Data protection policy
For all requests regarding the exercise of your rights, you can contact us through this form.
For any questions regarding the protection of your data, you can contact us at dpo@witik.io
Who accesses your personal data?
All information is collected and recorded by Witik, acting as the data controller, located at 21 rue de la Banque, 75002 Paris. The data is accessible by Witik’s strictly authorized personnel who have been trained in data protection.
Our Hosting Providers
To allow you to access our website witik.io, Witik uses NETLIFY, which is responsible for hosting, maintenance, and ensuring the proper functioning of the site witik.io.
To access forms and other public channels generated by our compliance platform (GDPR, SAPIN 2), Witik, a subcontractor of its subscribed clients, uses OVH SAS. OVH SAS is also responsible for hosting, maintenance, and ensuring the proper functioning of our compliance platform and forms.
Our Office Automation Provider
For the daily management of its activities, Witik uses MICROSOFT 365 on the workstations of its employees. This company handles some or all of the data you transmit during your interactions with Witik. This company performs data transfers outside the European Union governed by standard contractual clauses. A copy of these clauses is available here.
Our Webinar Solution Provider
To allow you to register and participate in our webinars, Witik uses the service provider LIVESTORM. This company also handles some or all of the data you transmit when registering on this platform and watching webinars live or replayed.
Our Survey Solution Provider
To allow you to respond to our questionnaires and surveys, Witik uses the service provider HUBSPOT. This company also handles some or all of the data you transmit, and performs data transfers outside the European Union governed by standard contractual clauses. A copy of these clauses is available here.
Our B2B Prospecting Solution Providers
As part of its commercial prospecting management, Witik uses several service providers. These companies also handle some or all of the data you transmit:
DROPCONTACT, professional contact database, whose privacy policy is available here.
HUBSPOT, CRM and appointment scheduling tool, which performs data transfers outside the European Union governed by standard contractual clauses and binding corporate rules. A copy of these clauses is available here.
LINKEDIN, which performs data transfers outside the European Union governed by standard contractual clauses and binding corporate rules. A copy of these clauses is available here.
LUSHA, which performs data transfers outside the European Union governed by standard contractual clauses. A copy of these clauses is available here.
PRAIZ, is a tool for recording video conferences and note-taking, utilizing OPEN AI’s artificial intelligence technologies. These data transfers are governed by standard contractual clauses, available here.
SURFE, is a tool for enriching a CRM with professional contact databases. Its privacy policy is available here. Data transfers outside the European Union are governed by standard contractual clauses and/or binding corporate rules (BCR).
Our Mass Mailing Provider
To send email notifications to users of our compliance platform and to contact you as part of our B2B communication campaigns, Witik uses the service provider BREVO (formerly SENDINBLUE). This company also handles some or all of the data you transmit when using forms and other public channels generated by our compliance platform.
Administrative and Judicial Authorities and Any Authorized Regulated Profession
Witik may transmit data to competent authorities to respond to claims against Witik and comply with administrative and judicial procedures. Any regulated profession authorized to receive data to meet legal and regulatory obligations may also have access to the data, such as auditors, experts, or any auditor from a competent authority.
What Data Does Witik Process?
Witik may contact you to offer commercial proposals. According to the regulations, your prior consent to receive such solicitations is not required if they are part of a B2B commercial approach and within the scope of your professional activity.
The data processed by Witik comes from various sources.
Via Public and Private Sources
Witik uses public and private databases provided by specialized service providers: DROPCONTACT, LINKEDIN, LUSHA, SURFE. Access to these databases is contractually regulated with the relevant providers. The data collected relates to your identity (name, first name) and professional life (professional contact details, company name...).
Via Website Forms
When you contact us through the contact and download forms on our site (witik.io). The data collected relates to your identity (name, first name) and professional life (professional contact details, company name...).
Via Messages, Email, Phone, and Video Conference Exchanges
When we exchange information at the initiative of our team or yours (via a @witik.io address, a professional phone number, a LinkedIn account, or a video conference). The data collected includes your identity (name, first name), professional details (professional contact information, company name), and connection data (email opening, message timestamp, call or video conference duration).
Via Our Game Platform
When you participate in our public contests from our game platform (play.witik.io). The data collected relates to your identity (name, first name), professional life (professional contact details, company name...), and connection data (participation timestamp).
Via Webinar Participation
When you participate in our webinars or those of our partners who inform you beforehand of this data transmission. The data collected relates to your identity (name, first name), professional life (professional contact details, company name...), and connection data (participation timestamp).
Via Survey Participation
When you participate in our surveys, the data collected relates to your identity (name, first name) and professional life (professional contact details, company name...).
