1. Identity of Dataxis
If there are any questions regarding this Privacy Policy you can contact Dataxis using details below:

Dataxis
10, rue Pergolese,
75116 – Paris,
France

2. What information do we collect?
You may visit our site anonymously although cookies are used to identify your session.

2.1. Contact form data

If you choose to use the enquiry form on our website, basic contact details are collected such as the email and name of the contact person

2.2. Account data

When you register for an account, we collect and store your e-mail address.

2.3. Membership data

In order to issue an invoice for paid services, we also need to collect additional contact details about you or your business, such as full name, email, contact address, business name and business activity. We do not collect or store your credit card information. All payments are collected using Stripe, therefore we also store Stripe transaction ID.

2.4. Dataxis item data

When you create or edit Dataxis item, we collect your direct input, which is website domain name for use of Dataxis service (the “Service”) and possible content and settings for cookie policy pop-up notification box (the “Pop-up”) display on website visitor (“End Users”).

2.5. End User data

End User data can be collected only if you have proper subscription on Dataxis website. If enabled, Service can automatically log the following data about End Users:

An anonymous and random key (the “Key”);
End User’s choice (accept or reject);
Anonymized End User’s IP address (last digits after “.” are set to 0);
Date and time of End User’s agreement/rejection;
Page where consent was given/revoked;
End User’s browser agent.
The Key together with Consent state are saved in End User’s browser as first-party cookie called “CookieScriptConsent” in JSON encrypted form. This information is later used by the Service to remember End User’s choice. The Key can also be used as a proof of End User’s consent.

2.6. Automatically generated data

The service automatically generates statistical data (if enabled in settings for Dataxis Item) which is number of clicks on each button of the Pop-up. This data is aggregated (clicks per day) and cannot be used to identify particular End User.

3. What do we use your information for?
Any of the information we collect may be used for one or more of the following purposes:

To answer your enquiry;
To contact you regarding our services;
To identify you as a contracting party;
To enable Dataxis to issue valid invoices and to process transactions;
To enable secure login for you in the Service;
To enable automated subscription handling;
To provide you with automatically generated information on the End User clicks on the Pop-up buttons.
4. Legal basis
4.1. EU General Data Protection Regulation (GDPR)
The processing of your data is either based on your consent or in case the processing is necessary for the performance of a contract to which you are a party, or in order to take steps at your request prior to entering into a contract, cf. GDPR art. 6(1)(a)-(b).

If you are a resident of the EEA, you have the following data protection rights:

If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing privacy@dataxis.com.
In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information, or request portability of your personal information. Again, you can exercise these rights by emailing privacy@dataxis.com.
Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time.  Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.

4.2. Children’s Online Privacy Protection Act Compliance
Dataxis is in compliance with the requirements of GDPR 2018. We will not intentionally collect any information from anyone under 13 years of age. Our website and services are directed at people who are at least 13 years old or older.

5. How do we protect your information?
Dataxis does not store any personal identifiable information about you online or using cloud storage unless those organizations comply with GDPR.

5.1. Confidentiality
All data is protected by password access. We do not request or keep financial information such as your bank account details. All personnel and subcontractors are required to sign a confidentiality agreement if full confidentiality is not part of the main agreement between the parties.

5.2. Transparency
Dataxis will keep you informed about changes to the processes to protect data privacy and security, including practices and policies. You may at any time request information on where and how data is stored, secured and used.

5.3. Monitoring
Dataxis uses different internal and external monitoring tools to ensure high system performance and availability.

5.4. Personal Data breach notification
In the event that your data is compromised, Dataxis will notify you and the ICO within 72 hours by email with information about the extent of the breach, affected data, any impact on the Service and our action plan for measures to secure the data and limit any possible detrimental effect on the data subjects.

“Personal Data Breach” means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed in connection with the provision of the service.

