This policy applies to the meeting scheduling service (hereafter referred to as the “Service“), contact data collected on Julie Desk websites (hereafter referred to as the “Websites“) and other interactions (such as support request or commercial relationship management) between users and Julie Desk. This policy aims to inform users of the processing of their data and their rights in accordance with the European General Data Protection Regulation (GDPR).
Table of Contents
1. Data collection
Julie Desk collects information about its users in the following ways:
- Contact data. Julie Desk collects contact information from its users through its Websites and when using the Service. This data is collected in the context of filling in forms on the Websites as well as in the context of e-mail exchanges produced by the use of the Service. This data includes the following information:
- First name
- Personalization data. Julie Desk collects personalization information through its personalization application (for users of the service) or by communication with the support. This includes the following data:
- Business addresses
- Time preferences
- Other means of contact (such as instant messaging identifier, conference call number, etc.) defined by the user
- Location data. Julie Desk collects location data related to calendar events. This information is collected either via the content of emails sent to the service or via existing calendar events.
- Monitoring data. Julie Desk automatically collects tracking metadata on its Websites. This collection includes:
- Other data. Julie Desk can be used by email and connects to its users’ calendars. Other data may be transmitted by the user and its contacts via these means of communication.
2. Data Processing
The collected data is processed in accordance with the user requests, the contractual obligations that bind Julie Desk and its customers and applicable laws.
This data is used for:
- Monitoring the use and protecting the security of the services. This includes audience measurement, service error analysis or prevention and detection of technical or security problems.
- Responding to contact requests. The contact information is used to respond to requests, particularly in the event of a commercial or support request.
- Sending newsletters. Newsletters are sent by email about service news, updates or special offers to users who have requested them. These newsletters can be deactivated at any time. This deactivation is not blocking the execution of the rest of the service.
- Provide the meeting scheduling service. The provided contact data and shared calendar information are used to ensure contractual commitments and in particular to :
- define and understand requests
- identify the best time slots according to preferences and constraints
- communicate with customer contacts and create calendar events (meetings) including location, context, schedule and attendees information
The meeting scheduling service is based on automatic decision making (artificial intelligence) combined with manual processing to guarantee the quality of treatment.
- Conducting surveys and monitor usage. Julie Desk may need to contact its clients in particular as part of regular monitoring of usage (support) or to solicit feedbacks regarding the service.
- Improving the quality of the service. Data is analyzed to improve the service. Emails and calendar events are also automatically processed to train and improve the performance of artificial intelligence algorithms.
- Invoicing the service and managing the commercial relationship
Aggregate information for which it is no longer possible to identify individuals (free of any personal information) such as aggregate statistics can be used for commercial purposes.
3. Data Retention Period
The retention period for data provided to the service (e-mails transferred as part of the meeting scheduling service and user calendar events) is defined contractually with the customer or, if no custom contract have been established, in the Terms and Conditions. The retention period of other collected data is defined in the Terms and Conditions. The data retention period is defined in order to meet Julie Desk’s contractual, regulatory and commercial obligations.
4. Information Sharing
This paragraph describes the information sharing policy. The data is not shared or sold to any third party not defined below.
- Communication to customer contacts. Within the framework of the execution of the Service and based on customers instructions in its service solicitation requests, Julie Desk shares the customer’s information with the customer’s contacts explicitly designated by the latter during a meeting organization. This communication is strictly limited to the organization of the meeting and to the concerned participants. Shared information in this case are:
- Customer contact information such as phone numbers
- Instructions such as floor number or teleconference number
- Appointment address such as the client’s office address
- Supervision. If a meeting scheduling request cannot be processed fully automatically, the request and calendar items required for decision making are transferred to a team of supervisors. This task is performed by an external service provider.
- Quality. To ensure service quality, random samples of service requests are manually verified by a team of quality supervisors. This task is performed by an external service provider.
- Support. In case of error, abnormal behavior or direct solicitation, requests are forwarded to a support team.
- Service providers. Contact data, business relationship management and billing data are processed by external service providers.
The security of data processed by the Service (including personal data) is at the heart of the Julie Desk product. Strong safeguards for data confidentiality, integrity and availability have been set up. Julie Desk also has policies and procedures to prevent unauthorized access to data. These include secure development rules as well as privacy by design rules. Julie Desk is currently in the process of complying with the international security standard ISO 27001. To learn more about security practices, you can read our security policy or contact us.
Users who have provided data to the service can contact Julie Desk support (available via the “Contact us” page) to assert their rights:
- Access right. The user may request an extract of its personal information stored and processed.
- Rectification right. The user can ask to modify erroneous information.
- Right to be forgotten. The user can request to delete one or more of its personal information.
- Portability right. The user has the right to retrieve its data. However, the data processed is either contact data or replicated data from the customer information systems, data portability is not necessary in the context of a change to another similar service provider.
In the event of a dispute or query regarding the processing of personal data, the user may contact:
- the Data Protection Officer that can be reached at the following email address: firstname.lastname@example.org
- the local personal data control authority (a list of european data protection authorities can be found here)
By providing personal data, the user consents to its use for the purposes defined above. The consent can be withdrawn at any time by specifying the scope of the change of consent to Julie Desk’s support or any other automated mean made available to the user to exercise this right, such as an unsubscribe link.
It should be noted that the withdrawal of consent for the processing of all or part of personal data may degrade or make the provision of the associated services (including the meeting shceduling service) impossible. A withdrawal of consent will not affect the lawfulness of the processing prior to such withdrawal.
8. Transfer to another country
The service data is hosted in France. Data is transferred to countries outside the European Economic Area (EEA) in the following cases:
- Commercial relations data, invoicing and newsletters
- Supervision and quality review (access to emails sent to the service and user calendar events)
Julie Desk has implemented a procedure to verify the security and personal data protection guarantees of its subcontractors in accordance with the regulations currently being enforced (including the European GDPR).
To get more information concerning international data transfers or specific security measures, you can contact us.
9. Data controller
In the context of providing the meeting scheduling service, the Data Controller responsible for processing the data transferred by email by the customer and his contacts or via the customer’s calendar is the Customer. Julie Desk is a Data Processor.
For other data, Julie Desk is the Data Controller. Julie Desk can be reached via the means of communication specified on the page. “Contact Us”.
This policy may evolve in case of regulatory change or if Julie Desk’s activities changes. If an update of this policy may affect your rights, Julie Desk will contact you by email to notify you of the changes.
Date of update: 27 april 2018