Privacy policy of Tixeo

This privacy policy is intended to clearly explain how Tixeo SAS, headquartered at 244 Rue Claude François – Parc 2000 34080 MONTPELLIER, France, collects and uses your personal information when you interact with us through the use of our online services (TixeoCloud and TixeoPrivateCloud) and our website when Tixeo is acting as a data controller. It also aims to inform you about your rights and choices regarding access and control of your personal data.

1. definitions

“Policy”: refers to this privacy policy

“Tixeo”, “We”, “Us”, “Our”: refers to Tixeo SAS

“You” “Your” “user” “Attendee” “Participant”: refers to any person using or otherwise interacting with our services

“Service”, “Services” : refers to the “TixeoCloud” and “TixeoPrivateCloud” video conferencing services

“Customer”, “Business Customer”: refers to an organization contractually bound to Tixeo for the use of the service

“Prospect”: refers to an organisation not contractually bound to Tixeo but having an interaction (use of the service, correspondence, communication)

“Administrator”: Person or entity in charge of deploying the service for the client or within the client company. In particular, the administrator is authorised to deploy and make available the organiser accounts to the designated employees within the client company

“Organizer account”, “organizer”: a person who has a license to organize and schedule Tixeo videoconference meetings

“GDPR”: General Data Protection Regulation

2. How do we collect personal data?

Service

We collect your information and personal data when you voluntarily provide it to us in the course of using the service.

This can happen:

  • When you create your account after being invited to a Tixeo videoconference by a meeting organizer
  • When organising a videoconference
  • When you register on our website to benefit from a free trial period of the solution
  • When you fill in one of the various forms on our website (contact request, demonstration request and white paper request)
  • When you submit a technical support request
  • We also collect information generated by the organization of meetings in which you attend (metadata) and / or that you have organized yourself.

Contractual relationship

We may also collect your information and personal data if you are representing a Tixeo customer or prospect.

Website

We collect information when you visit our website and use our services and applications; we use a third-party analytics service called MATOMO (formerly Piwik)  to collect, analyse and report metrics about website visits.

The registration of Matomo cookies and the use of this analysis tool are based on Article 6 paragraph 1 letter f of the GDPR, which states that the website publisher has a legitimate interest in anonymously analysing user behaviour in order to improve its website and thus obtain anonymous statistics. The anonymous information provided by the cookies on the use of the website is not passed on to third parties.

3. What data do we collect and how long is it kept?

The collection of some particularly sensitive data is strictly regulated by the GDPR and requires particular vigilance. Tixeo does not collect any data revealing the alleged racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership of individuals, genetic and biometric data, data concerning health, sex life or sexual orientation of individuals, data relating to criminal convictions or offences, as well as the unique national identification number (NIR or Social Security/Insurance number).

Personal data

We collect the data you provide to us during your interactions with us as part of our service. This data includes the following:

Collection media

Type of data that can be processed (depending on the request)

Shelf life

For Internet users who use the contact form

• Name
• First name
• E-mail address
• Business telephone number
• Name of the company represented
• Question asked

Maximum 3 years from the last contact

For Internet users who request a “free trial”

• Name
• First name
• E-mail address
• Business telephone number
• Name of the company represented
• Preferred dates and times
• How the person got to know Tixeo

Maximum 3 years after the last contact (unless opposed)

For Internet users who request a demo

• Name
• First name
• E-mail address
• Business telephone number
• Name of the company represented
• Preferred dates and times
• How the person got to know Tixeo

Maximum 3 years after the last contact (unless opposed)

For those who wish to download the White Paper

• Name
• First name
• E-mail address
• Business telephone number
• Name of the company represented

Maximum 3 years after the last contact (unless opposed)

Concerning the transfer of data to partners

• Name
• First name
• E-mail address
• Company

Maximum 3 years after the last contact (unless opposed)

For users who create an account after receiving an invitation

• Name
• First name
• E-mail address
• Identifier
• Password

1 year maximum from the last contact (unless opposed)

For users who require technical support

• Name
• First name
• E-mail address
• Identifier
• Operating system
• Time-stamped lines
• Date of download of the Tixeo solution on the computer or via Google Store or Apple Store
• Messages exchanged

