GDPR Compliance

1. Introduction

At Azinove SAS, we are committed to protecting the privacy and security of your personal data. This GDPR Compliance statement explains how we comply with the General Data Protection Regulation (GDPR) when processing personal data.

2. Data Controller

Azinove SAS, registered at 13 RUE DE DAHLENHEIM, 67200 STRASBOURG, France (SIREN: 897 432 324), acts as the data controller for personal data collected through our CleverAI platform.

3. Legal Basis for Processing

We process personal data on the following legal bases:

• Consent: Where you have given explicit consent for specific processing activities.
• Contract: Where processing is necessary for the performance of a contract with you.
• Legal Obligation: Where processing is necessary to comply with legal obligations.
• Legitimate Interests: Where processing is necessary for our legitimate interests, provided these interests do not override your fundamental rights and freedoms.

4. Your Rights Under GDPR

Under the GDPR, you have the following rights:

• Right to Access: You can request a copy of your personal data.
• Right to Rectification: You can request correction of inaccurate personal data.
• Right to Erasure: You can request deletion of your personal data in certain circumstances.
• Right to Restrict Processing: You can request restriction of processing in certain circumstances.
• Right to Data Portability: You can request transfer of your personal data to another service provider.
• Right to Object: You can object to processing based on legitimate interests or for direct marketing.
• Rights Related to Automated Decision Making: You have rights related to automated decision making and profiling.

To exercise any of these rights, please contact us at privacy@cleverai.ai. We will respond to your request within one month.

5. Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

• Encryption of personal data
• Regular testing and evaluation of security measures
• Ability to restore access to personal data in the event of a technical incident
• Regular staff training on data protection
• Access controls and authentication procedures

6. Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Different types of personal data may be kept for different periods.

7. International Data Transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure that appropriate safeguards are in place, such as:

• Transfers to countries with an adequacy decision from the European Commission
• Standard Contractual Clauses approved by the European Commission
• Binding Corporate Rules for transfers within a corporate group

8. Data Protection Officer

While we are not legally required to appoint a Data Protection Officer, we have designated a data protection contact person who can be reached at privacy@cleverai.ai for any data protection inquiries.

9. Data Breach Procedures

In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where feasible. If the breach is likely to result in a high risk to your rights and freedoms, we will also notify you without undue delay.

10. Complaints

If you have concerns about our processing of your personal data, you have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL) in France or the supervisory authority in your country of residence.