Privacy policy
Purpose of this policy
FYGR is committed to security, confidentiality and the ongoing protection of the personal data (the "Data") of the users of its services, in accordance with current French and European regulations, in particular the French Data Protection Act of January 6, 1978 as amended (LIL) and the General Data Protection Regulation of April 27, 2016 (RGPD).
The purpose of this policy is to inform you of the rules we apply to Data protection. In particular, it describes how we collect and process your Personal Data and how you can exercise your rights with regard to this Data.
FYGR, represented by François Menjaud, in his capacity as President, is responsible for processing the Personal Data collected through the website and the Fygr Tool accessible from the
website as well as the
the application.
This means that we determine the purpose and means of processing the Personal Data collected.
We apply a strict policy to guarantee the protection of your Data.
Policy scope
This policy covers the use of:
- our
website and the services accessible from this site;
- of our services accessible on the
FYGR as well as from the
application.Status of Fygr and its customers
The legal entity customer undertakes to pass on the present information to any natural person likely to be concerned by the Data processing carried out.
Fygr undertakes to ensure that all its partners or subcontractors comply with the applicable provisions.
The data we collect
FYGR is likely to collect your Data in the following cases:
- We collect your Data through forms you complete on our website or to subscribe to our services or those of our partners
- We also collect your Data when you correspond with us, in particular with our customer service department, by e-mail or telephone. In this case, we keep a copy of this exchange.
- We may also collect your Data when you interact with us on social networks
- When you use our services, we receive information about the services you use and how you use them. This includes information about your company, your banking activities and your cash balance;
- We may also collect additional information from you when you register or otherwise use our services.
The categories of Data we process are as follows:
- Data identifying the individual (surname, first name, business e-mail address, telephone number);
- Data relating to operations and transactions carried out by the user account(s) in the course of its business (receipt and issue of payments, transfers);
- Bank details (IBAN, bank details, card number) ;
- Identification and authentication data related to the use of Fygr (username, password) ;
- Data on contact and interaction with us: messages, emails, calls, interaction on our website and social networks;
- Browsing data: cookies and IP address. We use cookies to enable you to access your reserved and personal areas. To find out more about our policy on the use of cookies, please consult our
Cookie management policy.
We do not perform any processing of Personal Data such as racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as the processing of biometric data or genetic data, pursuant to Article 9 of the European General Data Protection Regulation 2016/679 of April 27, 2016.
However, this prohibition may be waived if legal or regulatory provisions require the aforementioned Personal Data to be processed.
Use of connected data
We collect and process your Personal Data for specific, explicit and legitimate purposes. In this respect, we use your Data in the context of the performance of the service contract you enter into with us. The purposes and legal bases are as follows:
PURPOSE
Manage your access to and use of the services.
This processing is necessary for the performance of our respective contractual obligations.
Carry out customer management operations concerning contracts, orders, deliveries, invoices, loyalty programs and customer relations.
This processing is necessary for the performance of our respective contractual obligations and/or is carried out with your consent.
Build a file of registered members, users, customers and prospects.
This processing is based on your consent and/or our legitimate interest (providing you with relevant information).
Send newsletters, solicitations and promotional messages.
This processing is based on your consent and/or our legitimate interest (providing you with relevant information).
To compile commercial and visitor statistics for our services.
This processing is based on our legitimate interests.
Organize contests, lotteries and all kinds of promotional operations, with the exception of online gambling subject to approval by the Autorité de Régulation des Jeux en Ligne.
This processing is based on your consent and/or our legitimate interest.
Manage people's opinions on products, services or content.
This processing is based on our legitimate interests.
To manage any unpaid invoices or disputes relating to the use of our products and services.
This processing is (i) necessary for the performance of our respective contractual obligations, and/or (ii) necessary for the establishment, exercise or defense of legal claims.
Meet our legal and regulatory obligations.
Such processing is (i) necessary for the performance of our respective contractual obligations, (ii) carried out with your consent and/or (iii) necessary for the establishment, exercise or defence of legal claims.
Manage our Tool and perform internal technical operations for problem solving, testing and research.
This processing is based on our legitimate interests (ensuring the security of our Tool and improving its features).
When we collect your personal data, we inform you whether certain information is mandatory or optional. Mandatory data is required for the operation of our services. For optional data, you are entirely free to choose whether or not to provide it. We will also inform you of the possible consequences of failing to do so.
Commercial prospecting
In accordance with applicable legislation and with your consent where required, we may use the data you provide us with for marketing purposes (for example to (i) send you our newsletters, (ii) send you invitations to our events or any other communication likely to be of interest to you).
You may withdraw your consent at any time by (i) clicking on the unsubscribe link provided in each of our communications or (ii) contacting us at
support@fygr.io.
