Data Privacy policy

Version updated on 03.02.2024

Introduction

This page contains all the information on how LEARN & GO SAS (hereinafter “the Company” or “we”) collects and processes your personal data via the https://www.kaligo-apps.com/  website (hereinafter “the Site”) and via the Kaligo Mobile Application and Web Application (hereinafter “the Application”) and ensures that your rights and freedoms are respected.

The Privacy Policy forms part of the General Terms and Conditions of Sale (where applicable to you) and the General Terms and Conditions of Use of the Site and each term defined in these documents has the same meaning in the Privacy Policy.

By accessing and using our Site and our Application, you agree to read this Privacy Policy, which may be changed or updated at any time without notice.

This version of our Privacy Policy comes into force on 03 February 2024. Any changes will be posted on the Site, so we advise you to consult it regularly.

What is personal data ?

According to Article 4 of the European Data Protection Regulation (GDPR), personal data is “any information relating to an identified or identifiable natural person, directly or indirectly”.

What about sensitive personal data ?

Sensitive personal data” refers to the various categories of personal data identified by European and other data protection laws as requiring special processing, including the need to obtain your consent.

Sensitive data is data which reveals, directly or indirectly, the racial or ethnic origins, political, philosophical or religious opinions or trade union membership of individuals, or relates to the health or sex life of individuals.

We do not collect so-called sensitive personal data via our Site or our Application. However, if you choose to provide us with unsolicited sensitive personal data, you authorize us to process the data submitted in accordance with the applicable laws in force.

How do we protect your personal data ?

We protect your personal data through a strict management policy that ensures that all appropriate measures are taken for data protection, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, known as “GDPR”).

All affiliated entities, suppliers and authorised sub-contractors undertake to comply with the same rules. This also means that your rights remain the same regardless of which department of the company or of its affiliates or authorised sub-contractors has access to your personal data.

It is important to stress that We only collect personal data that is strictly necessary, depending on the applicable case, for the performance of our contractual services, or for the continuation of the commercial contact process that you have initiated using the contact form.

This privacy policy concerns :

What personal data do we collect ?

1.        On the Site :

a-      I am a visitor

If you browse the Site without taking any action, you are a visitor. In this case, we do not collect any personal data about you without your consent. Only cookies that are strictly necessary for the technical operation of the site are deposited by default. Certain personal data relating to your equipment and your activity on our Site and our Application, in particular your IP address, may be collected subject to your explicit consent.

If you would like to find out more, please refer to our Cookies Policy.

b-      I am a prospect

If you contact us to obtain information about Kaligo, you are a prospect. In order to process this contact request and to compile a file of prospective customers used by the Company to follow up requests for information, the personal data collected is as follows:

Mandatory :

  • Your surname
  • The type of organization to which you are attached
  • Your e-mail address
  • Your job title
  • The subject and content of your request
  • History of messages sent

Optional :

  • Your first name
  • The name of your school/trust
  • Your phone number

In the case of a general request for information, advice or subscription to the newsletter :

Legal basis for data collection : Your consent.

Data retention period : You may withdraw your consent at any time, resulting in the deletion of your data. In the absence of a request on your part, the data will be kept for a period of 3 years from the date of our last exchange.

If you are requesting a quote, demo, training or if you have any question related to the Application :

Legal basis for data collection : management of the pre-contractual relationship

Data retention period : Your data is kept for a period of 3 years from the date of our last exchange.

In both cases, we reserve the right to keep the history of messages sent for a period of 5 years from the last exchange in a secure database with restricted access. They will be permanently deleted at the end of the 5 years.

Legal basis for collection : Legitimate interest of the Company in protecting itself against possible litigation.

2. On the mobile Application and web Application

c- I am a customer

If you wish to subscribe to the Kaligo Application, you must create a customer account. In order to enable us to manage the contractual relationship (support, accounting, management of your customer account, after-sales service, etc.) various data are collected.

When you create your account/subscribe to the free trial of the Kaligo Application :

  • Your first and last name
  • Your email address
  • Your profile (teacher, Head teacher etc.)
  • Your telephone number
  • The name and postal address of your organization
  • Your country
  • Your department (optional)
  • Your equipment type (optional)

Legal basis for data collection : Performance of the Contract.

Data retention period :

By default until you ask us to delete your account.

– By exception, after 2 years of inactivity on the account, we reserve the right to delete it. In this case, a notice will be sent to you 30 days before the deletion to give you the opportunity to object.

During after-sales service :

If you contact us following a purchase made on the Site via your customer account in order to obtain information from our support department about the product/software purchased, the data collected is as follows:

  • Via the contact form: your name, job title, type of organization, e-mail address, the subject of your message and the history of messages sent. Optionally, you may also indicate your first name, your telephone number, the UAI code of your establishment and the name of your school if you feel that this information is necessary to enable us to respond to your request.
  • Via chat :  You are free to provide us with any information you consider necessary to enable us to respond to your request. Additional information may be requested for the sole purpose of responding to your request.

Legal basis for data collection : Performance of the Contract.

Data retention period : Your data is kept for a period of 3 years from the date of our last exchange our following the termination of the contractual relationship.

Who is responsible for processing your data ?

