Politique de confidentialité

What is the purpose of our Privacy Policy?

Contrat Facile SAS, which operates the testamento.io website, places great importance on the protection and confidentiality of your personal data, which we see as a sign of trust and professionalism.
As such, our Privacy Policy demonstrates our commitment to upholding the applicable rules on personal data protection within Contrat Facile SAS, particularly those set forth by the General Data Protection Regulation (GDPR).
Specifically, our Privacy Policy aims to inform you about how and why we process your personal data in connection with the services we provide to you.

 

Who is our Privacy Policy intended for?

Our Privacy Policy is intended for you, regardless of your place of residence, as long as you are at least 15 years old, whether you are one of our clients or simply a visitor to the testamento.io website.
If you are below the legal age mentioned above, you are not authorized to use our services without the prior and explicit consent of one of your parents or a legal guardian, which must be sent to us via email at dpo@testamento.fr.
If you believe we hold personal data concerning your children without your consent, we invite you to contact us at the email address mentioned above.

 

Is our Privacy Policy applicable to job applicants?

If you are applying for a position at Contrat Facile SAS, you should consult our “candidate” policy, which is available at any time on our dedicated page on testamento.io. This policy details the processing of personal data in the context of our recruitment process.

 

Why do we process your personal data, and on what grounds?

We primarily process your personal data for the following reasons:

  • To allow you to browse our website, use our services, and enable us to respond to your requests (e.g., information requests, complaints, etc.) based on our general terms of use and our legitimate interest in providing you with the best possible service.
  • For professionals, to keep you informed about our latest offers and events via email based on our legitimate interest in identifying new potential clients, in line with CNIL regulations, accessible here.
  • To allow you to follow us and comment on our publications on social media, based on our legitimate interest in having a dedicated page on these platforms.
  • To send you our newsletter, which informs you about updates related to our services, based on your consent.
  • To display videos on our website, based on our legitimate interest in providing you with video content.
  • To arrange appointments with our teams, based on our legitimate interest in offering an easy way for you to schedule meetings with us.

 

How did we obtain your personal data?

Your data is collected directly from you when you are a client of our services or a visitor to our testamento.io website. We commit to only processing your data for the reasons outlined above.
However, if you voluntarily post content on the pages we manage on social media, you acknowledge that you are fully responsible for any personal information you may share, regardless of the nature or origin of the information provided.

 

What personal data do we process, and for how long?

We have summarized the categories of personal data we process and their respective retention periods below:

  • For professionals, personal identification data (e.g., name, first name, position, company, department, etc.) and contact details (e.g., professional email and phone number, etc.) are retained for the duration of the service, with additional retention periods as mandated by legal requirements, generally 5 years.
  • For professionals, where there is confusion between your business name and your personal name (e.g., self-employed individuals, small businesses, etc.), economic and financial data (e.g., bank account number, verification code, etc.) is retained for the time necessary to complete the transaction and manage billing and payments, with additional retention periods generally ranging from 5 to 10 years.
  • Email addresses collected for our commercial prospecting campaigns are retained for a maximum of 3 years from the last contact we had with you.
  • Emails used for our newsletter are retained until your subscription ends.
  • Anonymized statistical data related to video views is retained indefinitely.
  • Connection data (e.g., logs, IP address, etc.) is retained for 1 year.
  • Cookies are generally retained for a maximum of 13 months. For more details on how we use cookies, you can consult our cookie policy, which is accessible at any time on our website.

Once the applicable retention periods expire, the deletion of your personal data is irreversible, and we will no longer be able to retrieve it. At most, we may retain anonymized data for statistical purposes.
Please also note that in the event of a legal dispute, we are required to retain all personal data related to you for the duration of the case, even after the retention periods mentioned above have expired.

 

What rights do you have to control the use of your personal data?

The applicable regulations on data protection grant you specific rights that you can exercise at any time, free of charge, to control how we use your data:

  • Right to access and copy your personal data, as long as the request does not conflict with trade secrets, confidentiality, or the secrecy of correspondence.
  • Right to rectify incorrect, outdated, or incomplete personal data.
  • Right to object to the processing of your personal data for marketing purposes.
  • Right to request the deletion (“right to be forgotten”) of your personal data that is not essential for the proper functioning of our services.
  • Right to restrict the processing of your personal data, which allows for a freeze on the use of your data in case of a dispute over the legitimacy of a particular processing activity.
  • Right to data portability, allowing you to retrieve part of your personal data for storage or easy transfer from one information system to another.
  • Right to provide instructions regarding the handling of your data in case of death, either through your own directives or via a trusted third party or heir.

To ensure your request is considered, it must be submitted directly by you to dpo@testamento.fr. Requests made in any other way cannot be processed.
Requests must come from you and no one else. We may ask for proof of identity if there is doubt regarding the identity of the requester.
We will respond to your request as quickly as possible, but no later than three months from the date of receipt if the request is technically complex or if we receive multiple requests at the same time.
Please note that we may refuse to respond to any excessive or unfounded request, particularly if it is repetitive.

 

Who can access your personal data?

Your personal data is processed by our teams and technical service providers solely for the purpose of operating our services.
We emphasize that we thoroughly vet all our technical service providers before hiring them to ensure they strictly comply with the rules on personal data protection.
Moreover, we guarantee that we never transfer or sell your data to third parties or commercial partners.

 

Can your personal data be transferred outside the European Union?

 

The personal data processed by our website is exclusively hosted on servers located within the European Union.
Furthermore, we strive to use only technical tools whose servers are also located within the European Union. If this is not the case, we ensure that they provide the necessary guarantees to maintain the confidentiality and protection of your personal data.

 

How do we protect your personal data?


We implement all the required technical and organizational measures to ensure the security of your personal data on a daily basis, particularly to prevent destruction, loss, alteration, or disclosure.

 

Do we use cookies when you browse our website?


We inform you that we use cookies when you browse our website. For more information, please refer to our Cookie Policy.

 

Who can you contact for more information about the use of your personal data?


To best protect and maintain the integrity of your data, we have officially appointed an independent Data Protection Officer (DPO) with our supervisory authority.
You can contact our DPO at any time and free of charge at dpo@testamento.fr to obtain more information or details about how we process your data.

 

How can you contact the CNIL?


You can contact the “Commission Nationale de l’Informatique et des Libertés” or “CNIL” at any time through the following contact details: CNIL Complaints Service, 3 place de Fontenoy – TSA 80751, 75334 Paris Cedex 07, or by phone at 01.53.73.22.22.

 

Can the Privacy Policy be changed?


We may modify our Privacy Policy at any time to comply with new legal requirements or to reflect new processing activities we may implement in the future.

Certified by Dipeeo®