Recipients of collected data
Only the authorized and specified persons mentioned below may have access to some of your Data:
- FYGR's authorized personnel, who are bound by a confidentiality agreement relating to your Data ;
- FYGR's subcontractors who act in the name of and on behalf of FYGR;
- Budget Insight and Fintecture, who act as joint managers with Fygr regarding bank account aggregation, bill and payment initiation services;
- Authorized third parties, such as the courts concerned, mediators, chartered accountants, auditors, lawyers, bailiffs, debt collection companies, etc;
- Third parties who may place cookies on your terminals when you consent (for more details, see our
Cookie Management Policy.Your Data will not be communicated, exchanged, sold or rented to anyone other than those mentioned above.
Data storage and transfer outside the EU
All our servers on which your data is stored and those of the service providers used to exchange and store this data are located in Europe.
To this end, the Data we collect is stored on the servers of our service provider Amazon Web Services (AWS) in Europe, which guarantees a high level of security.
In the event that we use subcontractors located outside the European Union, we undertake to ensure that our subcontractors present protection measures recognized as sufficient within the meaning of the RGPD. This may include, in particular, subcontractors located in any other country recognized by the European Union as ensuring an adequate level of protection for personal data ("Adequacy Decision"), subject to a data transfer agreement that complies with the standard contractual clauses adopted by the European Commission or, any other protection measure recognized as sufficient by the European Commission.
Security
We inform you that we take all necessary precautions and appropriate organizational and technical measures to preserve the security, integrity and confidentiality of your Personal Data, and in particular to prevent it from being distorted, damaged or accessed by unauthorized third parties. We also use secure payment systems that comply with the state of the art and applicable regulations.
Data retention period
We keep your Data only as long as is necessary for the purposes for which it is to be used.
FYGR retains your Data for as long as your account remains active, unless you request its deletion or the deletion of your account.
The following categories of personal data may also be stored for different periods of time:
- Financial data relating to the invoicing of our services (e.g. payments) are kept for the period required by applicable tax and accounting laws;
- Data used for commercial canvassing purposes may be kept for a period of three years from the deletion of your account, unless you have decided to exercise your right to object under the conditions set out below;
- Data enabling us to establish proof of a right or contract, or retained to comply with a legal obligation, may be subject to an intermediate archiving policy in order to meet our legal, accounting and tax obligations. This applies in particular to the 5-year limitation period provided for under article 2224 of the French Civil Code.
User rights
In accordance with the applicable regulations, you have the following rights when your Data is processed:
- Right of access (Article 15 of the RGPD): you have the right to obtain from us confirmation that Data concerning you is or is not being processed as well as to receive a copy of all the Data we hold about you ;
- Right of rectification (Article 16 of the GDPR): you have the right to request the correction of the Data we hold about you if it is incomplete or incorrect. In this case, we may ask you to verify the new Data provided ;
- Right to be forgotten (Article 17 of the RGPD): you can ask us to delete your Data when we no longer have a legitimate interest in holding it;Right to limitation (Article 18 of the RGPD): you can in certain cases obtain from us the limitation of the processing of your Data;
- Right to portability (Article 20 of the RGPD): you may receive from us the Data concerning you in a structured, commonly used and machine-readable format, for the purposes in particular of transmission to a third party. Where technically possible, you also have the right to have your Data transmitted directly to that third party;
- Right to object (Article 21 and 22 of the RGPD): you may object at any time to the processing of your Data for reasons relating to your particular situation or when your Data is processed for canvassing purposes ;
- Right to withdraw your consent (Article 13-2 c of the RGPD): you have the right to withdraw your consent to the processing of your Data at any time, which will not render unlawful the previous processing based on that consent ;
- The right to determine what happens to your Data after your death, and to choose whether or not we pass on your Data to a third party designated by you. In the event of your death, and in the absence of any instructions from you, we undertake to destroy your data, unless its retention is necessary for evidentiary purposes or to meet a legal obligation.
Exercising your rights
You can exercise your rights by sending a request to our customer support at the addresses below.
Any request to exercise a right must be accompanied by a copy of your identity document. A reply will be sent to you within one month of receipt of your request. To this end, we may ask you for additional information or documents.
Please note that you do not need to pay a fee to access your personal data or exercise your rights.
However, we may charge a reasonable fee if your request is manifestly unfounded, repetitive or excessive.
If you have any questions about the processing of your Personal Data or if you have any comments, requests or complaints about the confidentiality of your Personal Data, please contact us at :
By email:
support@fygr.io
Bypost: 26 avenue Winston Churchill (La Filature, Bâtiment D), 27400 Louviers
Complaints to the Commission Nationale de l'Informatique et des Libertés (CNIL) (French Data Protection Authority)
In the event that the rights of the data subject have not been respected and after contacting the Data Controller, the data subject may lodge a complaint with the CNIL :
Commission Nationale de l'Informatique et des Libertés, 3 Place de Fontenoy, 75334 PARIS
Send a complaint to the CNILModification of the privacy policy
We reserve the right to modify this privacy policy at any time.
The most current version of this Privacy Policy governs our use of your information and will always be available on FYGR's website or upon request from FYGR.
Should we make any substantial changes to this privacy policy, we undertake to notify you via your email address.
Send a complaint to the CNILPersonal data processor