1. Ownership and editorial control
The Website is published by CAPTAIN DATA, a joint stock company with a registered capital of 3.600 €, registered at the Nantes Trade Register under number 838 098 598, whose offices are 1 rue de la Noë 44321 NANTES, France, represented by Mr. Marc Francis, as President, duly authorized for such purposes.
The website is hosted on Webflow.
In order to provide the Website and the Service, CAPTAIN DATA may collect and process Personal Data of the Client.
The Client is informed that Personal Data provided and collected will be automatically processed.
- “Account”: the account of the Client on the Service, accessible via its login and password, which includes its personal information and use of the Service.
- “Client”: CAPTAIN DATA’s client.
- “Data”: texts/image/videos/localization (non-exclusive list) extracted and compiled in a Database by Scraping.
- “Database”: databases created by the Client while using the Service.
- “Order”: any order of an access to the Service by the Client, from CAPTAIN DATA.
- “Personal Data”: personal data as defined by laws and regulations, collected by CAPTAIN DATA when the Client uses the Website and the Service, or during any Order.
- “Scraping”: process of information (Data) extraction on any website. Any script developed by CAPTAIN DATA or the Client may be reused by CAPTAIN DATA for its needs and business.
- “Service”: the SaaS service provided by CAPTAIN DATA on the Website.
- “Website”: the website captaindata.co and its components (code, visual elements, databases, documents, etc) edited by CAPTAIN DATA, as well as any other means to load the website (such as a mobile application).
This acceptance will be expressed by ticking the corresponding box, while registering on the Service or during an Order.
It applies to all Clients, regardless of their country of origin and of use.
4. Personal Data collection
CAPTAIN DATA may collect Personal Data in different manners while the Client uses the Service or during Orders:
- When the Client fills a form on the Website (Account creation and edition).
- When the Client Orders an access to the Service.
- When the Client uses the Website and the Service.
- When the Client uses the Scraping tool within the Service.
- When the Client contacts CAPTAIN DATA due to an issue with the Website or the Service.
- When the Client contacts CAPTAIN DATA.
5. Which Personal Data are collected and processed?
CAPTAIN DATA may collect and process the following Personal Data, if they have been provided:
- Client contact information (name and first name, mail, phone number, postal address);
- Connection information (IP, browser type, time and location of connection, terminal ID);
- Data, and Databases, created while using the Scraping tool (upon Client’s request and instructions);
- Details of the use of the Website and Service, which includes cookies such as: quantity of data received, pages viewed, actions in the Website or Service, etc.
Such Personal Data is necessary for CAPTAIN DATA to comply with its contractual obligations.
6. Payment information
In case of payment, the Client may be invited to provide their payment information.
Any transaction is processed by a payment processor which complies with its legal obligations.
CAPTAIN DATA will not have any payment information as they remain with the payment processor.
The payment processor is Stripe Payments Europe, Ltd.
Its terms of service are accessible at the following address: Stripe Terms of Service (https://stripe.com/fr/ssa).
CAPTAIN DATA may use the following cookies on the Website and in the Service:
- Session cookies. These cookies allow to connect to the Account on the Service. They are necessary for the Service and Website to function.
- Google Analytics (https://marketingplatform.google.com/about/). These cookies allow CAPTAIN DATA to collect traffic statistics. Their installation may be refused as they are not necessary for the Service and Website to function.
- Hubspot (Cookies set in the HubSpot product). These cookies allow CAPTAIN DATA to collect information on visitors to qualify a prospect.
Cookie installation may be refused as follows:
Only technical cookies may not be refused as they are necessary for the Website and Service to function.
Cookies are installed for a maximum duration of thirteen (13) months.
8. What use?
Personal Data is collected for CAPTAIN DATA to be able to comply with its contractual obligations towards the Client, such as:
- Provide a functioning Website and Service
- Provide the Scraping tool inside the Service
- Create, upon Client’s instructions, Databases via the Scraping tool
- Allow the Client to download the Databases created via the Scraping tool
- Process orders and payments
- Provide a personalized experience
- Manage the Website and the Service
- Update the Website and Service
- Provide support to the use of the Website and Service
- Solve disputes regarding the Website and Service
- Notify any change regarding the Website and Service
Personal Data is not used in any other manner.
9. Data hosting
Personal Data is hosted in the EU, by a provider who comply with computer security industry standards.
By exception, HUBSPOT (which manages the CAPTAIN DATA client/prospect file with the following information: name, first name, email, phone number, company, company address, company legal information, transaction information, website visits and pages consulted, email history) hosts Personal Data in the USA. HUBSPOT is contractually obliged (https://legal.hubspot.com/dpa) to comply with the Privacy Shield terms, which governs transfer of Personal Data from the EU to the USA.
Additionally, CAPTAIN DATA uses Auth0 to signin users and signup new users. More information can be found on the website Auth0 Data Processing and Auth0 GDPR.
No other data will be transferred out of the EU.
10. Personal Data transfer
Personal Data will never be transferred to a third party without your prior agreement.
CAPTAIN DATA may however transfer the Personal Data as follows:
- If CAPTAIN DATA is legally obliged to transfer Personal Data.
CAPTAIN DATA’s subcontractors, which may intervene on the Personal Data are the following:
- Clever-Cloud for (General) Account data and Databases data. Clever Cloud SAS is a simplified joint-stock company with a capital of 17,625 € Registered at French Trade Register (RCS) in Nantes under the number RCS Nantes B 524 172 699. Its headquarters is located at 3 rue de l’Allier, 44000 Nantes, France. VAT Number: FR 87 524 172 699.
