PRIVACY POLICY FOR CUREETY.COM
WEBSITE AND SOCIAL MEDIA
We, the company Cureety, offer the website accessible at the address: https://www.cureety.com/ (hereinafter referred to as “the Site”). We also provide social media pages accessible at the addresses: https://www.linkedin.com/company/cureety and https://x.com/cureeety.
Browsing this Site, its management, and the use of our social media pages involves the collection and processing of your personal data (or Personal Data).
However, we attach particular importance to respecting your privacy and protecting your Personal Data. In this regard, we guarantee compliance with the applicable regulations in this matter, notably the provisions of Regulation EU 2016/679 of April 27, 2016: General Data Protection Regulation (GDPR).
For the purposes of transparency and fairness, this privacy policy explains why and how we collect/process your Personal Data when using and managing our website.
Cureety s’engage à respecter les principes essentiels ci-dessous :
Visitors remain in control of their personal data,
We only collect the data strictly necessary from our Visitors,
Data is collected in a transparent, confidential, and secure manner.
ARTICLE 1 – KEY TERMS
Personal Data (Data): Information that allows the identification of a natural person directly (e.g., name/first name/address) or indirectly (e.g., contract number/phone number/IP address).
Data Protection Officer (“DPO”): Person designated by the Data Controller to manage and monitor compliance with the GDPR.
Data Controller: The entity that determines the purposes and means of the processing: what your Data will be used for and what tools will be used to process it.
Visitor: Any person who browses and uses the Site (simple visitor, prospect, partner, or future collaborator), excluding users accessing the telemonitoring platform or our social media pages.
Processor: The entity that performs operations on Data on behalf of and according to the instructions of the Data Controller.
Processing of Personal Data: An operation or set of operations organized and performed on Personal Data (on the Site: collection, transmission, consultation, storage, etc.).
Partners: Cureety’s professional partners, including healthcare professionals, healthcare institutions, and PSAD.
ARTICLE 2 – WHO IS RESPONSIBLE FOR PROCESSING YOUR DATA ?
The Data Controller is Cureety SAS, whose registered office is located at 33 rue de l’amirauté, 22100 DINAN.
When you access and visit the Site, when you appear in our publications, and when you interact on our social media pages, Cureety is responsible for processing your Data, specifically for:
- Contacting us via the contact form;
- Sending us your application via the contact form;
- Requesting a demo by filling out the dedicated form, which allows us to subsequently send you an email to access the demo of our platform;
- Interacting on our social media pages, whether privately or publicly;
- Browsing the Site: the only cookie placed by Cureety is functional and necessary for its proper operation. Cureety does not perform any audience measurement, and no trackers are placed for this purpose;
- Communicating with Cureety members following a contact;
- Exercising your GDPR rights.
ARTICLE 3. WHAT DATA DO WE COLLECT?
When you browse our Site, appear on our Site, or interact on our social media pages, the Data collected directly from you, which we process in compliance with the principle of minimization imposed by the GDPR, may include:
- Identification Data: image, voice, name, first name, email address, phone number
- Données de connexion
- Professional Data: position, professional specialty, education, professional experience (especially in the case of an application)
- Data related to our interactions on social media (name, first name, personal life, professional life, photo, pseudonym, etc.)
ARTICLE 4 – FOR WHAT PURPOSES ?
The various Data mentioned above may be collected by Cureety for explicit, legitimate, and specific purposes to ensure:
| Purpose | Sub-purposes | Legal Basis |
| Site management | Management of publications, administrative management, and technical management | Legitimate interest |
| Site security management and ensuring its proper functioning | ||
| Handling requests and feedback related to the website | ||
| Commercial management of the website | Handling contact requests through the contact form and communications | Consent (manifested through your request) |
| Posting and management of the demo request form | ||
| Management of B2B prospecting | Legitimate interest | |
| Management of our business relationships | Contract management and monitoring of partnerships | Contractual performance |
| Management of applications (recruitment) | Management of spontaneous applications and responses to job offers, CV database | Legitimate interest, consent, pre-contractual measures |
| Management of our social media accounts | Administration and publications, Management of publications and public and private interactions (X, LinkedIn) | Legitimate interest
Consent |
| Management of your rights and protection of your data | Registre d’exercice des droits et procédure associée, registre des violations de données et procédure associée | Legitimate interest
Compliance with our legal obligations |
| Handling complaints, litigation, exercising or defending a legal right | Legitimate interest | |
The creation and management of user accounts (patient or practitioner) on the telemonitoring platform are subject to specific information and require acceptance of the Terms of Use (CGU).
ARTICLE 5 – RECIPIENTS OF THE DATA
Only the individuals mentioned below have access to your Data:
- Authorized personnel of Cureety responsible for managing the Site and social media pages, and responding to contact requests/exchanges.
- Authorized subcontractors of Cureety: the Site’s hosting provider.
In addition, relevant jurisdictions, mediators, accountants, auditors, bailiffs, lawyers, and debt collection agencies may also have access to your Data as necessary.
ARTICLE 6 – FOR HOW LONG ?
Cureety commits to retaining collected data for a duration not exceeding the time necessary to achieve the purposes stated above.
The Data may be retained for a longer period to comply with a legal obligation or a statute of limitations.
