We take care of your data seriously.
Our team can provide a complete security overview PDF that outlines the different technologies used, incident response policies and data centers certifications. Please email: [email protected]
PreambleLast update: March 18th, 2020
ALKALAB, a simplified joint-stock company registered with the Lille Trade and Companies Register under number 838 930 071 with its registered office at 165 Avenue de Bretagne, 59000 LILLE (hereafter "Feedier") operates a solution relating to collect customer or employee feedback via its website dashboard.feedier.com (the "Feedier Platform"). Moreover, Feedier is an ALKALAB registered trademark.
In the course of its activity and for the purposes of providing the Services (as defined in our Terms and Conditions), Feedier is required to collect and process the personal data of its users (hereafter referred to as the "Users").
Feedier attaches particular importance to the respect for the privacy of the Users and of the confidentiality of their personal data and is thus committed to processing the data in compliance with the applicable laws and regulations, and in particular, Law No. 78-17 of 6 January 1978 relating to Information Technology, Data Files and Civil Liberties (hereafter referred to as the "Data Protection Act"), and Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereafter referred to as the "GDPR").
"Personal data" means any information relating to an identified or identifiable natural person, that is, a person who can be identified, directly or indirectly, by reference to an identification number or to one or more elements specific to that person.
"Processing of personal data" means any operation or any set of operations relating to personal data, whatever the process used, and in particular the collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, as well as locking, erasure, or destruction.
The "Cookie" means a piece of information placed on the hard drive of Internet users by the server of the site they visit. It contains several pieces of data: the name of the server which installed it, an identifier in the form of a unique number, and possibly an expiry date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and save pieces of information.
The "User" means any natural or legal person using the Feedier Services.
The "Participant" means any natural or legal person using the Feedier Services forms, created by the User.
Please note that the more detailed information about the terms mentioned in this can be found in the Terms and Conditions page.
Data Controller - DPO
The data controller for the processing of the personal data referred to herein is ALKALAB SAS, a simplified joint-stock company with a share capital of 10,000 Euros, registered with the Lille Trade and Companies Register under number 838 930 071 and whose registered office is located at with its registered office at 165 Avenue de Bretagne, 59000 LILLE (hereafter "Feedier").
Feedier has appointed a Data Protection Officer who can be contacted at the following address:[email protected].
More details on the Personnal data collection and processing can be found in the "ANNEX 1 – Agreement on the processing of personal data" available in the "Feedier Terms and Conditions" (https://feedier.com/terms).
Feedier collects data from Users in order to make the Services for which they have subscribed to the platform available to them.
The mandatory or optional nature of the data provided (in order to complete the Users’ registration and to render the Services) is indicated at the time of collection by an asterisk.
In addition, certain data is collected automatically as a result of the User’s actions on the site (see the paragraph on cookies).
The personal data collected by Feedier during the provision of the Services is necessary for the performance of the contracts concluded with the Users, or to allow Feedier to pursue its legitimate interests while respecting the rights of the Users. Certain data may also be processed based on the Users’ consent.
The purposes for which Feedier processes data are the following:
- commercial and accounting management of the contract;
- management of forms;
- platform security;
- management of collected answers
- detection of malicious behavior (fraud, phishing, spam, etc.);
- the improvement of the Users path on the site;
- more generally, any purpose referred to in Article 2 of Deliberation No. 2012-209 of 21 June 2012 creating a simplified standard for the automated processing of personal data relating to the management of users and prospects.
Recipients of the data
The personal data collected is intended for Feedier’s commercial and accounting departments. It may be transmitted to Feedier’s subsidiaries, or to third-party data processors which Feedier is authorized to use within the context of the performance of its Services.
In this context, personal data may be transferred to an EU or non-EU country. Feedier implements guarantees ensuring the protection and security of this data, in compliance with applicable rules and regulations.
The complete list of receipients and measures applied can be found in the Feedier "Terms and Conditions" (https://feedier.com/terms).
Feedier does not transfer or rent personal data to third parties for marketing purposes without the express consent of the Users of Feedier.
In addition, personal data may only be disclosed to third parties for purposes other than marketing in the following cases:
- with their authorization;
- at the request of the competent legal authorities, upon judicial request, or in the context of a legal dispute.
Data retention period
To satisfy its legal obligations or in order to have the necessary elements to assert its rights, Feedier will be able to retain the data under the conditions established by applicable rules and regulations.
Thus, personal data collected by Feedier relating to the identity and contact details of its Users is retained for a maximum period of two years after the termination of the contractual relationship for Users that are customers, or from their collection by the data controller or the last contact from the Users that are prospects, for the data relating to the latter.
The termination of the contractual relationship is understood as the express termination of the contract by the User, or the non-use of Feedier Services for a period of five years.
Rights of Users and Participants
In accordance with applicable rules, the Users and Participants have the right to access and rectify their personal data, which enables them to rectify, complete, update, or delete data that is inaccurate, incomplete, ambiguous, or outdated, or whose collection, use, communication, or storage is prohibited.