6. How we use cookies
Dataxis may place a “cookie” in the browser files of your computer. This cookie does not collect information that personally identifies you as an individual (other than your Internet protocol address), but merely allows us to recognize your repeated visits to cookie-script.com. We use our cookie collected information to make your visit more enjoyable. Cookies are also used to remember your session and keep you logged into your account. If you want to disable cookies, there is a simple procedure in most Internet browsers that allows you to turn off or delete cookies, but please remember that cookies may be required to allow you to use certain features of Dataxis.

6.1. Measuring Website Usage
Google Analytics is in use to collect information about how visitors use this site. This provides us with important information that can enable the site to work better. We do not link this information to your name or address.

7. Do we disclose any information to outside parties?
Dataxis does not sell, trade or otherwise transfer to outside parties any personally identifiable information.

This does not include trusted third parties or subcontractors who assist us in operating our website, conducting our business, or servicing you. Such trusted parties may have access to personally identifiable information on a need-to-know basis and will be contractually obliged to keep your information confidential.

We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.

7.1. Subcontractors/trusted third parties
The subcontractors of Dataxis are:

Stripe, Inc.
The company has implemented all necessary standards to comply with GDPR.

7.2. Legally required disclosure
Dataxis will not disclose the customer’s data to law enforcement except when instructed by you or where it is required by law. When governments make a lawful demand for customer data from Dataxis, we strive to limit the disclosure. Dataxis will only release specific data mandated by the relevant legal demand.

If compelled to disclose your data, Dataxis will promptly notify you and provide a copy of the demand unless legally prohibited from doing so.

8. Third party services
You may access other third-party services through the Services, for example by clicking on links to those third-party services from within the Services. We are not responsible for the privacy policies and/or practices of these third-party services, and we encourage you to carefully review their privacy policies.

9. Where do we store the information?
No stored data will be transferred, backed up and/or recovered by Dataxis outside of the European Union. Dataxis also requires its subcontractors and subprocessors to either store data in the European Union, or to adhere to the EU-US Privacy Shield.

9.1. Personal data location
All data and databases are stored on Dataxis’s vendor, OVH, in Paris. Databases and files are continuously backed up to enable restore to any point in time within a retention period of 30 days. Backups are stored on file storage at the same geographical location as the database.

10. Data access
If you are a registered user, you may access information associated with your Account by logging into our Services.

You may at any time obtain confirmation from Dataxis as to whether or not personal data concerning you is being processed.

In your Account Page you can at any time export a data copy, which you may transmit to another controller of the data.

11. Request for rectification, restriction or erasure of the personal data
11.1. Rectification
You may at any time obtain rectification of inaccurate personal data about you.

11.2. Restriction of processing personal data
You may at any time request Dataxis to restrict the processing of personal data when one of the following applies:

if you contest the accuracy of the personal data, for a period enabling Dataxis to verify the accuracy of the personal data;
if the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
if Dataxis no longer needs the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims.
11.3. Erasure
You may without undue delay request the erasure of personal data concerning you, and Dataxis shall erase the personal data without undue delay when one of the following applies:

if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
if you withdraw your consent on which the processing is based, and where there is no other legal ground for the processing;
if the personal data have been unlawfully processed; or
if the personal data have to be erased for compliance with a legal obligation in EU or national law.
You can also remove your account data yourself on Account Page. If you have any Membership data associated with your account, it will not be removed automatically when deleting Account data by you.

12. Data retention
12.1. Data retention policy
Membership data will due to tax regulations be retained for up to five seven fiscal years from your cancellation of your Service account.

End User Data and Account data will be erased immediately when you cancel the Service account.

12.2. Data retention for compliance with legal requirements
You cannot require Dataxis to change any of the default retention periods, except for the reasons linked to compliance with specific laws and regulations.

13. Your consent
By using our site and/or our Service, you consent to this Privacy Policy.

14. Changes to our Privacy Policy
This Privacy Policy may be modified from time to time, so please review it frequently. If we materially change the ways in which we use or share personal information previously collected from you through our Service, we will notify you through our Service.

Changes to Privacy Policy will appear on this page, and the Privacy Policy modification will be updated.