For the duration of the subscription, then 5 years in the archive for evidence purposes

About Matomo cookies

• Geographical data
• Number of visitors
• Geographical origin
• Time spent
• Page views
• Browser
• Device type (computer, tablet, phone)
• Operating system

13 months maximum for the cookie and 25 months maximum for the data generated

During any meeting via one of Tixeo’s software solutions regarding only Tixeo’s customers (no guest data is processed by Tixeo as a data controller except for the data needed to create an account for video conferencing security purposes)

• Name
• First name
• E-mail address
• Identifier
• Password
• Date of the meeting
• Time of the meeting (start)
• Duration of the meeting
• Title of the meeting
• List of attendees
• Meeting server address
• Log of your connections and disconnections (including IP addresses)

During the time chosen by the customer, deletion in any case at the end of the subscription

3. What data do we collect and how long is it kept?

The collection of some particularly sensitive data is strictly regulated by the GDPR and requires particular vigilance. Tixeo does not collect any data revealing the alleged racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership of individuals, genetic and biometric data, data concerning health, sex life or sexual orientation of individuals, data relating to criminal convictions or offences, as well as the unique national identification number (NIR or Social Security/Insurance number).

Personal data

We collect the data you provide to us during your interactions with us as part of our service. This data includes the following:

Collection media

  1. For users who use the contact form
  2. For users who request a “free trial
  3. For users who request a demo
  4. For users who wish to download the White Paper
  5. Regarding the transfer of data to partners
  6. For users who create an account after receiving an invitation
  7. For users who request technical support
  8. Regarding Matomo cookies
  9. During any meeting via one of Tixeo’s software solutions concerning only Tixeo’s customers (no guest data is processed by Tixeo as a data controller except for the data needed to create an account for videoconference security purposes)

Type of data that can be processed (depending on the request)

  1. Last Name, First Name, Email Address, Business Phone Number, Name of Company Represented, Question Asked
  2. Last Name, First Name, Email Address, Username, Password, Business Phone Number, Name of Company Represented
  3. Last name, First name, Email address, Business phone number, Name of the company represented, Dates and times desired, How did the person know Tixeo
  4. Last name, First name, Email address, Business phone number, Name of the company represented
  5. Last name, First name, Email address, Company
  6. Last name, First name, Email address, Username, Password
  7. Last name, First name, Email address, Username, Operating system, Time-stamped lines, Date the Tixeo solution was downloaded on the computer or via Google Store or Apple Store, Messages exchanged
  8. Geographical data, number of visitors, geographical origin, time spent, page views, browser, device type (computer, tablet, phone), operating system.
  9. Last name, First name, Email address, Username, Password, Meeting date, Meeting time (start), Meeting duration, Meeting title, Attendee list, Meeting server address, Log of your connections and disconnections (including IP addresses)

Shelf life

  1. 3 years maximum from the last contact
  2. Maximum 3 years after last contact (unless objected to)
  3. Maximum 3 years after last contact (unless objected to)
  4. Maximum 3 years after the last contact (unless opposed)
  5. Maximum 3 years after the last contact (unless opposed)
  6. 1 year maximum after the last contact (unless opposed)
  7. During the entire duration of the subscription, then 5 years in the archive for proof purposes
  8. 13 months maximum concerning the cookie and 25 months maximum concerning the generated data
  9. During the time chosen by the customer, deletion in all cases at the end of the subscription

4. Why and how do we use personal data?

Tixeo aims to offer you the best secure video conferencing and video collaboration experience. The personal data we collect are necessary to provide, organize and optimize the service we offer.

Thus we use your personal data for the following purposes which are based on the legal grounds specified below:

Collection media

Goals

Legal basis

For Internet users who use the contact form

• Reply to any contact request made by an Internet user

• Carry out commercial prospecting operations

• In the event of a specific technical request, provide an suitable response by a specific subcontractor or integrator certified by TIXEO

Legitimate interest of TIXEO to respond to any request made by an Internet user.

Legitimate interest of TIXEO to offer its products and services to professional customers.

Legitimate interest of TIXEO to be able to respond to specific technical requests.

