Privacy policy

1. Preamble

The protection and confidentiality of your data is a major concern for us, and we do everything we can on a daily basis to scrupulously respect the rules governing the protection of personal data.

We therefore invite you to read this Privacy Policy carefully. Its purpose is to tell you how we process your data when you use the Mapstr application and how you can exercise your rights.

‍

2. Why do we process your data?

We process your personal data to enable you to use the Mapstr application and all its functions.

In general, we process your data for :

allow you to create a user account on Masptr ;
allow you to register the places you're interested in;
allow you to create tags on the digital Map provided by Masptr;
allow you to add your friends or share addresses with them ;
find out where you are in a city;
answer your questions ;
You will receive offers and news about the Masptr application;
improve our service ;
statistics.

‍

3. On what basis do we process your data?

The processing carried out is essentially based on the contractual relationship existing between you and us following your acceptance of the general terms and conditions of the Mapstr application when you first create an account. In some cases, it may also be based on our legitimate interests.

‍

4. Who is in charge of treatment?

Mapstr SAS, owner of the Mapstr application, is responsible for processing your data, i.e. the person who determines the purposes and means of the processing carried out to enable you to use all the functions of the Mapstr application.

‍

5. What categories of data do we process?

We collect the strict minimum of necessary data about you to enable you to use all the features of the Mapstr application. This essentially consists of your first and last name, possibly your Facebook profile name, your profile photo and the names of your friends, as well as the city and country in which you live.

6. Who is your data intended for?

We do not resell your personal data. The business model of the Mapstr application is in no way based on the sale of your personal data to third parties. As such, the only people authorized to use your data are Mapstr SAS employees in connection with your use of the Masptr application. Please note that all our employees are bound by a specific confidentiality agreement concerning your data.

We work with certain suppliers with whom we may transmit anonymized data concerning you, for analysis purposes and for specific functionalities of the application. These data recipients include :

Analysis solutions: Amplitude (https://amplitude.com/amplitude-security-and-privacy/privacy), Google Firebase (https://firebase.google.com/terms)
Sponsorship solutions: Branch (https://branch.io/gdpr/)
Notification solutions : Batch (https://batch.com/privacy-policy)
Data hosting: Google Frankfurt, Germany (https://cloud.google.com/security/privacy/) and Amazon AWS Ireland (https://aws.amazon.com/fr/compliance/data-privacy/)

As an example of such data that we may collect for analysis purposes, we may collect and send to the data recipients mentioned above:

Device location and IP
Connection method
Internal user ID

Mapstr anonymizes and aggregates information on locations and tags, in order to produce usage statistics for third parties.

‍

7. How long do we keep your data?

Your data is processed for a limited period, which we determine in the light of the legal and contractual constraints imposed on us and, failing that, according to our needs. The following principles are applied:

user data: stored for the duration of the contractual relationship with us, plus 5 years as required by law;
data relating to contacts and prospects: kept for 3 years from the last contact from the contact or prospect.

‍

8. Your rights

You have the following rights with regard to your personal data:

the right to ask us to confirm that your personal data is being processed, to access this data and to request a copy;
the right to have any inaccurate or outdated information about you corrected;
a right to obtain the deletion of your data if you have objected to their processing for commercial prospecting purposes or if you request the deletion of your account via the application;
object to any profiling by us;
a right to obtain portability of your data.

Please note that only the user concerned by the processing may exercise the rights set out above.

Consequently, your request must be accompanied by a copy of an up-to-date identity document. Failure to do so will result in your application being rejected.

‍

9. How do we protect your data?

We implement the technical and organizational measures we deem appropriate to prevent the unauthorized destruction, loss, alteration or disclosure of data concerning you.

In the event of a data breach, we undertake to notify the Cnil under the conditions prescribed by the RGPD.

If the said violation poses a high risk to our users, we undertake to notify those concerned and provide them with the necessary information and recommendations.

‍

10. How to contact us

If you wish to obtain specific information about your data, you can contact our Data Protection Officer at the following address:

Data Protection Officer

Name: Eric Barbry

Place e-mail: dpo-mapstr @racine .eu

Tel: 01.44.82.43.00

Our delegate will provide you with an answer within a reasonable timeframe in relation to the question asked or the information required.

‍

11. Is your data transferred outside the European Union?

We inform you that none of your data is transferred outside the European Union and that all our servers are located within the EU.

‍

12. How do I make a complaint to cnil?

As authorized by law, you may lodge a complaint with Cnil atPlace : Service des plaintes de la Cnil, 3 place de Fontenoy - TSA 80751, 75334 Paris Cedex 07 or by phone 01.53.73.22.22

‍

13. Review

In the event of regulatory changes or recommendations by the Cnil, we reserve the right to modify the present policy. You will be notified of any new policy before it comes into force.

‍