Privacy Policy

1. INTRODUCTION

facing.digital (SASU) is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and protect your personal information when you visit our website or use our services.

Data Controller:

• Company: facing.digital (SASU)
• Address: 14 Rue Bausset, 75015 Paris, France
• SIREN: 942790205
• SIRET: 94279020500010
• Contact: raphael@facing.digital | +33 650 70 21 37
• Data Protection Officer: Raphaël Libert

2. LEGAL BASIS

This Privacy Policy is established in compliance with:

• EU General Data Protection Regulation (GDPR) 2016/679
• French Data Protection Act (Loi Informatique et Libertés)
• French Digital Republic Act
• ePrivacy Directive and applicable national implementations

3. DATA WE COLLECT

3.1 Information You Provide Directly:

• Contact details (name, email, phone number, company)
• Project requirements and technical specifications
• Communication preferences
• Payment and billing information (for clients)
• Account credentials (for registered users)
• Feedback and support requests

3.2 Information Collected Automatically:

• IP address and geolocation data
• Browser type and version
• Operating system information
• Pages visited and time spent on site
• Referral sources and exit pages
• Device identifiers and technical specifications
• Cookies and similar tracking technologies

3.3 Third-Party Information:

• LinkedIn profile data (when connecting via LinkedIn)
• Google Analytics data
• Social media interactions with our content

4. HOW WE USE YOUR DATA

4.1 Primary Purposes:

• Providing digital transformation consulting services
• Managing cloud architecture and technical solutions
• Developing and maintaining web applications
• Operating our proprietary products (deejay.land®, FACING.SOCIAL, JayPass)
• Processing service requests and project management
• Customer support and technical assistance

4.2 Communication:

• Responding to inquiries and quote requests
• Sending service updates and project notifications
• Marketing communications (with your consent)
• Newsletter and blog updates (opt-in basis)

4.3 Legal and Business Operations:

• Compliance with legal obligations
• Contract performance and billing
• Fraud prevention and security
• Website analytics and improvement
• Business development and market research

5. LEGAL BASIS FOR PROCESSING

We process your personal data based on:

• Contract performance: Providing requested services
• Legitimate interest: Business operations, security, analytics
• Consent: Marketing communications, optional features
• Legal obligation: Tax, accounting, regulatory compliance
• Vital interests: Security and fraud prevention

6. DATA SHARING AND THIRD PARTIES

6.1 We may share data with:

• Microsoft Azure: Cloud hosting and infrastructure
• Google Analytics: Website performance analysis
• Payment processors: Secure transaction processing
• Professional advisors: Legal, accounting, consulting services
• Regulatory authorities: When legally required

6.2 We do NOT:

• Sell personal data to third parties
• Share data for marketing purposes without consent
• Transfer data outside EU without adequate protection
• Use data for automated decision-making without disclosure

6.3 International Transfers: Data may be transferred to countries outside the EU only when:

• Adequate protection is ensured (adequacy decisions)
• Appropriate safeguards are in place (Standard Contractual Clauses)
• Explicit consent is obtained for specific transfers

7. DATA RETENTION

Retention periods:

• Contact inquiries: 3 years from last contact
• Client data: Duration of contract + 5 years (legal requirement)
• Marketing data: Until consent withdrawal
• Website analytics: 26 months (Google Analytics default)
• Technical logs: 12 months for security purposes
• Accounting records: 10 years (French legal requirement)

Data is automatically deleted or anonymized after retention periods expire.

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 Types of Cookies Used:

Essential Cookies (Always Active):

• Session management and security
• Site functionality and navigation
• Load balancing and performance

Analytics Cookies (Consent Required):

• Google Analytics (traffic analysis)
• User behavior tracking
• Performance optimization

Marketing Cookies (Consent Required):

• LinkedIn tracking pixels
• Conversion tracking
• Personalized content delivery

8.2 Cookie Management: You can control cookies through:

• Browser settings and preferences
• Our cookie consent banner
• Opt-out tools provided by third parties
• Direct contact for assistance

9. YOUR RIGHTS UNDER GDPR

You have the right to:

9.1 Access: Request copies of your personal data 9.2 Rectification: Correct inaccurate or incomplete data 9.3 Erasure: Request deletion of your data ("right to be forgotten") 9.4 Restriction: Limit how we process your data 9.5 Portability: Receive your data in a structured format 9.6 Object: Opt-out of processing based on legitimate interests 9.7 Withdraw consent: For consent-based processing 9.8 Complain: File complaints with supervisory authorities

To exercise your rights:

• Email: raphael@facing.digital
• Subject line: "Data Protection Request"
• Include: Full name, contact details, specific request
• Response time: Within 30 days (may be extended for complex requests)

10. DATA SECURITY

Technical Measures:

• SSL/TLS encryption for data transmission
• Microsoft Azure security infrastructure
• Regular security updates and patches
• Access controls and authentication
• Backup and disaster recovery procedures

Organizational Measures:

• Staff training on data protection
• Confidentiality agreements
• Regular security assessments
• Incident response procedures
• Privacy by design principles

In case of data breach:

• Supervisory authorities notified within 72 hours
• Affected individuals notified when high risk exists
• Immediate containment and remediation measures
• Full investigation and documentation

11. CHILDREN'S PRIVACY

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal data from children. If we become aware of such collection, we will delete the data immediately and take steps to prevent future occurrences.

12. AUTOMATED DECISION-MAKING

We do not engage in automated decision-making or profiling that produces legal effects or significantly affects individuals. Any automated processing is limited to:

• Technical website optimization
• Basic analytics and reporting
• Spam and fraud detection

13. CONTACT AND COMPLAINTS

For privacy-related inquiries: Data Protection Officer: Raphaël Libert Email: raphael@facing.digital Phone: +33 650 70 21 37 Address: 14 Rue Bausset, 75015 Paris, France

Supervisory Authority: CNIL (Commission Nationale de l'Informatique et des Libertés) Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 Website: www.cnil.fr Phone: +33 1 53 73 22 22

14. UPDATES TO THIS POLICY

This Privacy Policy may be updated to reflect:

• Changes in applicable laws
• New services or features
• Improved data protection practices
• Feedback from users and authorities

Notification of changes:

• Prominent notice on our website
• Email notification for significant changes
• Updated "Last Modified" date below

Your continued use of our services after changes constitutes acceptance of the updated policy.

15. SPECIFIC PRODUCT PRIVACY NOTICES

15.1 deejay.land® Platform:

• DJ profile and event data processing
• Music and multimedia content handling
• Social media integration privacy
• Global event calendar data management

15.2 FACING.SOCIAL:

• Social media aggregation and display
• Real-time data processing
• Multi-platform integration privacy
• Performance optimization data

15.3 JayPass:

• [Specific privacy details to be added based on product features]

Last Modified: July 19, 2025 Version: 1.0