Personal Data Protection Policy of the Website www.overlayer.ai

Preamble

The website www.overlayer.ai (hereinafter the "Website"), along with the provided services, is operated by PRESENCE SOFT, a simplified joint-stock company with a capital of €16,000, registered in the Pontoise Trade and Companies Register under number 3790 715 684, with its headquarters located at 22 rue Saint-Jean 95520 Osny. You can contact us via email at rgpd@overlayer.fr (hereinafter the "Data Controller").

Access to the Website and its features requires the collection and processing of users' personal data. Therefore, a personal data protection policy is necessary to comply with legal and regulatory requirements.

The Website's data protection policy has been established in accordance with the recommendations of the French Data Protection Authority (CNIL) and aims to inform users about how their personal data is processed and the measures taken to ensure their protection.

This policy is in compliance with:

  • The French Data Protection Act of January 6, 1978;
  • The European General Data Protection Regulation (GDPR) of May 23, 2018;
  • The French transposition law of the GDPR dated June 20, 2018;
  • CNIL recommendations.

The current version of this policy is the one in force and may be updated to comply with legal obligations or adapt to new practices. Users are encouraged to review it regularly.

For any questions regarding the processing of their personal data and the exercise of their rights, users can contact our dedicated service via email at rgpd@overlayer.fr.

Article 1 – Definitions

1.1 Technical Terms Related to Personal Data Protection

  • Consent: Any freely given, specific, informed, and unambiguous indication of a user's wishes by which they agree to the processing of their personal data.
  • Data Controller: The entity that determines the purposes and means of data processing.
  • Processor: The entity processing personal data on behalf of the Data Controller.
  • Processing: Any operation performed on personal data, such as collection, recording, storage, transmission, or deletion.
  • Personal Data Breach: A security breach leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data.

1.2 Other Terms Used

  • Content: All elements on the Website, including text, images, videos, software, etc.
  • Intellectual Property Rights: All copyrights, trademarks, patents, and related rights.
  • Features: The functions available on the Website.
  • Services: The services provided through the Website.
  • User: Any individual accessing and using the Website and its services.

Article 2 – What is Personal Data?

Personal data refers to any information that can directly or indirectly identify an individual, such as name, email, phone number, and address. Under GDPR, personal data includes any information relating to an identified or identifiable person.

Article 3 – Data Collection from Minors

Only minors aged 15 or older may consent to the processing of their personal data. Users under 15 must obtain consent from a legal representative. The Data Controller is not liable for the collection of data from minors under 15 without such consent.

Article 4 – Collection of Personal Data

Users provide personal data when using the Website and its services. By providing their data, users consent to its collection and processing for the purposes detailed in Article 5. The Data Controller collects only the data necessary for these purposes.

Article 5 – Purposes of Data Processing

  • Requesting a Demo: Users must provide their name, email, and phone number to schedule a demo of the Overlayer solution. Data is used to validate and follow up on the appointment.
  • Support and Assistance: Users submitting support requests provide their name, email, and request details to receive assistance.
  • Browsing Analysis: Data related to user navigation is collected for statistical analysis and fraud prevention.

Article 6 – Data Retention Period

  • User data: Retained for up to 3 years from the last user contact.
  • Connection data: Retained for up to 13 months.

After the retention period, data is deleted or anonymized.

Article 7 – Data Access

Internal staff members and specific service providers may access user data for technical maintenance and support. Service providers, such as Webflow (hosting) and CRISP (chatbot), comply with data protection regulations.

Article 8 – Data Protection

The Data Controller implements security measures to protect personal data. In case of a data breach, affected users will be notified. Data is not resold or outsourced.

Article 9 – User Rights

Users have the following rights under GDPR:

  • Access, Rectification, and Deletion: Users can request access, correction, or deletion of their data.
  • Data Portability: Users can request the transfer of their data.
  • Processing Restriction and Objection: Users may request to restrict or object to the processing of their data.
  • Automated Decision-Making: Users have the right not to be subject to decisions based solely on automated processing.

Requests should be sent to rgpd@overlayer.fr with identification proof.

Article 10 – Exercise of Rights

Requests to exercise rights can be made by email to rgpd@overlayer.fr. The Data Controller, Mr. Louis de BENTZMANN (louis@overlayer.ai), will process requests within one month.

Article 11 – Cookies Policy

The Website uses cookies for:

  • Traffic Analysis: Google Analytics (retained for 13 months)
  • Lead Tracking: Hubspot (retained for 6 months)

Users can configure their browser settings to manage cookie preferences.

Article 12 – Changes to the Privacy Policy

This policy may be updated. The latest version will be published on the Website.

Article 13 – User Acceptance

By using the Website, users acknowledge having read and accepted this privacy policy.

Article 14 – Governing Law

This policy is governed by French law and falls under the jurisdiction of the competent courts.

For further inquiries, contact: rgpd@overlayer.fr