Privacy policy

THIS INFORMATION MAY BE MODIFIED AT ANY TIME WITHOUT NOTICE. WE ENCOURAGE YOU TO CONSULT THEM.

1. ABOUT THIS NOTICE

1.1. any information which, used alone or in combination with other information, relates to you ("Personal Data") is collected, shared and used whThe purpose of this Privacy Notice (the "Notice") is to inform you about the manner in which any information which, used alone or in combination with other information, relates to you ("Personal Data") is collected, shared and used when you ("you", "your", the “User”) use our website www.zoi.com (the “Website") and/or in your capacity as a job applicant ("Applicant", "you" and "your").en you ("you", "your", the “User”) use our website www.zoi.com (the “Website") and/or in your capacity as a job applicant ("Applicant", "you" and "your").

1.2. For the Personal Data we collect in your capacity as a user of the Zoī mobile application and/or as a member of the services offered, please read our Privacy Notice for Members here.

1.3. This Notice also sets out your rights in relation to the Personal Data we process about you, and how you can exercise them.

1.4. This Notice describes the high standards that Zoī applies to protect your Personal Data with the utmost care. Respecting your privacy is one of Zoī's core values. To carry out this mission, Zoī has a team dedicated to the protection of personal data, including a Data Protection Officer registered with the CNIL, a security team and a legal team.

1.5. For the purposes of this Notice, Zoī SAS, which has its registered office at 50, rue de Paradis in Paris (75010), and is registered with the Paris Trade and Companies Registry under number 903 224 806, acts as the data controller for Personal Data collected via the Website. In its capacity as data controller, Zoī SAS is responsible for ensuring that the processing of Personal Data complies with current data protection legislation, and more specifically with EU Regulation 2016/679on the protection of natural persons with regard to the processing of personal data and on the free movement of such data ("GDPR") and Law 78-17 of January 6, 1978, as amended, on Data Processing, Files and Individual Liberties.

1.6. Please take the time to read this Notice carefully. If you have any questions or comments, please contact privacy@zoi.com or our Data Protection Officer at zoi.dpo@mydata-trust.info.

2. GENERAL DISCLAIMER AND USE OF SOCIAL NETWORKS

Access to the Website implies the User's full and unreserved acceptance of the present Notice, and of the Cookie Notice included in the Legal Information of the Website. The User acknowledges having read the information below.
‍
The Notice is valid for all pages hosted on the Website. It is not valid for pages hosted by third parties to which Zoī may link and whose privacy notices may differ. Zoī cannot therefore be held responsible for data processed on or by these websites.
‍
Please note that if and when using social networks, Zoī will be responsible for joint processing with the relevant social networks, where applicable, only for the following activities: accessing and processing aggregated statistical data provided by the relevant social networks. For all other processing on the platform, the social media platform will be considered as the sole data controller.

3. WHAT PERSONAL DATA IS COLLECTED BY ZOĪ SAS AND WHY?

3.1. The types of Personal Data we collect, and the purposes for which we process them include:

If we ask you to provide other Personal Data not described above, then the Personal Data we ask you to provide, and the reasons we ask you to provide it, will be made clear to you at the time we collect it.
‍
We may collect some of this Data indirectly, in particular from your former employers or references where applicable.

3.2. We may also automatically collect certain information from your device. Specifically, the information we collect automatically may include information relating to your IP address, device type, unique identification numbers, browser type, broadly understood geographic location (e.g. country or city level), and other technical information. We may also collect information about how your device has interacted with our Website, including pages viewed and links clicked.
‍
Collecting this information enables us to better understand who visits our Website, where they come from, and what content on our Website is of interest to them. We use this information for internal analysis purposes and to improve the quality and relevance of our Website for our visitors.

Some of this information may be collected using cookies and similar tracking technologies, as further explained in our Cookie Notice which is available in the footer of our Website.

3.3. In general, we will only use the Personal Data we collect from you for the purposes described in this Notice or for those we will explain to you at the appropriate time. However, we may also use your Personal Data for other purposes that are not incompatible with the purposes we have communicated to you and provided that they are authorized by the applicable data protection laws.

4. WITH WHOM DOES ZOĪ SAS SHARE YOUR PERSONAL DATA?

4.1. We may transfer your Personal Data to the following categories of recipients:

(a)

to our group companies for purposes consistent with this Notice. We take precautions to ensure that access to Personal Data is restricted to a very limited number of staff members who are aware of and have a legitimate business need to know, and we contractually prohibit them from using Personal Data for any other purpose.

(b)

to our third-party suppliers, service providers and partners who provide us with a data processing service, or who process Personal Data on behalf of and for Zoī SAS and for the purposes described in this Notice, thus acting as subcontractors, or who are notified to you when your Personal Data is collected. This may include communications with third party suppliers and other service providers we use in connection with the services they provide to us, including to support us in areas such as site management and hosting, and data analysis.

(c)

to any competent law enforcement agency, regulator, government agency, court, or other third party, when we believe that disclosure is necessary (i) under applicable law or regulation, (ii) to establish or defend our rights, or (iii) to protect your vital interests or those of any other person.

(d)

to our auditors, advisors, legal representatives and similar agents as part of the consultancy services they provide to us for legitimate business purposes and subject to a contractual prohibition on the use of Personal Data for other purposes;

(e)

to a prospective buyer or investor (and its agents and advisors), in connection with a proposed purchase, merger or acquisition of part of our business, provided that we inform the prospective buyer or investor that it may use your Personal Data only for the purposes described in this Notice;

(f)

to any other person where you have given your prior consent to disclosure.

4.2. Your Personal Data may be transferred to and processed in countries other than the one in which you reside. These countries may have data protection laws that differ from the laws of your own country and in some cases may be less protective.

