top of page

Privacy Policy

What is the purpose of our Privacy Policy?

Spimed-AI, the operator of the website www.spimed-ai.com, places the utmost importance on the protection and confidentiality of your personal data, which we view as a mark of professionalism and trust.

 

Accordingly, our Privacy Policy reflects our commitment to ensuring that Spimed-AI complies with all applicable data protection regulations, and in particular with the General Data Protection Regulation ("GDPR").

 

This Privacy Policy is intended to inform you clearly and transparently about how and why we process your personal data as part of the services we provide.

Who is our Privacy Policy intended for?

Our Privacy Policy applies to you, regardless of your place of residence, as long as you are at least 15 years old, whether you are one of our clients or simply a visitor to the website www.spimed-ai.com.

 

If you are below the legal age mentioned above, you are not permitted to use our services without the prior and explicit consent of a parent or legal guardian, which must be sent to us by email at: dpo@spimed-ai.com.

If you believe we may have collected personal data about your children without your consent, please contact us at the address above.

Does our Privacy Policy apply to job applicants?

If you are applying for a position at Spimed-AI, you must consult our dedicated “Applicant Privacy Policy,” which is available at all times on our careers page at www.spimed-ai.com, and which details how your data is processed during the recruitment process.

Why do we process your personal data and on what legal basis?

We process your personal data primarily for the following reasons:
 

  • To enable you to browse our website, use our services, and respond to your inquiries (e.g., requests for information, complaints), based on our terms of use and our legitimate interest in providing you with the best possible service;
     

  • To manage our customer service, based on contract performance and our legitimate interest in efficiently handling your requests and concerns;
     

  • To manage billing and any unpaid invoices, based on our legitimate interest in receiving compensation for our services and pursuant to our terms of use;
     

  • To allow you to follow and comment on our social media content, based on our legitimate interest in maintaining a social media presence;
     

  • To enable the download of documents, based on our terms of use;
     

  • To geolocate your position in order to provide you with a smoother and more accessible service, based on your prior consent.
     

How do we obtain your personal data?
 

Your data is collected directly from you when you use our services or visit our website.
We commit to processing your data only for the purposes outlined above.

It is also possible that your personal data may be obtained indirectly via trade shows or social media platforms (e.g., LinkedIn).

However, if you voluntarily publish content on our social media pages, you acknowledge that you are solely responsible for any personal information you disclose, regardless of its nature or origin.
 

What personal data do we process, and for how long?
 

Here is a summary of the categories of personal data we process and their respective retention periods:

  • Professional identification data (e.g., name, job title, company, etc.) and contact information (e.g., professional email and phone number), kept for the duration of the service plus applicable legal retention periods, generally 5 years
     

  • In cases where your business name overlaps with your personal name (e.g., freelancers, small businesses), financial data (e.g., bank account number, verification code) is kept for as long as needed to process transactions and billing, plus legal retention periods of 5 to 10 years.
     

  • Geolocation data retained for a maximum of 2 months.
     

  • Connection data (e.g., logs, IP address) retained for 1 year.
     

  • Cookies generally retained for a maximum of 13 months. For more information, please refer to our Cookie Policy available on our website.
     

Once these retention periods expire, your personal data is permanently deleted and cannot be recovered. We may retain only anonymous data for statistical purposes.
 

Note: In the event of litigation, we are required to retain all relevant personal data for the duration of the legal process, even after the above retention periods.

What rights do you have to control your personal data?

The applicable data protection regulations grant you specific rights, which you may exercise at any time and free of charge:
 

  • Right of access and copy of your personal data, unless restricted by trade secrets, confidentiality, or correspondence privacy;
     

  • Right to rectification of inaccurate, outdated, or incomplete data;
     

  • Right to object to the processing of your personal data for direct marketing purposes;
     

  • Right to erasure (“right to be forgotten”) of data that is not essential for the operation of our services;
     

  • Right to restriction of processing, allowing a “freeze” on the use of your data in case of disputes;
     

  • Right to data portability, allowing you to retrieve part of your personal data for reuse;
     

  • Right to define post-mortem instructions, either personally or via a trusted third party, regarding the fate of your personal data after death.
     

To exercise these rights, your request must be made directly to dpo@spimed-ai.com. Requests made through other means cannot be processed.
 

We may request proof of identity if there is doubt about the identity of the requestor.

We will respond as promptly as possible, with a maximum response time of three months in the case of technically complex or high-volume requests.
 

Please note: We may decline requests that are excessive or clearly unfounded, particularly those of a repetitive nature.

Who can access your personal data?

Your personal data is accessed by our internal teams and technical service providers solely for operational purposes.
 

We thoroughly vet our service providers to ensure strict compliance with data protection laws.
 

WE GUARANTEE THAT WE NEVER TRANSFER OR SELL YOUR PERSONAL DATA TO THIRD PARTIES OR COMMERCIAL PARTNERS.

Can your personal data be transferred outside the European Union?

The personal data processed on our website is hosted on servers located outside the European Union. To protect your data, we ensure our hosting provider applies appropriate safeguards to maintain confidentiality and protection.
 

We may also use technical tools hosted outside the EU. In such cases, we guarantee that these tools comply with GDPR requirements to ensure adequate protection of your data.

How do we protect your personal data?

We implement all necessary technical and organizational measures to ensure the security of your personal data, and particularly to protect against destruction, loss, alteration, or unauthorized disclosure.

Do we use cookies when you browse our website?

WE GUARANTEE THAT NO ADVERTISING COOKIES ARE USED ON THIS SITE.

However, we do use statistical cookies to improve performance. For more details, see our Cookie Policy.

Who can you contact for more information?

To ensure the highest level of protection for your data, we have officially appointed an independent Data Protection Officer (DPO) with our Supervisory Authority.

You may contact our DPO at any time and free of charge at: dpo@spimed-ai.com.

How can you contact the CNIL?

You may contact the Commission nationale de l’informatique et des libertés (CNIL) at:

Service des plaintes de la CNIL

 3 place de Fontenoy – TSA 80751

 75334 Paris Cedex 07

 Tel: 01.53.73.22.22

La Politique de confidentialité peut-elle être modifiée ?

Yes. We may update our Privacy Policy at any time to reflect changes in legal requirements or in the processing activities we carry out in the future.

Certified compliant by Dipeeo®

bottom of page