Via the Use of Forms and Public Channels of Our Compliance Platform
When you submit or consult a GDPR & SAPIN 2 regulatory request (exercise of right request, gift or invitation declaration, internal alert declaration, security incident declaration...) from our compliance platform (app.witik.io). No commercial prospecting operation is carried out, and the data collected by Witik, a subcontractor of its subscribed clients, are those defined by the latter.
Why Does Witik Process Your Personal Data?
To Handle Your Information Requests
Witik processes your data to respond to your information and documentation requests. The legal basis for this processing is Witik's legitimate interest in contacting site visitors. Providing this data is mandatory to respond to your request. Consequently, failure to provide this data will prevent processing your request.
To Offer You Commercial Proposals
Witik processes your data to offer commercial proposals via email, message, phone, or video conference. According to regulations, your prior consent is not required for B2B approaches within your professional activity. However, you can object to this prospecting by exercising your right to object as detailed in the last section of this document. The legal basis for this prospecting is Witik's legitimate interest in developing its commercial relationships.
To ensure this commercial prospecting, particularly for recording video conferences and note-taking, Witik uses the PRAIZ solution, whose Data Protection Annex is available here. PRAIZ performs audio transcriptions and summaries using OPEN AI’s artificial intelligence technologies, with standard contractual clauses available here. You are free to object to this prospecting by exercising your right to object as detailed in the last section of this document (e.g., by objecting after being informed at the beginning of our exchange).
To Manage Our Customers and Partnerships
Witik processes your data to manage its customers, partnerships, contracts, and associated billing. The legal basis for this processing is the execution of the contract or pre-contractual measures between you and Witik. Providing this data is mandatory to offer and execute a commercial service. Consequently, failure to provide this data will prevent the proper execution of the commercial service.
To Allow You to Attend Webinars
Witik processes your data to allow you to attend our webinars. The legal basis for this processing is Witik's legitimate interest in communicating about its offers and improving its visibility. Providing this data is mandatory to allow you to attend the webinars. Consequently, failure to provide this data will prevent your participation.
To Allow You to Download Our White Papers
Witik processes your data to allow you to download our white papers. The legal basis for this processing is Witik's legitimate interest in disseminating content and improving its brand image. Providing this data is mandatory to allow you to download the white papers. Consequently, failure to provide this data will prevent the download.
To Allow You to Participate in Our Contests
Witik processes your data to invite you to participate in our contests, consider your participation in the contest, attend our online event, determine the winning participants, and deliver the prizes. The legal basis for this processing is the execution of a contract, namely the Contest Rules, available on the day of the event on the Game Platform. Providing this data is mandatory to allow you to participate in the contest. Consequently, failure to provide this data will prevent your participation.
To Allow You to Respond to Our Surveys and Questionnaires
Witik processes your data to allow you to respond to our questionnaires. The legal basis for this processing is your consent, which you can withdraw at any time. Providing this data is mandatory to allow you to participate in our survey. Consequently, failure to provide this data will prevent your participation.
To Allow You to Submit and Consult Your Requests from Our Compliance Platform
Witik processes your connection data to allow you to submit or consult a GDPR & SAPIN 2 regulatory request (exercise of right request, gift or invitation declaration, internal alert declaration, security incident declaration...) from our compliance platform (app.witik.io). The legal basis for this processing is Witik's legitimate interest in allowing the concerned persons of its clients to exercise their rights, in accordance with current regulations, and to provide the subscribed service to its clients. Providing this data is mandatory to allow you to consult and submit requests. Consequently, failure to provide this data will prevent the consultation or submission of requests.
How Long Does Witik Retain Personal Data?
The data you transmit to Witik is retained for a defined and respected period.
Data collected to process your information requests: 3 years from the receipt of the request.
Data collected to offer you commercial proposals: 3 years from the last contact### Witik Data Protection Policy
For all requests regarding the exercise of your rights, you can contact us through this form.
For any questions regarding data protection, contact us at dpo@witik.io.
Who accesses your personal data?
All information is collected and recorded by Witik, acting as the data controller, located at 21 rue de la Banque, 75002 Paris. Data is accessible by Witik’s strictly authorized personnel trained in data protection.
Our Hosting Providers
To enable access to our website witik.io, Witik uses NETLIFY for hosting, maintenance, and proper site functioning. For access to forms and public channels generated by our compliance platform (GDPR, SAPIN 2), Witik uses OVH SAS for hosting and maintenance.
Our Office Automation Provider
For daily management, Witik uses MICROSOFT 365 on employees' workstations, handling some or all data transmitted during interactions. Data transfers outside the EU are governed by standard contractual clauses, available here.
