lemwarm logo

Privacy lemwarm

Legal

Publisher: The website https://blog.lemwarm.co/, https://help.lemwarm.co/, and https://lemwarm.co/ are published by:

The company LEMPIRE
Simplified joint stock company with a capital of 1 024,00 euros
Registered with the RCS of Paris under the number 823 475 082
Head office : 128 rue La Boétie - 75008 Paris - France
Intra-community VAT number: FR61823475082
E-mail address: contact@lempire.co

Director of the publication: Mr Guillaume MOUBECHE, President of LEMPIRE company

Hosting provider: The website https://blog.lemwarm.com/ is hosted by:
The company  Webflow, Inc.
Head office : 398 11th St., Floor 2, San Francisco, CA 94103.
E-mail address: contact@webflow.com

lemwarm Privacy Policy

as of August 23rd, 2022
Privacy and security are of utmost importance to lemwarm (hereinafter known as “lempire”,“Provider,” “us”, “we”, “the App” or “the Site”) and we strive to ensure that our technical andorganizational measures in place respect your data protection rights.This Privacy Policy describes how we manage, process and store personal data submitted in thecontext of providing our services. “Personal data” refers to any information relating to anidentifiable individual or his or her personal identity.

PERSONAL DATA COLLECTED

In subscribing to our services or filling in a contact form on our website (http://lemwarm.co) orother sites owned by lempire, you agree and accept that we may gather, process, store and/oruse the personal data submitted in accordance with the rules set forth below.By giving your consent to us, you also retain the right to have your personal data rectified, to beforgotten and/or to be erased.

1. Identity and contact details of the data processor

Personal data is collected on our website by lempire SAS, a company registered under France lawnumber 823 475 082 with the Paris Trade & Companies Register, and having its registered officeat 128 rue La Boétie, 75008 Paris, France.

2. Data collected on the site

Classification

Collected data are classified as either:
Confidential
  • Information intended for use only by specific individuals on a need-to-know basis
  • Information protected by law, contractual obligation, or policy
  • Information with the potential for severe negative repercussions to lempire’s reputation, resources, services, or individuals if disclosed
Internal
  • Information intended for lempire use only
  • Non-public information that does not reach the sensitivity of Confidential
  • Information with the potential for moderate negative repercussions to lempire’s reputation, resources, services, or individuals if disclosed
Public
  • Information intended to be publicly available
  • Information that poses little or no risk to lempire’s reputation, resources, services, or individuals if disclosed
All confidential data are encrypted at rest.

Data collected

When you subscribe to our services, the following data is collected and managed (note that thereis no aggregated elements)
Data element
Isolated
Access tokens and resume tokens (Microsoft) and Passwords (lempire applications, SMTP/IMAP)
Confidential
email address, first name, last name, company name, Intra-community VAT number (when applicable), login, password, mailing address, country, phone number, IP address(es) and domain name, user application notifications,  team activity logs, order history, complaints, incidents, information on subscriptions and messages on our site. Some data is collected automatically by reason of your activity on the site (see paragraph on cookies below).
Internal
pages templates
Public

The data submitted should not include any sensitive personal data, such as governmentidentifiers (i.e. social security, driving licence, or taxpayer identification numbers), completecredit card or complete personal bank card numbers, medical records or particulars connectedwith applications for care or treatment associated with private individuals.

Data handling

The chart below summarizes the requirements for handling information based on classification.Information comingled with multiple classifications must always be handled with the highestapplicable classification (e.g. public information that is stored or transmitted along withConfidential information may be encrypted in order to simplify the use of encryption solutions).

