The company ARGO, a simplified joint stock company with a capital of 37,312.70 euros, whose registered office is located at 1 place Francis Ponge 34000 Montpellier (France), registered in the Montpellier Trade Register, under number 804 465 276 (“ARGO”), publishes and operates the STQR* application (the “Application”) that it offers to its Professional Clients.
STQR Manager (“Manager“) refers to the platform made available to Client and Users under an ARGO license to create a web experience in the browser with the purpose of personalizing a QR code with a unique and personal video message.
- “Client” means the company with which ARGO has entered into a contract relating to the provision of STQR services.
- “Data” means any information transmitted by the User to ARGO in the course of using the Application, including Personal Data.
- “Personal Data”or “Personal Data”means any information relating to an identified or identifiable natural person, directly or indirectly, by reference to an identification number or to one or more elements specific to that person;
- “Sensitive Personal Data” means any information concerning racial or ethnic origin, political, philosophical or religious opinions, trade union membership, health or sex life as well as genetic or biometric data. In principle, the processing of Sensitive Data is prohibited unless, in particular, the data subject has given his express consent.
- “User” means any person using the Services provided on the Application;
- “Processor” means the natural or legal person who determines the purposes and means of a Data Processing. ARGO is the Data Controller of Your Data.
- “Subprocessor” means the natural or legal person who processes Data on behalf of a third party Data Processor.
- “Services” means the Stqr services provided by ARGO through the Application
- “Processing of Personal Data” means any operation, or set of operations, relating to personal data, regardless of the process used (collection, recording organization, storage adaptation, modification, extraction consultation, use, communication by transmission or dissemination or any other form of provision, matching) performed by ARGO in the context of the use of the Services.
- Data collected
2.1. Nature of the Data collected from Users
- Identity Data (image, voice, last name, first name email address)
You agree to provide updated and valid Personal Data and warrant that you will not make any false statements or provide any incorrect information.
- Mandatory and optional nature of Personal Data collected
When creating your Profile on the stqr Application, you are asked to provide the following information:
- A Name (it does not have to be valid)
- A valid email address
- A Password
This personal data must be provided to us insofar as it is strictly necessary for the use of our Services. The mandatory nature of the information requested is indicated to you at the time of collection. Failure to provide said Data will prevent you from accessing and/or using the Services.
The other Personal Data collected are optional. You are therefore free to inform them or not. However, they allow us to personalize the Services we offer you and to improve your browsing experience on the Application.
- How is your Personal Data collected?
- Creating your personal account
Your personal data is collected via the registration form in the stqr application when you upload your first personal video.
The creation of a user account is mandatory to add your video. This personal account allows you to edit, update or delete your videos.
If you choose to register via Google or Facebook connect, your personal data (Name/Email Address) is shared with us by these third party services.
ARGO only uses this data for the purpose of operating the stqr application.
A RGPD consent pop up form during account creation allows you to share your Email address with the stqr experience provider, the “Client”ARGO, but this consent is not mandatory and is your choice. It allows the ARGO Client to contact you in connection with this experience only.
On the same form, you can also allow or disallow the placement of a local cookie so that you do not have to re-identify yourself the next time you use the service.
- Purposes of data collection
Personal Data is collected for the following purposes:
- to provide the Services to Users and to allow for optimal operation
- to tailor the Services to the requirements of the Client and Users,
- to meet a legal or regulatory obligation,
- to meet the legitimate interests of ARGO and in particular to fight fraud and ensure the security of the Services,
- To carry out audience measurements for statistical purposes of use of the stqr service
The collection of your personal data in this context is based on your express, free and informed consent. You have, moreover, the possibility to withdraw your consent at any time
- Who has access to your personal data?
6.1. ARGO staff
The Personal Data collected are processed by duly authorized persons within ARGO namely, and depending on the nature of the processing and the category of Personal Data concerned, ARGO’s legal representatives and its employees in charge of marketing, IT and client service.
6.2. ARGO’s subcontractors
In the course of carrying out its activities and providing its Services, ARGO may use subcontractors who process Personal Data on its behalf and under its instructions. In accordance with the GDPR, ARGO requires its subcontractors to provide sufficient guarantees that they have implemented appropriate technical and organizational measures to ensure the security and confidentiality of your data.
ARGO uses subcontractors located in countries offering an adequate level of protection either because they are subject to the provisions of the RGPD or, in accordance with Article 45 of the RGPD because they benefit from an adequacy decision of the European Commission. Failing that, ARGO undertakes to implement any appropriate mechanism to ensure an adequate level of data protection and in particular standard contractual clauses established by the European Commission.
