures, taking into account in particular the categories of Personal Data processed, technological advances, implementation costs, as well as the nature, scope, context and objectives of the Processing. These measures are also adjusted according to the risks, including the degree of probability and severity, in order to protect your Personal Data against any malicious intrusion, loss, alteration or unauthorized disclosure to third parties. The overall objective is to maintain security, confidentiality and a level of security appropriate to the risk, while safeguarding the rights and freedoms of natural persons.

However, due to the challenges inherent in online activity and the risks associated with electronic data transmission, the Company cannot guarantee an absolute result. In the event of difficulties, the Company undertakes to make its best efforts to contain the risks and to take all appropriate measures in accordance with its legal and regulatory obligations, such as corrective actions, the information of the CNIL and, where appropriate, the persons concerned.

7.2 When designing, creating, selecting and using our services offered on the Site, which are based on the Processing of Personal Data, the Company integrates the principle of the right to the protection of Personal Data by default and from their design, in accordance with the principles of Privacy by Design and by Default.

7.3 Access to your Personal Data is restricted to our employees, partners and the Recipients mentioned above, who are authorized and need this data in the course of the performance of their missions and/or activities.

7.4 In the event of the outsourcing of part or all of a Processing of Personal Data, the Company contractually imposes on its Subcontractors guarantees of security, including confidentiality, concerning the Personal Data to which they may have access. These safeguards include the establishment of appropriate technical and organizational measures to protect such data.

8. Is Personal Data transferred outside the European Union?

8.1 Your Personal Data are treated with preference within the European Union.

8.2 For the above purposes, however, some of your Personal Data may be transferred to third parties located outside the European Union (e.g., the Company's subcontractors involved in the aforementioned Processing Operations, etc.).

Some of these recipient entities of your Personal Data are considered to provide an adequate level of protection for this data, as they are established in a country whose personal data protection regulations have been recognized as satisfactory by European Commission adequacy decisions (see here:
https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en).

However, if the country of the entity receiving your Personal Data does not guarantee an adequate level of protection, we will ensure that appropriate security and confidentiality measures are in place to ensure that your Data is protected.

In such cases, you are informed that transfers of your Personal Data to other entities outside the European Union are governed by the conclusion, with the recipients of such Data, of contractual clauses in accordance with the recommendations of the European Commission. These clauses ensure that appropriate safeguards are put in place to protect your Data.

We would like to clarify that transfers of Personal Data outside the European Union are legitimate if the transfer is necessary for the performance of a contract between the Data Subject and the Controller, for the implementation of pre-contractual measures taken at the request of the Data Subject, for the conclusion or performance of a contract concluded in the interest of the Data Subject between the Data Controller and another natural or legal person, or if the Data Subject has given his explicit consent to the intended transfer, after having been informed of the risks that this transfer might entail due to the lack of an adequacy decision and appropriate safeguards.

A copy of the reference documents mentioned in this paragraph may be obtained (with the exception of all commercial information considered sensitive or confidential or covered by business secrecy) by contacting us.

9. Links with third parties

9.1 We would like to inform you that our digital media, such as our website and social media pages, may contain links to third-party sites, including social media platforms. We have no control over the activity of these sites or the policies they apply to protect your Personal Data and your rights. We strongly recommend that you review the warranties provided by these sites prior to any interaction with them. Please note that the personal data protection policy of these sites may differ from that of our company, and it is your responsibility to read it.

9.2 If you post content disclosing your Personal Data on the Internet, in particular on social networks, including on the social network pages of our company, this content may be accessible to any Internet user and collected or used by third parties for purposes that are not our responsibility. In any case, our company cannot be held liable if the processing of Personal Data carried out via one of these third-party sites violates the applicable legal and regulatory provisions.

10. Amendment of the Privacy Policy

10.1 This Data Protection Policy may be subject to change at any time, with effect from the date of publication of the corresponding update. We therefore encourage you to consult it regularly.