Confidential
Distribution
  • Not shared with third parties
  • Customer information never included in reports, regardless of accompanying data
Labeling
  • Documents, spreadsheets, presentations and text files labeled “Confidential”
  • All paper documents labeled “Confidential”
Paper documents
  • Only printed when there is a legitimate business need and no reasonable alternative, with management approval
  • Stored in a locked cabinet
  • Placed in destruction bin for shredding immediately after use
Electronic files
  • Stored and transmitted in clear text on lempire corporate systems
  • Deleted or wiped from electronic media immediately after use
Public
Distribution
  • Shared with anyone internal or external to lempire
Labeling
  • Not labeled
Paper documents
  • Recycled conventionally when no longer needed
Electronic files
  • Stored and transmitted in clear text
  • Deleted or wiped from electronic media immediately after use

3. Purposes of processing and legal basis

Your personal data is processed to meet one or several of the following purposes. Each purposeis associated with a legal basis, the list of which can be found below.On the basis of our legitimate interest of offering you a safe, optimum, efficient and personalizedexperience, we carry out processing operations for the following purposes:

  • To solve any problems and improve the use of our sites and services;
  • To personalize, assess, and improve our services, content and materials;
  • To analyze the volume and history of your use of our services;
  • To inform you about our services as well as our partners’ services and/or promotional offers.

On the performance basis of a contract to which you are a party, we carry out processingoperations for the following purposes:

  • To provide our services;
  • To facilitate performance, including verifications relating to you.

On the bases of your consent or legitimate interest, we carry out processing operations for thefollowing purposes:

  • To facilitate performance, including verifications relating to you.

On the basis of the compliance with our legal and regulatory obligations, we carry out processingfor the following purposes:

  • To prevent, detect and investigate any activities that are potentially prohibited, unlawful, contrary to good practices and to ensure compliance with our terms of use and sending policy.

We use the personal data submitted to us only in accordance with the applicable data protectionlegislation.

4. Newsletter and marketing emails

For those of you that have expressly opted in to receive our lemwarm newsletters and emails, youare easily able to unsubscribe by following the “unsubscribe” links included in every email sent.

5. Email statistics

Without systematically doing so, we may analyze and track the various rates (for example: click,open, bounce rates) and the number of emails sent with lemwarm which you open to assessperformance rates on your emailing campaigns.

6. Testimonials

lemwarm publishes a list of Customers & Testimonials on its sites with information on ourcustomers’ names and job titles. lemwarm undertakes to obtain the authorization of everycustomer before publishing any testimonial on its websites. If you wish to be removed from thislist, you can send us an email to privacy@lemwarm.com and we will delete your informationpromptly.

7. Third party disclosures

Personal data relating to you collected on our website are destined for lemwarm’s own use andmay be forwarded to lemwarm’s partner companies so that we may obtain assistance andsupport in the context of carrying out our services. lemwarm ensures that it has in place cleardata protection requirements for all of its third party providers.lemwarm does not sell or rent yourpersonal data to third parties for marketing purposes whatsoever.In addition, lemwarm does not disclose your personal data to third parties, except if: (1) you (oryour account administrator acting on your behalf) requests or authorized disclosure thereof; (2)the disclosure is required to process transactions or supply services which you have requested(i.e. to check you are employing best practices in your mailings or for the purposes of processingan acquisition card with credit-card issuing companies); (3) lemwarm is compelled to do so by agovernment authority or a regulatory body, in the case of a court order, a summons to appear incourt or any other similar requisition from a government or the judiciary, or to establish or defenda legal application; or, (4) the third party is a subcontractor or sub-processor of lemwarm in thecarrying out of services (for example: lemwarm uses the services of an Internet provider, atelecommunications company, a host provider, CRM tools, customer support client tools, invoicestools, payment tools, analytics tools).

8. Your data protection rights

In accordance with the French Data Protection Laws and the European General Data ProtectionRegulation 2016/679 (GDPR) you have several rights related to the collection of your personaldata:

  • Right to be informed: This is precisely why we have drafted this privacy policy.
  • Right of access: You have the right to access all your personal data at any time.
  • Right to rectification: You have the right to rectify your inaccurate, incomplete or obsolete personal data at any time.
  • Right to restriction of processing: You have the right to restrict the processing of your personal data in certain cases stated in art.18 of the GDPR.
  • Right to erasure (‘right to be forgotten’): You have the right to demand that your personal data be deleted and to prohibit any future collection.
  • Right to file a complaint to a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a breach of applicable regulations.
  • Right to define instructions related to the retention, deletion and communication of your personal data after your death.
  • Right to data portability: You have the right to receive the personal data you have provided us in a standard machine-readable format and to require their transfer to the recipient of your choice.
  • Right to object: You have the right to object to the processing of your personal data. Please note however that we may continue to process your personal data despite this opposition for legitimate reasons or for the defence of legal claims.

