PRIVACY POLICY

Pour la version en Français, merci de cliquer ici.

This policy applies to the meeting scheduling service “Slash” (hereafter referred to as the “Service“), contact data collected on Julie Desk Sas websites, editor of the “Slash” service (hereafter referred to as the “Websites“) and other interactions (such as support request or commercial relationship management) between users and Julie Desk SAS.

In the following, we will use the terms “Customers” to identify free or paid users of the Service (users that have a “Slash” account and that initiate appointments scheduling requests) and “Contacts” to identify people with whom Customers are organizing appointments.

This policy aims to inform users of the processing of their data and their rights in accordance with the European General Data Protection Regulation (GDPR).

  1. Data collection
  2. Data processing

  3. Data retention period

  4. Information Sharing

  5. Security

  6. Rights

  7. Consent

  8. Transfert to another country

  9. Data controller

  10. Amendments

1. Data collection

Julie Desk collects information about its users in the following ways:

Customers’ Contacts data

  • “Appointment participant” form. When using the appointment scheduling Service, Contacts can select an appointment time slot in a web interface. At the end of this process, a form asks for the Contact’s personal informations so that it can be contacted by the Customer. This information is transferred to the Customer who initiated the appointment request and is included in the generated calendar event (added to the Customer’s calendar, Contacts receive a calendar invite). This information is optional but useful if it is not known by the other part and is :

    • First Name

    • Last Name

    • Means of contact like phone number, conference number, Skype or similar services ID

    • Company

    • Function

Customers’ Data

  • Single Sign-On (SSO). Users can register for the Service using a Single Sign-On mechanism. This allows the authentication to be delegated to a specialized third party service. This simplifies access to the Service for the end user. It should be noted that the requested permissions do not allow access to emails or address book of users or the password used to authenticate with the third-party authentication service. The information consulted and stored are :

    • User’s email address

    • Name and first name of the user

    • Access to the the user’s calendar (in read / write mode)

  • Connected calendars. The Service requires access to the calendars of its Customers. When an appointment scheduling is requested, an automatic process connects to the Customer’s calendars and identifies available slots that are compatible with demand-specific constraints and general preferences. The Service accesses existing events in Customer’s calendars and creates new events.

  • Emails sent to the Service. Emails sent to request an appointment are automatically processed by artificial intelligence algorithms. This analysis is done to extract the meaning of queries and their associated constraints. It should be noted that the Customer who initiates the appointment scheduling by email may choose what information he shares. Required information is the following :

    • Contacts, identified by their email addresses

    • Localization constraints (like the meeting location)

    • Time constraints (like “next week”)

    • Appointment type (like coffee or call)

  • Personalization data.​ Julie Desk collects personalization information through its personalization application (for Customers) or by communication with the support. This includes the following data:

    • Business addresses

    • Time preferences

    • Other means of contact (such as instant messaging identifier, conference call number, etc.) defined by the user

  • Other data. ​The Service can be used by email and connects to its Customers’ calendars. Other data may be transmitted by the user and its contacts via these means of communication.

Websites’ related data

  • Forms. Julie Desk collects some contact information via forms on its Websites or through support tools. This information is used to contact you again and are :

    • Last Name

    • First name

    • Email

    • Phone number

    • Company

    • Function

  • Monitoring data.​ Julie Desk automatically collects tracking metadata on its Websites. This collection includes:

    • IP addresses: the IP address can be used to geolocate users

    • Information about the user system: browser name, language and operating system version

    • Interaction data: resource addresses (URLs), reference pages, clicks count, time spent on pages, date and time of page views

    • The use of cookies

2. Data Processing

The collected data is processed in accordance with the user requests, the contractual obligations that bind Julie Desk and its Customers and applicable laws.

This data is used for:

  • Monitoring the use and protecting the security of the services. This includes audience measurement, service error analysis or prevention and detection of technical or security problems.

  • Responding to contact requests.​ The contact information is used to respond to requests, particularly in the event of a commercial or support request.

  • Sending newsletters.​ Newsletters are sent by email about service news, updates or special offers to users who have requested them. These newsletters can be deactivated at any time. This deactivation is not blocking the execution of the rest of the service.