More specifically, our servers are located within the European Economic Area (EEA) at a hosting provider located in France. In addition to our European providers, some of our third-party service providers operate in the following countries: United States. This means that when we collect your Personal Data, we may transfer some of it to these countries.

However, we have taken appropriate safeguards to require that your Personal Data remains protected in accordance with this Notice. Thus, we sign with service providers located outside the EEA and in countries that have not been considered by the European Commission as adequate, the European Commission's Standard Contractual Clauses, which require these service providers to protect the Personal Data they process from the EEA in compliance with European Union data protection law.

You can obtain a copy of the Standard Contractual Clauses by sending an e-mail to zoi.dpo@mydata-trust.info.

5. HOW WE PROTECT YOUR PERSONAL DATA

5.1. In accordance with this Notice, we will process Personal Data as follows:

(a)

Fairness: We will treat Personal Data fairly. This means that we are transparent about how we process Personal Data and that we will treat it in accordance with applicable law.

(b)

Lawfulness: We will only process personal data for legitimate reasons.

(c)

Purpose limitation: We will process Personal Data for specified and lawful purposes, and we will not process it in a manner incompatible with those purposes.

(d)

Data minimization: We will process Personal Data that is adequate, relevant and limited to what is necessary to achieve the purposes for which the data is processed.

(e)

Data accuracy: We take appropriate steps to ensure that the Personal Data we hold is accurate, complete and, where necessary, kept up to date. However, it is also your responsibility to ensure that your Personal Data is as accurate, complete and up-to-date as possible by informing Zoī SAS promptly of any changes or errors.

(f)

Data security: We use appropriate technical and organizational measures to protect the Personal Data we collect and process about you. The measures we use are designed to provide a level of security appropriate to the risk of processing your Personal Data. The security measures we implement notably include the following:
‍- advanced encryption technologies;
- storage of your Personal Data in a secure location in Europe;
- very restricted access to such data

(g)

Subcontractors: We may engage third parties to process Personal Data for and on behalf of Zoī SAS. We require such processors to process Personal Data and act strictly in accordance with our instructions and to take appropriate measures to ensure that Personal Data remains protected as described in Article 28 of the GDPR.

(h)

Data Retention: We retain the Personal Data we collect from you when we have a legitimate business need (for example, in order to provide you with a service you have requested or to comply with applicable legal, tax or accounting requirements).
‍
Accordingly, we retain Personal Data for the following periods:
- To respond to your requests: up to 2 years after the date of last contact.
- For recruitment: up to 2 years after the date of last contact with the candidate.
- To improve your user experience and for statistical analysis of usage and growth: see the Cookie Notice in the Legal Information section of the Website;
- Concerning statistical analysis of usage on social networks: statistical data is stored by LinkedIn and therefore subject to their retention policy. We may export statistical reports, but we guarantee that these reports will be provided in anonymous form.
‍
When we no longer have a legitimate business need to process your Personal Data, we anonymize it, or delete it or if the latter action is not possible (for example, your Personal Data has been stored in backup archives), we store it securely and isolate it from further processing until deletion is possible.

6. YOUR DATA PROTECTION RIGHTS WITH REGARD TO THE USE OF YOUR PERSONAL DATA

6.1. You have the following rights regarding the protection of your Personal Data:

(a)

The right to be informed, to access, correct, update or request the deletion of your Data.

(b)

In addition, in certain circumstances, you may object to the processing of your Personal Data, ask us to limit the processing of your Personal Data, or request the portability of your Personal Data.

(c)

If we have collected and processed your Personal Data with your consent, you may withdraw your consent at any time. Withdrawal of your consent will not affect the lawfulness of any processing we have carried out prior to such withdrawal and will not affect the processing of your Personal Data carried out on legal grounds other than consent.

(d)

If you have a complaint or concern about the way we process your Personal Data, we will endeavor to address those concerns. If you feel that we have not adequately addressed your complaint or concern, you have the right to lodge a complaint with a data protection authority about our collection and use of your Personal Data. For more information, please contact the competent data protection authority of your usual place of residence, your place of work or the place of the alleged breach (Link to EEA data protection authorities) and, in particular, the CNIL (https://www.cnil.fr/fr/plaintes).

6.2. You can exercise these rights by sending a request to:
- Zoī's Data Protection Officer (DPO), specifically empowered to respond to requests from Site users to exercise their rights, by e-mail to the following address: zoi.dpo@mydata-trust.info;
- Zoī sending your request to privacy@zoi.com.

6.3. To make things easier, when you send us a request to exercise your rights, we invite you to:
- Indicate which right(s) you wish to exercise;
- Clearly state your full name and contact details.

6.4. We respond to all requests we receive from persons wishing to exercise their rights relating to the protection of their Personal Data in accordance with applicable data protection laws.

7. UPDATE OF THIS NOTICE

7.1. We may update this Notice from time to time in response to changing legal, technical or business developments. When we update our Notice, we will take appropriate steps to notify you, taking into account the significance of the changes we make.

7.2. You can see when this Notice was last updated by referring to the "last updated" date displayed at the top of this Notice.

8. CONTACT US

If you have any questions about this Notice, you can contact:

Zoī
‍sis 50, rue de Paradis
Paris (75010)
France
‍privacy@zoi.com.

Data Protection Officer
‍zoi.dpo@mydata-trust.info

Data protection authority in France: Commission Nationale de l'Informatique et des Libertés - CNIL

Copyright © 2023 ZOI SAS. All rights reserved.
This Privacy Notice is effective as of June 12, 2023
Last updated on June 17, 2024
Version: 1.0