For Internet users who request a “free trial”

• Create your Tixeo account and connect to your Tixeo account in order to give you access to the chosen software solution in a secure way (notably by authenticating to the services)

• Responding to your requests for assistance

• To provide us with information necessary for maintenance operations to ensure data security, including monitoring of our data centers and networks

• Carry out commercial prospecting operations

• In the event of a specific request, allow for optimal technical deployment of TIXEO solutions by a specific subcontractor or integrator certified by TIXEO, either remotely or on site

Execution of pre-contractual measures.

Tixeo’s legitimate interest in responding to your requests.

Legitimate interest of TIXEO to ensure a high level of security of the software solutions.

Legitimate interest of TIXEO to offer its products and services to professional customers.

Legitimate interest of TIXEO to technically deploy the solution in all possible technical cases by a remote subcontractor or on the customer’s site.

For Internet users who request a demo

• Demonstrate the software solutions to anyone who requests it

• Carry out commercial prospecting operations

• Keeping statistics on demo requests

• In the event of a specific technical request, provide an adapted response by a specific subcontractor or integrator certified by TIXEO

Execution of pre-contractual measures.

Legitimate interest of TIXEO to offer its products and services to professional customers.

Legitimate interest of TIXEO to establish statistics.

Legitimate interest of TIXEO to be able to respond to specific technical requests.

For those who wish to download the White Paper

• Send the White Paper to anyone who requests it

• Carry out commercial prospecting operations

• Keeping statistics on requests to download the White Paper

Legitimate interest of TIXEO to send the White Paper to the person who requests it.

Legitimate interest of TIXEO to offer its products to professional customers and Consent for individuals acting outside the professional framework.

For users who create an account after receiving an invitation

• Allow the creation of an online account for secure access to any videoconference

Legitimate interest of Tixeo to offer a secure video conferencing service.

About Matomo cookies

• Establish website traffic statistics

Legitimate interest of Tixeo to establish audience statistics.

Concerning the management of customer subscriptions

• Create your Tixeo account and connect to your Tixeo account in order to give you access to the chosen software solution in a secure way (notably by authenticating to the services)

• Responding to your requests for assistance

• Generate statistics which are then made available to the customer via his administrator account

• To provide us with information necessary for maintenance operations, including monitoring of our data centers and networks

Performance of the contract.

Performance of the contract.

Legitimate interest of Tixeo to establish statistics.

Legitimate interest in ensuring the security of the software solutions offered.

During any meeting via one of Tixeo’s software solutions regarding only Tixeo’s customers

• Generate a history of meetings needed by customers (administrator)

• Allow the customer to find the people who attended a meeting

Performance of the contract.

Performance of the contract.

Important information on video conferencing

While using the service, some information such as your first name, last name, image and voice may be disclosed to other attendees via the various features provided by the service. Similarly, if you send a message, transfer a file or share content, it may be viewed by others participating in the meeting or conversation.

Tixeo is not responsible for images, sounds, documents, texts shared by attendees during a meeting. Attendees can thus access information that may contain the personal information of other attendees or even of people outside the meeting.

The person responsible for processing this data is the meeting organiser, TIXEO being only a subcontractor of such personal data.

Your administrator or controller may have access, for their own use and that of their organisation, to personal data of attendee as linked to their organisation. In this situation, Tixeo is not able to control your information: Tixeo does not control why or how your information is used, and you will need to contact your administrator or data controller (e.g. your employer and/or the company that gives you access to the Services) to find out about your data protection rights and responsibilities. Any questions regarding your organisation’s policies and access rights for administrative users should be directed to your organisation.

4. Why and how do we use personal data?

Tixeo aims to offer you the best secure video conferencing and video collaboration experience. The personal data we collect are necessary to provide, organize and optimize the service we offer.

