Privacy Policy
At LYRIKS.IO, protecting your personal data is our priority.
The purpose of this policy is to inform you how we process your personal data when you use the https://lyriks.io/ website (the "Site") and/or the Lyriks.io platform (the "Platform"), in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act (Loi Informatique et Libertés) No. 78-17.
This Privacy Policy does not describe methods for collecting and processing data via cookies and other trackers. For more information, please consult our Cookie Policy.
Who is the data controller?
The data controller is LYRIKS.IO, a French simplified joint-stock company (SAS) registered with the Paris Trade and Companies Register (RCS) under No. 990 514 580, with its registered office located at 200 rue de la Croix Nivert, 75015 Paris ("We"), when you browse the Site or use your account on the Platform (the "Account").
However, when we provide our services to our customers, we process personal data on their behalf and for their own purposes. Our customers then act as data controllers within the meaning of Article 4 of the GDPR, while we act as a processor.
What personal data do we collect?
Personal data are data that identify a person, directly or indirectly, in particular by reference to an identifier such as a name.
We may collect the following categories of data:
- Identification data (first and last name, email and postal addresses, phone number).
- Data relating to your professional life (professional email address).
- Connection data (logs, IP address, licence type and role on the Platform, and where applicable identifiers and passwords for third-party apps provided by the user).
- Data related to recordings of calls with our customers and prospects (content and dates of calls).
- Browsing data (IP, pages viewed, date and time of connection, browser, OS, user ID, MAID, behaviour tracking (mouse tracking), followed links and entry pages, session duration).
- Images or links to documents uploaded to the Platform that may contain personal information.
- Any information provided as part of a demo request or contact request.
Mandatory fields are indicated at the time of collection by any appropriate means.
How do we collect your personal data?
We collect your data:
- Directly: when you provide them to us (contact/demo form, newsletter form, account creation).
- Indirectly: via business partners, service providers or database enrichment tools.
Details of the processing of your personal data
Provide our services (demo/contact forms) and access to the Platform via your Account
Legal basis: performance of a contract.
Retention: for the duration of the Account; connection logs 1 year; evidentiary archiving 5 years.
Operations related to contracts, invoicing and customer relationship management
Legal basis: performance of a contract.
Retention: for the duration of the business relationship.
Usage analysis, understanding expectations and improving features
Legal basis: legitimate interest.
Retention: call recordings 6 months; analysis documents 1 year; data via cookies 1 year. Anonymized data retained as long as necessary.
Creation of a customer and prospect database
Legal basis: legitimate interest.
Retention: for the duration of the business relationship; transaction data archived 5 years for evidentiary purposes.
Newsletters, outreach, prospecting, organization of events and webinars
Legal basis: legitimate interest.
Retention: 3 years from the last contact.
Telephone prospecting
Legal basis: legitimate interest.
Retention: 3 years from the last contact.
Responding to information requests and other inquiries
Legal basis: pre-contractual measures.
Retention: if a customer, for the duration of the contract; otherwise 3 years from the last contact.
Compliance with our legal and regulatory obligations
Legal basis: legal and regulatory obligations.
Retention: invoices 10 years; contractual and signature data 10 years after performance.
Organization of prize draws and promotional operations
Legal basis: legitimate interest.
Retention: for the duration of the operation; archiving 5 years for evidentiary purposes.
Processing requests to exercise rights
Legal basis: legal and regulatory obligations.
Retention: ID document only for the time needed to verify; request management 3 years.
Who are the recipients of your personal data?
The following categories of recipients will have access to your personal data:
- Our company's staff;
- Our processors: hosting provider (systems and database), ERP and CRM, emailing provider, audience measurement tool, cookie management tool, videoconferencing tool;
- Our partners acting as independent data controllers (please consult their terms of use and privacy policies);
- Any legally authorized authority (judicial, police, administrative) upon request.
Is your data transferred outside the European Union?
Your data are hosted by OVH (systems) and Firebase (database), located within the European Union.
As part of the tools we use, transfers outside the EU may take place. They are secured by:
- An adequacy decision (Art. 45 GDPR);
- Appropriate safeguards (Art. 46 GDPR) such as Standard Contractual Clauses, Binding Corporate Rules or a certification mechanism;
- Any other appropriate safeguard provided for in Chapter V of the GDPR.
What are your rights?
You have the following rights regarding your personal data:
- Right to information (Articles 13 and 14 GDPR);
- Right of access (Article 15 GDPR);
- Right to rectification (Article 16 GDPR);
- Right to restriction (Article 18 GDPR);
- Right to erasure, right to be forgotten (Article 17 GDPR);
- Right to lodge a complaint with a supervisory authority (Article 77 GDPR);
- Right to define post-mortem directives;
- Right to withdraw your consent at any time for processing based on consent (Article 7 GDPR);
- Right to data portability (Article 20 GDPR);
- Right to object (Article 21 GDPR).
To exercise these rights, please contact us at contact@lyriks.io. We may ask you for additional information in case of reasonable doubt, or proof of identity if the doubt persists.
If you have any unresolved questions, you may file a complaint with the CNIL, 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07.
Which cookies do we use?
For more information on cookie management, please consult our Cookie Policy.
Changes
We may amend this policy at any time to reflect regulatory, case-law, editorial or technical developments. These changes will apply on the effective date of the amended version. Please check the latest version regularly. You will be informed of any significant changes.