The Users and Participants also have the right to request the limitation of the processing, and to oppose on legitimate grounds the processing of their personal data. The User and Participant may also communicate instructions on the fate of their personal data in the event of their death.
Where applicable, the User and Participant may request the portability of their personal data or, where the legal basis for the processing is consent, withdraw their consent at any time.
The Users may exercise their rights by requesting their information through their Profile page. The Participants or the Users may exercise their rights by requesting their information by sending an email to [email protected] or with a letter to:
ALKALAB SAS – Politique de confidentialité
165, avenue de Bretagne 59000 LILLE, France
These requests shall be processed within a maximum period of 30 days.
The Users may also at any time modify the data pertaining to them by logging on to dashboard.feedier.com and clicking on "edit my profile" or by contacting the customer relations department at [email protected]
The Users and the Participants may unsubscribe from the Feedier newsletter or marketing emails by following the unsubscribe links in each of these emails.
In the event of a dispute, the Users or the Participants may file a complaint with the CNIL, for which contact details may be found at https://www.cnil.fr.
The Users may access detailed information on the use of their personal data, in particular concerning the purposes of the processing, the legal bases enabling Feedier to process the data, its storage period, its recipients, and, where applicable, its transfer to a country outside the European Union as well as the related compliance guarantees put in place for such transfers. To do so, the User can send their request by email to [email protected]
Additional terms regarding the data collected for the Participants.
The User is entirely responsible for the content of the forms in the Feedier Services. Moreover, questions displayed to every Participant may be unique and are based on the previous answers.
The mention "Annonymous answers" at the bottom of the form guarantees a complete anonymity of the Participant towards the User. This option is free of charge and available for every User of the Feedier Services.
The following only applies if the option was not enabled by the User.
Feedier Services stores automatically:
- Answers (ratings, questions, engagements)
- Meta data (city, security token, device type)
- Performance metrics (time to answer)
- Crossed data attached to the feedback if provided
- Email address or phone if either prompted by the Participant or used to contact the Participant
Feedier does not collect the IP address nor any sensitive data information that would make the data identifiable by default.
However, the User might set up a reward program or use external data (custom fields) to identify the response back to the Participant. It is important to note that:
- Participant may request his data at any time or request complete anonymity by contacting [email protected] or the User.
- Any external data attached to the feedback is visible to the Participant in the form URL.
- Any email or phone number provided by the Participant is visible to the User.
- Participant may always unsubscribe and opt-out from future communications.
- The User might track behavior of the Participant in the form using Google Tag Manager.
These cookies allow us to count visits and traffic sources so Feedier can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies Feedier will not know when you have visited our site, and will not be able to monitor its performance.
- Google Tag Manager: Traffic and visitor behavior measurement
- Google Analytics: Collects information about how visitors use the Websites, which website the user came from, the number of each user’s visits and how long a user stays on the Websites.
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services are added to Feedier Services pages. If you do not allow these cookies then some or all of these services may not function properly.
- Freshchat: Live chat module in the Feedier Dashboard to help the User in real time.
- Freshdesk: Ticket helpdesk used for Support
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
- XSRF-TOKEN: This cookie contains a unique hash, which is used to prevent hack attacks on the website, protecting from Cross-site request forgery.
- feedier_session: Feedier Session, same as the XSRF-TOKEN
- remember_web: The "remember_web" cookie (aka the "remember me" cookie), is generated by the Service when you select the "Remember me" checkbox on the login page. This cookie remembers your login credentials, to let you quickly log in if the session loged you out. If you log out, it’s deleted.
- Stripe: Payment platform, using cookies to avoid malicious usage and fraud regarding payments made in Feedier.
Prohibition on the sale of personal data
Feedier team does not sell, trade, or otherwise transfer to outside parties your Personally Identifiable Information. This does not include website hosting partners and other parties who assist us in operating our website, conducting our business, or serving our users, so long as those parties agree to keep this information confidential. Feedier may also release information when it's release is appropriate to comply with the law, enforce our site policies, or protect ours or others' rights, property or safety. Any personal information hold in Feedier services about the User is stored and processed in accordance with the Data Protection Act 1998 and GDPR.
Feedier has taken all necessary precautions to preserve the security of personal data and, in particular, to prevent it from being accessed by unauthorized third parties, distorted, or damaged. These measures include the following:
- Multi-level firewall.
- Proven solutions for anti-virus protection and detection of intrusion attempts.
- Encrypted data transmission using SSL/https/VPN technology.
- Tier 3 and PCI DSS certified data centers.
- No sensitive data such as payment details are stored on Feedier servers.
- All data transactions are identified with unique tokens (JWT).
In addition, access to processing data on behalf of Feedier by the receiving third-party services requires authentication of the persons accessing the data, by means of an individual access code and password, that is sufficiently robust and regularly renewed. Data transmitted over unsecured communication channels are subject to technical measures designed to make such data incomprehensible to any unauthorized person. Any questions about the security of the Feedier Services can be directed to [email protected]
The Users shall be notified of any changes made to this policy via our website or by email at least thirty days prior, when possible, to their entry into force.
ALKALAB - LEGAL Department
165 Avenue de Bretagne
59000 LILLE FRANCE