You can exercise these rights by sending us a support ticket directly on the support chat (eitheron the website or on the app) or, by sending an email at privacy@lemwarm.com. Your requestswill be processed within 30 days. We may require that your request be accompanied by aphotocopy of proof of identity or authority.You are also able at any time to modify personal data by logging into your account and navigatingto “User Settings”.

DATA RETENTION PERIODS

Your personal data is kept for the periods set out below.

  • Personal data collected for the execution of the services as well as information about howand when you use the services: The time needed to provide to you our services, and in noevent no longer than 3 years after closing your account (unless otherwise required by law).
  • Personal data collected in order to send newsletters, requests and direct marketing: 3 yearsfrom data collection or last active contact with the prospect.
  • Personal data collected for evidentiary purposes: Duration of the statutory limitation period(generally 5 years).
  • Personal data collected as part of your data subject’s rights: If we ask you for proof ofidentity, we only retain it for the time necessary to verify your identity. Once the verificationhas been carried out, the proof is deleted.

LOCATION OF DATA STORAGE AND TRANSFERS

The host servers on which lemwarm processes and stores its databases are located exclusivelywithin the European Union.

lemwarm will inform you immediately, to the extent we are legally authorized to do so, in case ofany application or order originating from an administrative or judicial authority relating to yourpersonal data.Regarding the tools we use (see article “Third party disclosures” on recipients of the collecteddata, concerning our processors), your personal data could be transferred outside the EuropeanUnion. The transfer of your data within this framework is secured by the following safeguards:

  • Either these data are transferred to a country which has been deemed to offer an adequatelevel of protection by the European Commission;
  • Or we have concluded with our processors a specific contract governing the transfer of yourdata outside the European Union, based on the standard contractual clauses approved by theEuropean Commission between a data controller and a processor.

SECURITY

Within the framework of its services, lemwarm attributes the very highest importance to thesecurity and integrity of its customers’ personal data.

Thus and in accordance with the GDPR, lemwarm undertakes to take all pertinent precautions inorder to preserve the security of the data and, in particular, to protect them against anyaccidental or unlawful destruction, accidental loss, corruption, unauthorized circulation oraccess, as well as against any other form of unlawful processing or disclosure to unauthorizedpersons.

To this end, lemwarm implements industry standard security measures to protect personal datafrom unauthorized disclosure. Using industry recommended methods of encoding, lemwarmtakes the measures necessary to protect information connected with payments and credit cards.Moreover, in order to avoid in particular all unauthorized access, to guarantee accuracy and theproper use of the data, lemwarm has put the appropriate electronic, physical and managerialprocedures in place with a view to safeguarding and preserving the data gathered through itsservices.

Notwithstanding this, there is no absolute safety from piracy or hackers. That is why in the eventa breach of security were to affect you, lemwarm undertakes to inform you thereof without unduedelay and to use its best efforts to take all possible measures to neutralize the intrusion andminimize the impacts. Should you suffer any loss by reason of the exploitation by a third party ofa security breach, lemwarm undertakes to provide you with every assistance necessary so youare able to assert your rights. Moreover if, by some exceptional case, the direct loss incurred arosedue to fault or gross negligence by lemwarm, you will be able to seek compensation within thelimit of liability referred to in our Terms of Use.

You should keep in mind that any user, customer or hacker who discovers and takes advantage ofa breach in security renders him or herself liable to criminal prosecution and that lemwarm willtake all measures, including filing a complaint and/or bringing court action, to preserve the dataand the rights of its users and of itself and to limit the impacts.

PRIVACY POLICY CHANGES

lempire reserves the right to update this Privacy Policy at any time, in particular pursuant to anychanges made to the laws and regulations in force. Any modifications made will be notified to youvia our Website or by email, to the extent possible, thirty (30) days at least before any changescome into force. We would recommend that you check these rules from time to time to stayinformed of our procedures and rules relating to your personal information.

CONTACT US

If you have questions, you can email us at Data Protection Officer directly at: privacy@lemwarm.co or by mail to: lempire SAS, Attn: Data Protection Officer / Legal Department, 128 rue La Boétie, 75008 Paris, France.