Concerning the specific duration of retention:
| To respond to a contact request via the dedicated form on the Site | The information provided on the Site or during our subsequent exchanges will be kept for as long as necessary to respond to and fulfill your request. |
| Request for a demo of the Cureety application | The requested information is kept for 3 years from our last contact (in the absence of any contractual follow-up). |
| Data related to our business relationship (contractual relationship) | Duration of the contractual relationship, plus 5 years from the end of the contract |
| Data related to the exercise of your GDPR rights | years from the expiration of the response deadline |
ARTICLE 7 – SECURITY
Cureety and its subcontractors are committed to implementing all technical and organizational measures to ensure the security and confidentiality of your Data, considering the state of knowledge, costs, nature, scope, context, and purposes of the processing to guarantee a level of security appropriate to the risks, from the design stage.
In this regard, Cureety takes all precautions to preserve the security of your Data and, in particular, to prevent it from being distorted, damaged, or accessed by unauthorized third parties, such as:
- Designation of a Data Protection Officer (DPO),
- Regular awareness training for all employees,
- Employee confidentiality agreements,
- Technical measures including traceability, segmentation, encryption, authentication processes, regular backups, hardware and software security (firewalls, antivirus, etc.),
- Internal procedures ensuring incident management and the rights of individuals concerned.
ARTICLE 8 – TRANSFER OF DATA OUTSIDE THE EU
Cureety places particular importance on using GDPR-compliant solutions and subcontractors.
Regarding the processing of Data from Site Visitors, Cureety does not engage partners outside the EU.
If this were to change, Cureety would inform you, detailing the measures taken to oversee and control such transfers, ensuring the confidentiality and security of your Data are upheld.
ARTICLE 9 – DATA PROTECTION OFFICER
Our DPO at Cureety can be contacted:
-
- By email: dpo@cureety.com
- By postal mail: [Insert postal address here]
CUREETY SAS
DPO
33, rue de l’Amirauté
22100 DINAN – France
ARTICLE 10 – SOCIAL MEDIA
Visitors to the site have the option to click on dedicated icons for social networks such as X or LinkedIn displayed on the Site to be redirected to Cureety’s dedicated pages. The terms of use and privacy policies of these networks then apply.
LinkedIn https://fr.linkedin.com/legal/privacy-policy
ARTICLE 11 – COOKIES
Cookies are small files stored on your computer/terminal that typically allow for identification, remembering your visits, and providing audience measurement and statistics, especially regarding pages viewed.
Cureety’s website only uses one cookie necessary for its proper functioning. We do not use ANY OTHER COOKIES.
Additionally, Cureety is present on various social networks (LinkedIn and Twitter) managed by third parties. When you visit these third-party platforms through our Site (social media buttons present on our Site), cookies may be installed on your device, particularly for personalized advertising purposes.
For more information regarding these third-party cookies, we invite you to consult their applicable privacy and cookie policies:
– Twitter : https://help.twitter.com/fr/rules-and-policies/twitter-cookies#
– LinkedIn : https://fr.linkedin.com/legal/cookie-policy
You also have the option to share content from our Site on other third-party sites or social networks. This action may require the use of cookies by these third-party sites or social networks, some of which may require your consent.
ARTICLE 12 – WHAT ARE YOUR RIGHTS AND HOW CAN YOU EXERCISE THEM?
| Which Law? | Definition | You can exercise it when the legal basis for processing is: |
| Right of access
(Art. 15 of the GDPR) |
You have the right to know whether or not your data is processed by Cureety, and to access this data. | All |
| Right to rectification
(Art. 16 and 19 of the GDPR) |
You have the right to request that your data be completed or rectified promptly when you are unable to do so directly. | All |
| Right to erasure
(Art. 17 of the GDPR) |
You have the right to request the erasure of your data under certain conditions, especially if you believe the processing is unlawful or the data is no longer necessary for Cureety, with some exceptions (such as legal obligations). Erasure is an irreversible action. | Consent Contractual
performance Legitimate interest |
| Right to restriction of processing
(Art. 18 of the GDPR) |
You have the right to request the temporary suspension of your data (placing a restriction on their future processing) in four specific cases. | All |
| Right to data portability
(Art. 20 of the GDPR) |
You have the right to receive a portion of your data in a structured, machine-readable format, and to transmit this data to another entity. | Consent
Contractual performance Legitimate interest |
| Right to object (Art. 12 of the GDPR) | You have the right to object to the processing of your data at any time, for reasons related to your particular situation. You can exercise this right without any conditions, especially for processing conducted for direct marketing purposes. | Legitimate interest |
| Right not to be subject to a decision based solely on automated processing
(Art. 22 of the GDPR) |
Not applicable | |
| Right to withdraw your consent | You have the right to withdraw your consent at any time for processing activities where you have previously given consent. This withdrawal will be valid for future processing. | Consent |
In accordance with the Regulations and to the extent possible, Cureety will inform recipients of your Data about any deletion, rectification, or limitation of processing of your Data.
You also have the right to determine the fate of your Data after death and to choose whether we communicate (or not) your Data to a designated third party. In the absence of instructions from you, we commit to deleting your Data within a certain period after your death, unless their retention is necessary for evidential purposes or to fulfill our legal obligations.
Any request to exercise these rights can be addressed to our Data Protection Officer (DPO):
dpo@cureety.com
A proof of identity may be requested to secure your request.
If, however, after contacting Cureety, you are not satisfied, you can also lodge a complaint regarding data protection with the French Data Protection Authority (CNIL):
CNIL – Service des plaintes
3 Place de Fontenoy – TSA 80715 –
75334 PARIS CEDEX 07
Tél : 01 53 73 22 22
ARTICLE 13 – MODIFICATIONS
This policy may be modified or adjusted at any time due to legal or jurisprudential developments, decisions and recommendations from the CNIL (French data protection authority), or changes in practices.
In the event of significant changes or modifications to this Policy that may impact the processing of your personal data, we commit to informing you in advance before implementing these changes.