- Auth0 Inc. for (Users) Account data. Its headquarters is located at 10777 Main Street, Suite 204, Bellevue, WA 98004, United States
- Hubspot for prospect and Client data. All legal data can be found on their website.
- Stripe Payments Europe, Ltd. for payments.
11. Personal Data security
CAPTAIN DATA ensures that Personal Data is hosted in conditions which comply with industry standards.
Website and Service are encrypted with an SSL certificate.
CAPTAIN DATA ensures that all its employees and subcontractors which may process Personal Data have an appropriate confidentiality obligation.
In case of Personal Data breach, CAPTAIN DATA will inform the Client as soon as it is practical.
If the breach concerns persons included in the Databases, the Client will be solely responsible to inform the data subject, as data controller.
CAPTAIN DATA will host Personal Data for the duration of validity of the Account. Databases may be deleted by CAPTAIN DATA at any moment, varying on the size of the Database.
If an Account is not active for two (2) years (date of last login) or in case of deletion of the Account by the Client, Personal Data will be automatically deleted.
In this case, CAPTAIN DATA will delete all Personal Data, unless they are necessary for CAPTAIN DATA’s accounting or legal obligations.
12. Data subject rights
In compliance with applicable regulations, any data subject has the following right on any Personal Data which may have been provided to CAPTAIN DATA:
- Access right.
- Correction and modification right.
- Right to limit the processing of data.
- Right to oppose the processing of data
- Portability right.
Such rights may be exerted by contacting CAPTAIN DATA at the following address: firstname.lastname@example.org.
In compliance with its legal obligations, CAPTAIN DATA will do so at latest one (1) month from receipt of the request.
13. Databases created by the Client
By using the Service, the Client may also create its own Databases by collecting data on various websites via the Scraping tool.
The Client is solely responsible of any collected Data. CAPTAIN DATA only provides a technical tool which is to be configured by the Client for its own use.
The Client acts as the data controller while using the Scraping functions of the Service, as only them can decide on the Scraping target and the collected Data.
CAPTAIN DATA will be the Client’s data processor.
The Client must ensure that they have the authorization from the data subject to collect and process such data with the Scraping tool provided in the Service, and to create its own Databases. The Client must provide the information to the data subject when Personal Data is collected.
The Client will compensate CAPTAIN DATA for any sum which CAPTAIN DATA may be ordered to pay, for any reason, due to the unauthorized collection and processing of the Personal Data of a data subject. The Client will notably pay for any defense and amicable/judicial procedure fees (counsel and obligatory fees) as well as any damages that CAPTAIN DATA may be ordered to pay to the data subject. CAPTAIN DATA will be free to conduct its own defense and to choose its counsels.
The Client will comply with regulations regarding Personal Data Protect.
As the Client’s data processor, CAPTAIN DATA agrees to:
- Use the Personal Data only to provide the Service.
- Process the Personal Data following the documented instructions of the Client, as listed in the ToS. If CAPTAIN DATA considers that an instruction is in breach of the GDPR, or any other EU or national personal data regulation, CAPTAIN DATA will be free to suspend the Service and to delete the Account of the Client, without notice, in compliance with the ToS, without the Client being able to ask for reimbursement and without CAPTAIN DATA being liable.
- Ensure that the processed Personal data remains Confidential.
- Ensure that the persons authorized to process the Personal Data within its teams:
- Commit to ensure confidentiality or are bound by a legal confidentiality provision.
- Are given the necessary training to handle personal data.
- Take into account, in its own tools, products, applications or Services, the Privacy by Design and Privacy by Default principles.
- On a best effort basis, CAPTAIN DATA must assist the Client to reply to any request by the data subject: access right, rectification, erasure, opposition, restriction of processing, portability, right to refuse automated individual decision making (including profiling).
- The Client must also assist CAPTAIN DATA to reply to any request by the data subject: access right, rectification, erasure, opposition, restriction of processing, portability, right to refuse automated individual decision making (including profiling).
- CAPTAIN DATA notifies the Client, by email and as soon as practicable from the date of discovery, of any breach of Personal Data. Notification must include all necessary documentation to allow the Client, if necessary, to notify this violation to the data authority.
Notification must include:
- Description of the nature of Personal Data breach, including, if possible, the categories and quantity of impacted persons, as well as the categories and quantity of impacted Personal Data.
- Name and contact information of the data protection officer, or any other contact information where information can be provided.
- Description of the probable consequences of the Personal Data breach.
- Description of any countermeasure taken, or proposal of countermeasure to be executed in order to remedy the Personal Data breach, including, if necessary, the measures taken to limit negative consequences of the breach.
- CAPTAIN DATA must notify such breach to the person concerned, and to CNIL, if this breach is on its own servers. If not, the Client will be responsible to do so.
- CAPTAIN DATA will implement all necessary security measures to ensure Personal Data safety, depending on the type of processed data.
- At the latest at the end of the Service, CAPTAIN DATA will delete all Personal Data which have been collected by the Client.
- CAPTAIN DATA will maintain a register of all the Personal Data collection and processing ordered by the data controller, in compliance with this obligations under Data Protection laws.
- CAPTAIN DATA will keep any necessary documentation, in order to demonstrate compliance with its obligations and to allow audits (including inspections) by the Client, available to the Client. CAPTAIN DATA will also contribute to such audits.
14. Applicable law and dispute
Such dispute may also be submitted to the Nantes Tribunal de Commerce, including in case of interlocutory proceedings, recourse in warranty or multiple defendants, and regardless of the Client’s country of origin.