Privacy Policy (Business)
Last updated: [DATE]
Purpose and scope
This policy describes how [LEGAL NAME] (the Provider), the publisher of the Mon Carnet Client software, processes personal data relating to the business Customer and its users (account, login and billing data) in connection with providing the Service. For the processing of the Customer's end customers' data, the Provider acts as a processor: that processing is governed by the data processing agreement (DPA) and is not covered by this policy.
Data controller
For the data described here, the data controller is [LEGAL NAME], a [LEGAL FORM] registered under number [SIREN], with its registered office at [REGISTERED OFFICE ADDRESS]. For any question about this policy or to exercise your rights, you may write to [DPO/CONTACT EMAIL].
Data processed and purposes
The Provider processes: identification and account data of business users (last name, first name, email, role, login credentials), business configuration data, billing and payment data (handled via Stripe), and technical connection and logging data. This data is used to create and manage the account, provide and secure the Service, deliver support, manage billing and collection, comply with legal and accounting obligations, and improve the Service. Emails sent to the Customer are strictly transactional (account management, verification, password reset, quota alerts).
Legal bases
Processing relies on the performance of the subscription contract (account management, provision of the Service, billing), on compliance with legal obligations (in particular accounting and tax rules for retaining invoices), and on the Provider's legitimate interest in securing the Service, preventing fraud and improving it. No commercial communication is sent to the Customer without an appropriate legal basis.
Retention periods
Account data is kept for the duration of the contractual relationship, then archived or deleted within [RETENTION PERIODS] after the end of the contract. Billing records are kept for the applicable statutory period (in particular ten years for accounting obligations). Technical logs are kept for [RETENTION PERIODS].
Recipients and sub-processors
Data is accessible to the Provider's authorised staff and its technical sub-processors, in particular: Stripe (billing and payment), a transactional email provider, Cloudinary (image hosting), and the PostgreSQL database host [HOSTING PROVIDER]. Some providers may process data outside the European Union; in that case, appropriate safeguards (standard contractual clauses or an equivalent mechanism) are put in place [NON-EU TRANSFERS TO CONFIRM]. Data is neither sold nor rented.
Security
The Provider implements appropriate technical and organisational measures to protect data: encryption of communications, access control, environment segregation, logging, backups and an incident-management policy. The detailed measures applicable to the processing of end customers' data are described in the DPA.
Your rights
The Customer and its users have the rights of access, rectification, erasure, restriction, objection and portability over their own account and billing data, under the conditions set by the GDPR. These rights are exercised with [DPO/CONTACT EMAIL]. A complaint may be lodged with the CNIL (3 Place de Fontenoy, 75007 Paris, France, www.cnil.fr).
End customers' data: see the DPA
Data relating to the Customer's end customers (loyalty card holders) is not processed by the Provider for its own account. The Provider then acts solely on the Customer's instructions, as a processor, in accordance with the data processing agreement (DPA), which defines its subject matter, duration, security and the parties' respective obligations.