Privacy policy

I. Who we are

This Policy applies between you, the user of the Opendatasoft Academy website and us Opendatasoft, the owner and provider of the Opendatasoft Academy. This Policy applies to our use of any and all data collected by us in relation to your use of the Opendatasoft Academy.
This Privacy Policy is drawn up by Opendatasoft SAS (hereinafter referred to as "Opendatasoft" or "we"), a French société par actions simplifiée (simplified company) with a share capital of €399 509, registered in the Paris Trade and Companies Register under number 538 168 329, whose registered office is located at 32 Avenue de l'Opéra, 75002, Paris (France).

II. How are we committed to protecting your data?

1. Overview of the GDPR and the aims of this Privacy Policy

We are committed to protecting your data and protecting and safeguarding your privacy. Protecting the personal data of our customers and users and the personal data we may receive from them via Opendatasoft Academy is one of our main concerns. Accordingly, we strive to ensure compliance with French Data Protection Act No. 78-17 of 6 January 1978 as amended and with the EU General Data Protection Regulation No. 2016/679 (the "GDPR") that came into force on 25 May 2018.
This Privacy Policy explains how and why we may collect and process personal data and how you can exercise your rights.
Should you have any questions about this policy or our compliance in general, please contact our Data Protection Officer at dpo@opendatasoft.com.

2. Who should read this Privacy Policy?

This Privacy Policy is designed for anyone who provides or entrusts personal data to us via Opendatasoft Academy.
We may update it, in particular to reflect any changes to our services, the technology used or the applicable regulations. Updates will take effect as soon as they are posted on our website.

3. What is "personal data"?

The French Data Protection Act and the GDPR define "personal data" as any information relating to a natural person who can be identified, directly or indirectly, such as the surnames, forenames and email and postal addresses of natural persons, their image, an IP address or location data etc.

III. Does Opendatasoft process personal data?

We may collect personal data when you visit Opendatasoft Academy or contact us. We process this personal data as a data controller, meaning that we determine the means and purposes of our processing operations.
Customers using Opendatasoft Academy may also entrust personal data to us. We process this data as a data processor, meaning that we process personal data on behalf of our customers, in accordance with documented instructions only. This data is processed under the responsibility of the customer and if special categories of personal data are to be processed, the customer must ensure full compliance with the provisions of the GDPR and any other applicable laws or regulations.

1. What types of personal data does Opendatasoft process as a data controller?

When you browse our website, we may process:
  • your name
  • your contact information such as email addresses;
  • your IP address (automatically collected);
  • your web browser type and version (automatically collected);
  • your operating system (automatically collected);
  • a list of URLS starting with a referring site, your activity on this Web Site, and the site you exit to (automatically collected)

2. What are the purposes of the personal data processing operations performed by Opendatasoft as a data controller?

We process personal data to provide and improve our services, mainly for the following purposes:
  • to provide our services (new account, proper operation and improvement of the platform and preventing computer fraud etc.);
  • to help you use our Solution and services;
  • to send you information and newsletters;
  • to contact you to invite you to demonstrations and webinars and communicate about new features or any other commercial offers.

3. What is the legal basis for the processing operations?

Depending on your status (customer or user of Opendatasoft Academy), the legal basis for our personal data processing operations will be one of the legal bases set out in Article 6 of the GDPR, namely:
  • performance of a contract;
  • your consent;
  • compliance with a legal obligation;
  • our legitimate interests.

4. How long do we keep personal data?

We retain the personal data we process as a data controller for a limited time only, until the deletion of your account.

To learn more about the duration of our cookies, please click here.

5. Who will receive my data?

Your Personal Data will only be sent to authorized Opendatasoft personnel with a need to know, treated as confidential and will not be sold or shared with third parties without your permission.

Opendatasoft uses certain trusted third parties to perform functions and provide services to you, including, without limitation, hosting and and IT maintenance/support :
- Learnworlds

In the event that certain third parties mentioned above are located outside the European Economic Area (EEA), Opendatasoft will ensure that the transfer of Personal Data is subject to appropriate safeguards and a high level of protection (for example, based on the signing of contractual clauses or other mechanisms).

6. What rights do I hold? How can I exercise them?

You own the personal data you provide to us directly or that we may collect or process through our website and/or when you use our Solution and services.
You may therefore object to the processing of your personal data or restrict its processing and you also have a right of access, a right to rectification and erasure and a right to data portability. These rights may be exercised by submitting a request to dpo@opendatasoft.com. However, this may limit your access to or use of our Solution and services.
Your request will be processed within one month of receipt. If we have reasonable doubts about your identity, we may ask you to provide a copy of an identity document to check you are who you say you are. This will only be retained by us until your request has been processed.
Please also note that if you submit a data subject request for data processed by us as a data processor, we will promptly forward it to the data controller (for example: for a data subject request for data in a dataset), who will then address your request.
To find out more, submit a request or lodge a complaint, please email our Data Protection Officer at dpo@opendatasoft.com.
You can also find out more about data protection and your rights by contacting the French Data Protection Authority (www.cnil.fr).