Thus we use your personal data for the following purposes which are based on the legal grounds specified below:

Collection media

  1. For users who use the contact form
  2. For users who request a “free trial”
  3. For users who request a demo
  4. For users who want to download the White Paper
  5. For users who create an account after receiving an invitation
  6. About Matomo cookies
  7. Concerning the management of customer subscription : During any meeting via one of Tixeo’s software solutions regarding only Tixeo’s customers

Goals

  1. Respond to any contact request made by a user, Carry out commercial prospecting, In case of specific technical request, provide an appropriate response by a specific subcontractor or integrator certified by TIXEO
  2. Create your Tixeo account and connect to your Tixeo account in order to give you access to the chosen software solution in a secure way (notably by authentication to the services), Answer your support requests, Provide us with the necessary information for maintenance operations to ensure data security thanks to the monitoring of our data centers and networks, Carry out commercial prospecting operations, In case of specific request, allow an optimal technical deployment of TIXEO’s solutions by a specific subcontractor or integrator certified by TIXEO, either remotely or on site
  3. Carry out a demo of the software solutions to any person who requests it, Carry out commercial prospecting operations, Carry out demo request statistics, In the event of a specific technical request, provide an adapted response by a specific subcontractor or integrator certified by TIXEO
  4. Send the White Paper to any person who requests it, Carry out commercial prospecting, Carry out statistics on requests to download the White Paper
  5. Allow the creation of an online account for secure access to any videoconference
  6. Establish audience statistics
  7. Create your Tixeo account and connect to your Tixeo account in order to give you secure access to the chosen software solution (notably by authenticating to the services), Answer your support requests, Generate statistics available to the customer via his administrator account, Provide us with the necessary information for maintenance operations thanks to the monitoring of our data centers and networks
  8. Generate a history of meetings needed by customers (administrator), Allow the customer to find the people who attended a meeting

Legal basis

  1. Legitimate interest of TIXEO to respond to any request made by an Internet user, Legitimate interest of TIXEO to offer its products and services to professional customers, Legitimate interest of TIXEO to respond to specific technical requests
  2. Execution of pre-contractual measures, Legitimate interest of TIXEO to respond to your requests, Legitimate interest of TIXEO to ensure a high level of security of the software solutions, Legitimate interest of TIXEO to offer its products and services to professional customers, Legitimate interest of TIXEO to technically deploy the solution in all possible technical cases by a subcontractor either remotely or on the customer site.
  3. Execution of pre-contractual measures, Legitimate interest of TIXEO to offer its products and services to professional customers, Legitimate interest of TIXEO to establish statistics, Legitimate interest of TIXEO to be able to answer specific technical requests
  4. Legitimate interest of TIXEO to send the White Paper to the person who requested it, Legitimate interest of TIXEO to offer its products to professional customers and Consent for individuals acting outside the professional framework, Legitimate interest of Tixeo to measure the relevance of updating the White Paper.
  5. Legitimate interest of Tixeo to offer a secure video conferencing service.
  6. Legitimate interest of Tixeo to establish audience statistics.
  7. Contract execution, Contract execution, Legitimate interest of Tixeo to establish statistics, Legitimate interest to ensure the security of the proposed software solutions.
  8. Contract enforcement, Contract enforcement.

Important information on video conferencing

While using the service, some information such as your first name, last name, image and voice may be disclosed to other attendees via the various features provided by the service. Similarly, if you send a message, transfer a file or share content, it may be viewed by others participating in the meeting or conversation.

Tixeo is not responsible for images, sounds, documents, texts shared by attendees during a meeting. Attendees can thus access information that may contain the personal information of other attendees or even of people outside the meeting.

The person responsible for processing this data is the meeting organiser, TIXEO being only a subcontractor of such personal data.

Your administrator or controller may have access, for their own use and that of their organisation, to personal data of attendee as linked to their organisation. In this situation, Tixeo is not able to control your information: Tixeo does not control why or how your information is used, and you will need to contact your administrator or data controller (e.g. your employer and/or the company that gives you access to the Services) to find out about your data protection rights and responsibilities. Any questions regarding your organisation’s policies and access rights for administrative users should be directed to your organisation.

5. Where is your personal data hosted?

The personal data that we collect and process in the context of providing our services to our users are hosted by OVH company, whose servers (datacenters) are located in metropolitan France.

Within the framework of the use of the service, the personal data of users are never transferred to a third country (with the exception of Switzerland, which benefits from an adequacy decision, and only in the case of transfer, with the explicit consent of the person concerned, to our partner in Switzerland, Ubcom).

OVH is committed to comply with its obligations under the above-mentioned regulations and, in particular, the GDPR. Thanks to this commitment to compliance, OVH’s customers, including Tixeo, are also able to meet part of their regulatory obligations.