  • Provide the meeting scheduling service. ​The provided contact data and shared calendar information are used to ensure contractual commitments and in particular to :

    • define and understand requests

    • identify the best time slots according to preferences and constraints

    • communicate with Customer Contacts and create calendar events (meetings) including location, context, schedule and attendees information

The meeting scheduling service is based on automatic decision making (artificial intelligence).

  • Conducting surveys and monitor usage.​ Julie Desk may need to contact its Customers in particular as part of regular monitoring of usage (support) or to solicit feedbacks regarding the service.

  • Improving the quality of the service. Data is analyzed to improve the Service. Emails and calendar events are also automatically processed to train and improve the performance of artificial intelligence algorithms.

  • Invoicing the service and managing the commercial relationship

Aggregate information for which it is no longer possible to identify individuals (free of any personal information) such as aggregate statistics can be used for commercial purposes.

3. Data Retention Period

 

The data retention period is defined in order to meet Julie Desk’s contractual, regulatory and commercial obligations.

4. Information Sharing

This paragraph describes the information sharing policy. The data is not shared or sold to any third party not defined below.

  • Communication to Customer Contacts. Within the framework of the execution of the Service and based on Customers instructions in its service solicitation requests, Julie Desk shares the Customer’s information with the Customer’s Contacts explicitly designated by the latter during a meeting organization. This communication is strictly limited to the organization of the meeting and to the concerned participants. Shared information in this case are:

    • Customer’s availabilities that match global preferences and specific constraints

    • Customer contact information such as phone numbers

    • Instructions such as floor number or teleconference number

    • Appointment address such as the client’s office address
       

  • Communication to Customers. The personal information provided by Customer’s Contacts in the “appointment participant” form is transferred to the Customer who initiated the appointment scheduling.

  • Support​. In case of error, abnormal behavior or direct solicitation, requests are forwarded to a support team.

  • Service providers. Contact data, business relationship management and billing data are processed by external service providers.

5. Security

The security of data processed by the Service (including personal data) is at the heart of the Julie Desk product. Strong safeguards for data confidentiality, integrity and availability have been set up. Julie Desk also has policies and procedures to prevent unauthorized access to data. These include secure development rules as well as privacy by design rules, continuous security sensibilisation, encryption and non-disclosure agreements signing.

6. Rights

Users who have provided data to the service can contact Julie Desk support to assert their rights:

  • Access right. The user may request an extract of its personal information stored and processed.

  • Rectification right. The user can ask to modify erroneous information.

  • Right to be forgotten. The user can request to delete one or more of its personal information.

  • Portability right. The user has the right to retrieve its data. It should be noted that data portability is not necessary to ensure continuity of service when switching to a similar service provider.

If a request is directly received from a Contact of one or more Customers, this will be transferred to the relevant Customers as data controllers. Assistance will be provided to help Customers meet their obligations.

In the event of a dispute or query regarding the processing of personal data, the user may contact:

  • the Data Protection Officer that can be reached at the following email address: dpo@juliedesk.com

  • the local personal data control authority (a list of european data protection authorities can be found here)

7. Consent

By providing personal data, the user consents to its use for the purposes defined above. The consent can be withdrawn at any time by specifying the scope of the change of consent to Julie Desk’s support or any other automated mean made available to the user to exercise this right, such as an unsubscribe link.

It should be noted that the withdrawal of consent for the processing of all or part of personal data may degrade or make the provision of the associated services (including the meeting scheduling service) impossible. A withdrawal of consent will not affect the lawfulness of the processing prior to such withdrawal.

 

8. Transfer to another country

The service data is hosted in the European Union. Data is transferred to countries outside the European Economic Area (EEA) in the following cases:

  • Commercial relations data, invoicing and newsletters

Julie Desk has implemented a procedure to verify the security and personal data protection guarantees of its subcontractors in accordance with the regulations currently being enforced (including the European GDPR).

9. Data controller

In the context of providing the meeting scheduling service, the Data Controller responsible for processing the data transferred by email by the customer and his contacts or via the customer’s calendar is the Customer. Julie Desk is a Data Processor.

For other data, Julie Desk is the Data Controller.

10. Amendments

This policy may evolve in case of regulatory change or if Julie Desk’s activities changes. If an update of this policy may affect your rights, Julie Desk will contact you by email to notify you of the changes.

 

Last update : March 13, 2019

 
 
 
 
 
 
 
 
 
 

© 2018-2019 Julie Desk