More information about the guarantees offered by ARGO’s subcontractors can be obtained upon request at [email protected].
6.3. Other potential recipients
ARGO may be required to pass Your Personal Data to companies, organizations or third parties only after obtaining your prior consent and only in the following cases:
- fulfill our legal and regulatory obligations,
- identify, prevent or address fraudulent activity, security breaches or other technical problems with the Services;
- to assert a legal claim
- to conduct joint business operations with a Partner
- How long is your personal data kept?
ARGO keeps your personal data, in a form that allows you to be identified, in an active base for the time strictly necessary to achieve the purposes pursued and for which they are collected and processed.
Your Personal Data may also be archived involving supervised, limited and justified access, for the time necessary (i) to comply with ARGO’s legal and regulatory obligations (accounting, taxation: 10 years), and/or (ii) to enable it to assert a legal right, before being permanently deleted.
- How does ARGO ensure the security and privacy of your Personal Data?
ARGO undertakes to process your Personal Data in a lawful, fair, transparent, proportionate, relevant manner, strictly within the framework of the purposes pursued and announced, for the duration necessary for the processing set up and in a secure manner.
ARGO implements and updates appropriate technical and organizational measures to ensure the security and confidentiality of your Personal Data by preventing it from being distorted, damaged or communicated to unauthorized third parties. As such ARGO makes available to Users a Data Management Platform allowing you to access in real time the Personal Data entrusted to you.
ARGO ensures the protection and security of Personal Data collected to ensure its confidentiality and to prevent it from being damaged, misused, destroyed or disclosed to unauthorized third parties.
As such, ARGO has taken physical, electronic and organizational safeguards to prevent loss, misuse, unauthorized access or distribution, alteration or destruction of Personal Data. Among these safeguards, STQR incorporates specially developed technologies to protect Personal Data during transfer. As all Personal Information is confidential, access is limited to ARGO employees, service providers and subcontractors who have a strict need to know in the course of their duties. All persons with access to Your Personal Data are bound by an obligation of confidentiality and may be subject to disciplinary action and/or sanctions for failure to comply with these obligations.
However, it is important that you take care to prevent unauthorized access to Your Personal Data. You are responsible for maintaining the confidentiality of your password and account information. Therefore, User is encouraged to ensure that each session is logged out when using the same cell phone and/or computer.
- What are your rights to your Personal Data?
You may, upon written request sent to the following address:[email protected] access your Personal Data, request its rectification or limitation, deletion or portability, or demand to be removed from ARGO’s database.
To exercise your rights of access, rectification, deletion, limitation, portability and opposition referred to above, simply address your request, as follows:
– by e-mail to the following address: [email protected];
–by postal mail to the following address:
ARGO Augmented Documents
1 PLACE FRANCIS PONGE
ARGO will respond to the request within 30 days of receipt.
The exercise of these rights is free of charge. However, in the event of a manifestly unfounded or excessive request, particularly in view of their repetitive nature, ARGO reserves the right to (i) require payment of a fee taking into account administrative costs, or (ii) refuse to comply with the request.
- What happens if your Personal Data is breached?
In the event of a breach of Personal Data, ARGO shall notify the CNIL of the breach as soon as possible, and, if possible, no later than seventy-two (72) hours after becoming aware of the breach, unless the breach in question is not likely to give rise to a risk to the rights and freedoms of Users.
Where a breach of Personal Data is likely to give rise to a high risk to a User’s rights and freedoms, ARGO shall inform the Client and/or the User, in clear and precise terms, as soon as possible, subject to the exceptions provided for in Article 34 of the GDPR.
Without prejudice to any other administrative or judicial remedy, the User who believes that the processing of his Personal Data constitutes a violation of the provisions of the legislation in force may lodge a complaint with a competent supervisory authority such as the CNIL.
- Special categories of data
ARGO is not intended to collect so-called Sensitive Data such as racial or ethnic origin, sexual orientation, health status, political opinions, religious or philosophical beliefs or union membership, or genetic or biometric data.
As a result, User shall refrain from sharing on the Application any Sensitive Data about him or herself or about third parties. Any sharing by the User of Sensitive Data is done without the knowledge of ARGO, which undertakes, as soon as it is notified, to delete it or to make it impossible to access.
- Who should you ask your questions to?
Users may at any time contact the Personal Data Officer of ARGO, regarding any questions about the processing of their Personal Data and the exercise of their rights as described below, at the following address: [email protected].
*STQR is a non-binding name. The stqr service and technology are offered on a “white label” basis to the Clients of the ARGO Group who have full freedom to customize and modify the name of the experience according to the operational device of their choice.