YOU ARE READING AN AUTOMATED ENGLISH TRANSLATION OF A LEGAL DOCUMENT.
Be aware that the orignial version of this document, written in french language, is the only legally binding version. Also note that the terms used in this content should be understood in accordance with the applicable law in France.
Read original version (french)
Privacy Policy
This note aims to inform any user of the CREWISE mobile application, which aims to connect one or more members of a transport crew of any kind and in particular air or maritime (hereinafter referred to as "User"), on the one hand, with one or more providers (hereinafter referred to as "Provider") of all types of services for any transport crew or passenger of the said means transport, on the other hand, about how personal data identifying them is processed when using the application (hereinafter referred to as "Application").
Data Controller
CREWISE GROUP
SAS with a share capital of 900 €
46 Boulevard RISSO at 06300 NICE (France),
registered with the RCS of Nice under number 922 269 709
Email: support@get-crewise.com
Phone: +33 7 56 94 51 38
VAT number FR54922269709
DPO or GDPR Representative
Mr. Guillaume GRACIET - guillaume@get-crewise.com
Data Subject
Any User or Provider (when the Provider is a natural person) of the Application.
Purposes pursued by data processing, legal basis for processing, data collected and retention period
The data of the User or Provider of the Application that may be subject to personal data processing by the data controller, CREWISE, are all data directly provided by the User or Provider (direct collection) as well as data collected indirectly (indirect collection) which are as follows:
| Purposes | Legal Basis | Indirectly collected data | Retention period |
|---|---|---|---|
| Create an account and authenticate on the Application by email to allow the User or Provider to use the Application securely | CREWISE's legitimate interest in securing the use of the Application |
|
Data is retained for the duration of account use and, in intermediate archiving, up to a maximum of 36 months from the last session |
| Verify the email provided during the first login | CREWISE's legitimate interest in securing the use of the Application |
|
Data is retained for the duration of the verification |
| Verify that the User is a member of a transport crew | CREWISE's legitimate interest in ensuring the security of the Application and preventing fake reviews/comments, particularly on Providers by Users who are not members of a crew |
|
Data is used only for the duration of the verification (maximum 1 week) and is destroyed |
| Share and make public the profile of the User or Provider with any other User or Provider | CREWISE's legitimate interest in sharing profiles to enable the connection of Application users |
|
Data is retained for the duration of account use and in intermediate archiving for a maximum of 5 years for probative purposes |
| Allow any User to have a history of their exchanges and orders with all Providers | *Consent |
|
For the duration of account use, unless the history is deleted by the User |
| Geolocate any User to allow them to quickly find a Provider | *Consent |
|
For the duration of account use |
| Allow CREWISE to respond to any contact request via the Application forms | CREWISE's legitimate interest in responding to any request |
|
Data is retained for the duration of the exchanges and in intermediate archiving for a maximum of 5 years for probative purposes |
| Offer any User new offers or features of the Application | CREWISE's legitimate interest in improving the Application and conducting commercial prospecting |
|
Unless opposed by the User, data is retained for the duration of account use and, in intermediate archiving, up to a maximum of 36 months from the last session |
| Allow "push" notifications at any time | CREWISE's legitimate interest in improving the Application and conducting commercial prospecting |
|
Unless opposed by the User, particularly through account settings, data is retained for the duration of account use and, in intermediate archiving, up to a maximum of 36 months from the last session |
| Ensure technical support for the Application | CREWISE's legitimate interest in responding to any technical support request |
|
The data is kept for the duration of technical support and, in intermediate archiving, for up to 5 years for evidentiary purposes |
Ensure compliance with the GDPR and in particular:
|
Legal obligation |
|
The data is kept for the time of the response provided and in intermediate archiving for up to 5 years for evidentiary purposes (except identity document - immediate deletion after presentation) |
| Hold and retain data that can identify anyone who contributed to the creation of content or any of the content of the services provided by CREWISE | Legal obligation |
|
According to legal prescription periods (notably article L. 34-1 of the Postal and Electronic Communications Code) |
| Ensure a secure order placement and financial transaction between the User and the Provider | CREWISE's legitimate interest in ensuring the security of Application transactions | ||
| Allow any User to rate a Provider | *Consent |
|
The data is deleted upon withdrawal of consent by Users or (if no withdrawal of consent) for the duration of account use and up to 36 months from the last session |
| Inform the user of legal updates | Legal obligation |
|
The data is kept for the duration of application use and in intermediate archiving, maximum 5 years from the end of the account for evidentiary purposes |
* Withdrawal of consent - The User is informed that they can withdraw their consent at any time for any processing based on their consent.
Mandatory or optional nature of responses
Any field marked with an asterisk requires a mandatory response to allow the data controller to process the request submitted to them. Other fields are optional.
Source of data
The personal data processed comes from the data entered directly by the User or the Provider of the Application in the Application (direct collection) or from technical data generated during the use of the Application (indirect collection).
Recipients
Internally: the personal data processed by the data controller is transferred only to the internal services authorized to process them according to the purposes.
Externally: the personal data processed by the data controller may be transferred, depending on the purposes and only after the data controller ensures compliance with legal conditions, to the following persons:
- technical subcontractors (data hosts,)
- payment services,
- authorized authorities (tax services, justice, ...),
- financial services (accountants),
- legal services (lawyers, advisors, ...).
Transfers outside the EU
No data is transferred outside the European Union.
User Rights
Any User of the Application has the following rights, subject to proving compliance with legal conditions:
- Right of access to their data (article 15 GDPR)
- Right to rectification of their data (article 16 GDPR)
- Right to erasure of their data (article 17 GDPR)
- Right to restriction of processing (article 18 GDPR)
- Right to data portability (article 20 GDPR)
- Right to object (article 21 GDPR)
- Right to define directives regarding the fate of their data after their death
For more information, the User and the Provider are invited to consult the explanations of the French authority, the CNIL, regarding these different rights, accessible at the following link: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.
CREWISE does not perform any data profiling.
Exercise your rights
Any concerned person can exercise their rights by simple mail sent to 46 Boulevard RISSO at 06300 NICE
(France)
or by email addressed to: support@get-crewise.com
In case of reasonable doubt(s) about the identity of the concerned person, they are informed that the company CREWISE may request the presentation of an identity document to ensure the exact identity of the person making any request and avoid communication of data to an illegitimate third party.
The company CREWISE reserves the right not to respond favorably to any request in the following cases:
- Inability of the User to prove their identity;
- If the request prevents the company CREWISE from fulfilling its regulatory or legal obligations;
- If the request involves disproportionate costs or too much effort.
Right to lodge a complaint with a supervisory authority
If the concerned person believes, after contacting the company CREWISE, that their rights are not being respected, they can contact a supervisory authority, particularly in the Member State where their habitual residence, place of work, or the place where the violation was committed is located, if they consider that the processing of personal data concerning them constitutes a violation of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, relating to the protection of natural persons with regard to the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).
In France, the competent authority is the National Commission for Informatics and Liberties (CNIL) which can be contacted by post at the address 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07 or on its dedicated online form.
Modification of this policy
This policy may be modified at any time, particularly due to legislative or jurisprudential developments related to the protection of personal data. Any modification will take effect immediately after its publication.
Update
Update date: 08/04/2024