Our Webinar Solution Provider
To allow registration and participation in webinars, Witik uses LIVESTORM, which handles some or all data transmitted during registration and webinar viewing.
Our Survey Solution Provider
To respond to questionnaires and surveys, Witik uses HUBSPOT, which handles data transmission and performs data transfers outside the EU governed by standard contractual clauses, available here.
Our B2B Prospecting Solution Providers
For commercial prospecting, Witik uses several providers:
CALENDLY, DROPCONTACT, HUBSPOT, LINKEDIN, LUSHA, SURFE. Each handles data transmission and performs data transfers outside the EU governed by standard contractual clauses.
Our Mass Mailing Provider
To send email notifications and contact users as part of B2B communication campaigns, Witik uses BREVO (formerly SENDINBLUE), handling data transmitted through forms and other public channels generated by our compliance platform.
Administrative and Judicial Authorities and Any Authorized Regulated Profession
Witik may transmit data to competent authorities to respond to claims against Witik and comply with administrative and judicial procedures. Regulated professions authorized to receive data to meet legal and regulatory obligations may also access the data.
What Data Does Witik Process?
Witik may contact you to offer commercial proposals without prior consent for B2B approaches. Data processed comes from various sources: public and private databases, website forms, messages, emails, phone exchanges, game platform participation, webinar participation, survey participation, and compliance platform usage.
Why Does Witik Process Your Personal Data?
To Handle Your Information Requests
Witik processes your data to respond to information requests. The legal basis is Witik's legitimate interest in contacting site visitors. Providing this data is mandatory to respond to the request.
To Offer You Commercial Proposals
Witik processes your data to offer commercial proposals by email, message, and phone. Your prior consent is not required for B2B approaches, but you can object to this prospecting.
To Manage Our Customers and Partnerships
Witik processes your data to manage customers, partnerships, contracts, and associated billing. The legal basis is the execution of the contract or pre-contractual measures.
To Allow You to Attend Webinars
Witik processes your data to allow webinar attendance. The legal basis is Witik's legitimate interest in communicating about its offers and improving visibility.
To Allow You to Download Our White Papers
Witik processes your data to allow white paper downloads. The legal basis is Witik's legitimate interest in disseminating content and improving its brand image.
To Allow You to Participate in Our Contests
Witik processes your data for contest participation, including event attendance and prize delivery. The legal basis is the execution of the contest rules.
To Allow You to Respond to Our Surveys and Questionnaires
Witik processes your data to allow survey participation. The legal basis is your consent, which you can withdraw at any time.
To Allow You to Submit and Consult Requests from Our Compliance Platform
Witik processes your connection data to allow submission and consultation of GDPR & SAPIN 2 requests from our compliance platform. The legal basis is Witik's legitimate interest in allowing concerned persons to exercise their rights and providing the subscribed service.
How Long Does Witik Retain Personal Data?
The data you transmit to Witik is retained for a defined period:
Information requests: 3 years from receipt.
Commercial proposals: 3 years from the last contact.
Customer and partnership management: 5 years from the end of the commercial relationship, 10 years for billing data.
Webinar participation: 3 years from the last participation.
White paper downloads: 3 years from the last download.
Contest participation: 3 years from the last participation.
Survey responses: 3 years from completion.
Compliance platform requests: as defined by clients.
Your Rights
or all requests related to exercising your rights, you can contact us through this form. For more information about your rights, visit the French Data Protection Authority (CNIL) website.
Right of Access, Rectification, Erasure
You can view, modify, or delete your personal data at any time, exercising your right of access, rectification, or erasure using the method outlined at the beginning of this section. Note that some data may be subject to legal retention requirements.
Right to Object
You can object to receiving emails from Witik at any time by clicking the unsubscribe link at the bottom of the messages, indicating your preference during phone or video calls, or using the method outlined at the beginning of this section.
Right to Data Portability
You can request a copy of your personal data in an open, interoperable format at any time using the method outlined at the beginning of this section.
Right to Restriction
You can exercise your right to restriction alongside another right by specifying it in your request using the method outlined at the beginning of this section. Witik will stop processing your data and retain it during the verification/examination period of the other right (access, erasure, portability).
Right to Withdraw Consent
You can withdraw your consent at any time if the processing is based on your consent, without affecting the legality of processing based on consent before its withdrawal.
Right to Decide on Data After Death
You can define directives regarding the fate of your data after your death using the method outlined at the beginning of this section.
Right to File a Complaint
If you believe Witik is unlawfully processing your personal data, constituting a violation of your rights, you can file a complaint with the French Data Protection Authority (CNIL) via their website
