As a world leader in online intelligence, Digimind pays the most attention to the processing of personal data.
Our longstanding experience in this market has allowed us to build an effective personal data management policy, which combines privacy processes and tools to ensure data security.
Please find below our detailed activity on this, our processing methods, and the rights you can claim about your data
What is personal data?
Personal data means data which relates to a living individual who can be identified from that data (…) and includes any expression of opinion about the individual(Source: ICO).
What data is processed by Digimind?
Digimind processes differents types of personal data ranging from (i) Digimind’s employees data; (ii) contact data relating to customers, suppliers, and business partners; (iii) navigation data on Digimind websites; (iv) personal data from users of our solutions; (v) and data indexed from Internet by means of our software.
Regarding data from the Internet, Digimind indexes data from the web and especially from social media networks. According to the official definitions, This indexed data is not regarded as sensitive. Furthermore, pursuant to the new European Data Protection Regulation (GDPR) Article 6, Digimind is only indexing data which is voluntarily posted on the Internet with a public status and which has been prone to expressed consent regarding the use by third parties.
In other words, Digimind never collects information which has a private status and is not able to access to profiles or pages online and social networks, if the access has been restricted by the user.
What is Digimind doing with this data?
All of the data from Digimind’s employees and contact information from clients, suppliers, and partners are used to ensure standard functions of the company like all types of communication, payment, and invoicing.
Last but not least, indexed data from the Internet enables our software to generate consolidated visual analysis for our clients’ daily usage.
How is this web public data indexed?
As part of its collection activity, Digimind uses automated indexing systems, also known as “crawlers”. This is available thanks to some application programming interfaces (API), via agreement with websites or third-party content suppliers.
These crawlers abide by the terms and conditions of individual sites, meaning that we observe each platform’s privacy requirements and other restrictions, and also comply with websites’ protocols. Digimind does not use an ID circumvent system and only collects data when the site has authorized it. Our crawlers are also identifiable by site owners as belonging to Digimind, so that they can choose to block or contact us with any questions.
The indexes of the data is stored at subcontractors’ data centers, who commit themselves to the same level of requirement and to the respect of the same rules, in particular under Article 28 of the GDPR. The data can only be stored in European Union country members or countries where legislation is regarded as adequate by the law of the European Union.
How can I be ensured that my data are protected?
Pursuant to the new European regulation related to the protection of personal data in Article32, Digimind commits to implementing every technical and organizational measure to guarantee a suitable level of security for each typology of indexed data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to User Personal Data.
This represents a process of handling data, started well before the date GDPR shall apply the 25 May 2018, in line with the French Law “informatique et liberté” from 1978 and which shall continue beyond that date.
In order to meet these requirements, data is indexed by type, sensitivity, and treatment. Each treatment is listed in a register, as provided for in Article 30, and is subject to appropriate protection defined after a Privacy Impact Assessment (PIA) as framed by Article 35 et seq. of the GDPR.
All of these documents, as well as the mapping of use and transfert for each type of data, are at the disposal of the supervisory authorities designated by Article 54 et seq. of the GDPR.
In this context, Digimind has implemented a “Privacy by Design” policy, which means that from the moment Digimind designs and develops our solutions, we implement the right features so that we index only the data strictly necessary for the use that is pursued as recommended by the European Regulation Article 25.
Once the data are indexed, it is not kept longer than necessary for the nature and purpose of the processing. To ensure that data is not intentionally or unintentionally retained for longer than necessary, Digimind has implemented a system for automatic deletion. This measure is part of the Digimind strategy of personal data minimization.
At the same time, Digimind maintains strong physical and applicative security measures in line with market standards. This security policy is shared with our clients within the context of specific non-disclosure agreements.
Moreover, in order to guarantee stringent security and to prevent any harm, Digimind, following the Article33 of the GDPR, will notify the concerned person and the control authority as soon as practicable after it becomes aware of any personal data breach affecting any user personal data.
In addition, Digimind is offering a full data anonymisation option as part of our “Privacy by Design” program. This applies specifically to Digimind Social. It allows our clients to ensure the maximum level of security you expect, and is beyond what the GDPR requires.
Respect for personal character and for the will of concerned persons
Digimind is aware of the importance of the control of its personal data, and guarantees the full cooperation of Digimind’s services to all individuals involved in the processing of its data.
To that end and in compliance with the obligations enshrined in the Regulation on the protection of personal data, Digimind guarantees:
- The right of access to its data (Article 15 GDPR): The data subject can ask Digimind for confirmation that personal data concerning him are or are not processed. He can, if they are processed, ask for access tothese personal data informationas well as asking for information related to the treatment, the recipients, the period of conservation.
- Right to object (Article 21 GDPR): The data subject may, at any time, object, for reasons related to his or her personal situation, to the processing of his personal data.
- Right to erasure (‘right to be forgotten’)(Article 17 GDPR): The data subject can ask Digimind to delete personal data related to him as soon as possible when these are no longer necessary for the purposes for which they were indexed, or if the data subject haswithdrewits consent on which the processing is based, in accordance with Article 61, or if it objected to the processing of its data as provided forgoing.
- Right to rectification (Article 16 GDPR): The data subject may request Digimind to correct any inaccurate personal data concerning him. Given the purpose of the processing, the data subject may also request that incomplete personal data be completed, including by providing a supplementary declaration.
- Right of communication to the data subject in case of personal data breach (Article 34 GDPR): When a personal data breach is likely to result in a high risk to the rights and freedoms of natural persons, Digimind commits to communicating the personal data breach to the data subject without undue delay.
Changes to this Policy
Effective: March 9th, 2018.
If you wish to obtain more information or to assert your rights on your personal data, you can contact us right now at firstname.lastname@example.org