With regard to personal data collected via the contact form on the Website or via the Application registration form, Learn & Go is responsible for this processing within the meaning of Article 4 of the RGPD, as the company defines the means and purposes of the processing of this data.

However, the school or the entity acting on its behalf for the deployment of the Application is responsible for the processing of personal data imported into the Application by teachers in order, in particular, to populate student accounts. Learn & Go acts as a subcontractor in that it hosts the data, but has no control over its content or destination. More information on our missions and commitments as a subcontractor can be found in our Data Processing Agreement (DPA).

This DPA is annexed to our terms and conditions.  If you need a signed version of this DPA, please contact legal@learn-and-go.com.

Who has access to your data ?

1- Access by our employees :  

Depending on the purposes defined above, our employees in the customer, support, administrative, accounting, legal, technical, marketing and sales departments may have access to your personal data

2- Transmission of your data to third parties :

In particular, we may subcontract the following services:

  • Hosting
  • Sending postal or digital mail
  • Customer relationship management
  • Maintenance services
  • Technical development

In accordance with article 28 of the RGPD, access to your personal data by our subcontractors is provided for and governed by a contract. The contract between us and our subcontractors lists the various regulatory obligations incumbent on them in terms of personal data protection.

List of our subcontractors :

CRISP

Customer support

Privacy Policy

HUBSPOT FRANCE

Customer Relationship Management – CRM

24 Rue Cambacérès 75008 PARIS 8

Privacy Policy

MAILGUN – MAILJET

account-related emailing

43 RUE DE DUNKERQUE, 75010 PARIS 10

Privacy Policy

OVH

Data hosting

2 rue Kellermann 59100 ROUBAIX

Privacy policy

We also reserve the right to disclose your personal data to persons or entities in the following cases:

  • Enforcement of a law, rule, legal process or government enforcement order;
  • Application of an agreement involving an investigation into a potential breach of the law;
  • Detecting, preventing or revealing fraud, security or technical problems;
  • Protecting the rights, property and safety of the Company, its subscribers and users.

Is your data transferred to a third country ?

All personal data collected by Learn & Go is hosted on its servers located in France and is processed in France by Learn & Go team.

How is your data protected ?

We put in place various physical, logical and organisational measures to ensure the security and confidentiality of your data in accordance with the regulations in force.

The Site may, from time to time, contain links to partner websites or be accessible from the websites of our partners, advertisers and affiliates.

If you follow a link to one of these sites, please note that these sites have their own privacy policies and that we cannot be held responsible for these policies. Please check their content before submitting any personal data.

With regard to the Application, when a hosting service (cloud type) is used, we ensure data security by operating with a service provider located in France and offering the best security guarantees.

As the sub-contractor responsible for the security of the hosting of the data that you process and as the data controller for commercial data, we have chosen a hosting company that provides the highest level of security and ensures the availability, integrity and confidentiality of the data in accordance with the best standards.

Hosting company :

OVH

SAS with capital of €10 069 020

RCS Lille Métropole 424 761 419 00045

Code APE 2620Z

VAT NUMBER : FR 22 424 761 419

Registered Office : 2 rue Kellermann – 59100 Roubaix – France

https://www.ovh.com/fr

What are your rights regarding the processing of your data ?

In accordance with the Act of 6 January 1978 amended by the Act of 06 August 2004 on Data Processing, Data Files and Individual Liberties, and with the European Regulation known as the “RGPD”, you have various rights concerning the processing of your personal data:

  • The right to know what data we have on you : right of access.
  • The right to ask us to correct and update your data: right of rectification.

You also have additional rights where the legal basis for the processing is your consent or our legitimate interest:

  • The right to ask us to stop processing your personal data: right to object
  • The right to have your personal data deleted: the right to erasure.

In addition, when you exercise your right to rectification or your right to object to certain data, you may request that the processing of this data be restricted temporarily, until the initial request has been resolved.

Finally, you may exercise all the rights set out in this section when the purposes for which the data was collected have expired.

To find out more, you can consult the CNIL’s practical information sheets on this subject: https://www.cnil.fr/fr/les-droits-pour-maitriser-vos-donnees-personnelles.

How can you exercise your rights ?

You can exercise your rights at any time by sending your request to legal@learn-and-go.com.

You may be asked to provide proof of identity if there is any real and serious doubt about your identity. In such cases, once your identity has been verified, the supporting documents sent will be destroyed and no data will be retained.

If you do not agree with this policy, you may lodge a complaint with the CNIL:

  • Either online using the form available on the following page: https://www.cnil.fr/fr/plaintes
  • Or by post to the following address: CNIL, 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07.

Do you have a question / Can’t find the information you’re looking for ?

If you cannot find the information you are looking for or if you have a question about this policy, you can contact us by telephone on +33 2 30 96 22 53 or by e-mail at the following address: legal@learn-and-go.com.

The governing language of this policy is French. Learn & Go has translated this policy into various languages using automatic translation tools, exclusively to enhance accessibility for visitors, prospects, and customers not proficient in French. This translated version is for informational purposes only, and Learn & Go cannot guarantee the quality or accuracy of the translation, nor can it assume any liability. In the event of a dispute concerning this policy, only the French version will be considered legally binding and authentic.