6. Who are the recipients of the data and do we share the personal data we collect?

The recipients of the data are, in principle (with the exceptions provided for in this article), exclusively the internal departments of TIXEO and this in a compartmentalised manner. Each department has access to the data only to the extent necessary for its tasks. Thus, the Technical Support department only has access to data relating to the maintenance of software solutions and data security, and the Sales department only has access to the identification data necessary to carry out commercial canvassing operations in compliance with the applicable provisions on data protection.

In some cases, we must pass on your personal data to authorised third parties. These cases may include: a requisition by law, a court order or a decision by a competent public authority and for law enforcement purposes.

In addition, we may share your personal data with the following third parties:

  • Third parties to establish, enforce or defend the rights of Tixeo SAS
  • Third parties in the event of a merger, sale, joint venture, assignment, transfer or other disposition of all or part of the assets of Tixeo SAS (including without limitation in connection with bankruptcy or similar proceedings)
  • Integrators or subcontractors certified by Tixeo, in the context of a technical request or to ensure an optimal deployment of the service:
    • Bardinet Telecom
    • MindTechnologies
    • Ubcom
    • Connect4Video
    • CyberXpert

When we transfer your personal data to a third party, we take all reasonable steps to ensure that such third parties are bound by obligations of confidentiality with respect to the protection of your personal data. The transfer is carried out in accordance with legal requirements, including entering into data processing agreements with the relevant third parties, to ensure that personal data is only processed in accordance with our instructions, applicable law and regulations and for the use specified by us, and to apply appropriate security measures.

7. How do we ensure the protection of your personal data?

We are committed to ensuring the security of your personal data by taking all technical and organisational measures to protect it from unauthorised access, use or disclosure and from loss, destruction or alteration.

We recommend that you take all necessary measures to protect your personal data on the Internet. We advise you to change your password regularly and to use sufficiently complex combinations of numbers and letters to avoid any attempt at fraudulent connection.

TIXEO’s videoconferencing technology is CSPN certified and qualified by the French National Agency for the Security of Information Systems (ANSSI).
For more information: https://www.tixeo.com/en/discover-tixeo-video-conferencing/

8. Access and control of your personal data: what are your rights?

The GDPR provides specific rights with respect to information and its use. We declare that we collect information in the ordinary course of business to enable the processing and fulfilment of your order or contract, in order to deliver our products and services.

According to your rights defined by the GDPR and under respect of justifying the legal conditions, you can:

  • Request access to your personal information and You can also request a copy of this personal data
  • Request to update and amend your personal data to ensure its accuracy
  • Requesting the deletion or removal of your information and personal data
  • Oppose the processing of your information and personal data
  • Requesting the restriction of the processing of your information and personal data
  • Request the transfer of your information and personal data to you or to another controller of the data you have provided where the processing is based on your consent or the performance of the contract
  • Oppose profiling or automated decisions that could have an impact on you, it being specified that TIXEO does not make any automated individual decisions
  • Define guidelines for what happens to your data after your

For more information, you can also consult the CNIL website: https://www.cnil.fr/en/home

(CNIL : Commission Nationale de l’Informatique et des Libertés = National Commission for Information Technology and Civil Liberties)

Finally:

  • You have the right to lodge a complaint about Tixeo’s handling of your personal data with the supervisory authority in your country (in France, the CNIL) or in an EU member

We may not be able to respond favourably to any of these requests in the following cases:

  • Inability to prove your identity
  • If this prevents us from meeting our regulatory obligations
  • If it involves excessive costs or effort.

9. How to contact us?

If you would like more information about the protection of your personal data or if you have any comments on this subject, you can send us a message to: gdpr@tixeo.com

You can also send us a letter to:

Politique de confidentialité - Tixeo

TIXEO
Parc 2000 – 244 rue Claude François
34080 Montpellier, FRANCE

10. Data Protection Officer (DPO)

The company TIXEO has appointed a Data Protection Officer, Me Apolline SCHMITT, a lawyer at the STRASBOURG Bar, practising at 52 Avenue des Vosges in 67000 STRASBOURG, whom you can contact for any questions relating to the protection of your data by e-mail at dpo[at]tixeo.com