Data privacy

Privacy Policy

Effective as of 15/05/2023

Download as PDF

The purpose of this Privacy Policy is to provide you with all the information regarding the conditions under which Zabibu collects and processes your Personal Data.

The Privacy Policy is part of the T&C's (when applicable to you) and the Software's TOS, and each term defined in these documents has the same meaning in this Privacy Policy.

By accessing and using our websites and/or Zabibu Software, you agree to review this Privacy Policy, which can be modified or updated at any time without prior notice.

Any changes will be posted on the Site, and we advise you to regularly check it.

I. Purpose of Processing and Nature of Personal Data Processed

  1. 1.1. We collect and process the Personal Data that you voluntarily provide to us to access and use the Software, to make requests to our teams (demonstrations, free trial, partnership requests, sponsorship or others) or to access our online resources.

    We also collect and process data related to our Users' preferences and traffic on our sites (such as the IP addresses of our Site visitors).

    Furthermore, we also receive data about you from our partners, who collect it directly from you, or from public sources, as well as from our Clients who might wish to refer you for a subscription.

    More specifically, we process your Data to enable:

    • the creation of accounts on our websites (Zabibu Account, Trial Account, Account on our presentation platform) to access the Software and use our services;
    • the provision of our different websites (the Site, our training platform), and their various features.
    • the downloading of our online resources;
    • the management and tracking of services (creation of services, creation of clients, payments, complaints and User Support);
    • the improvement of our commercial service. In this context, we may record your phone calls with our sales teams;
    • the monitoring of Customer satisfaction (surveys, tracking of Customer reviews);
    • the management of technological and commercial partnerships;
    • the management of prospecting and information requests (sending of commercial and marketing offers, newsletters, white papers, online demonstration requests, quote requests…);
    • the improvement of our services, by placing cookies on the users' devices;

    To open an Account, you must at least provide us with the following personal identification information to use the Software:

    • Your last name
    • Your first name
    • Your email address
    • Your phone number
    • Password

    You can complete your profile with other Personal Data (address, another phone number, birthdate, photo, names of your clients or prospects, etc.).

    We will never collect or process sensitive Personal Data as defined by the regulations, concerning for example racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health, etc.

  2. 1.2.We collect information relating to the contractual relationship we have with you: history, subscribed Modules, billing and payment elements, requests and incidents reported to the support service…

  3. 1.3.We also collect data about you during our phone calls, which are likely to be recorded for the purpose of improving our service.

  4. 1.4. We collect through certain cookies automatically deposited on your device, or other cookies subject to your express consent, some Personal Data during your visits to our Site (zabibu.co) or when using the Software: for example, the date, time and duration of your visit to our Site, the path of your navigation, the type of your operating system, etc.

    A cookie is a small text file sent by the Internet site consulted by the User in his Internet browser or on the device used. Its function is either to allow the site to operate, facilitate navigation (remember technical choices, past activity), improve the use of the site and service and better understand the User's experience.

    The maximum lifespan of a cookie is 13 months.

    Our Cookie Policy is available here.

II. Legal Bases of the Processing We Carry Out

We only use Personal Data in cases provided for by current regulations, which are:

  • Execution of the service provision contract relating to your use of the Zabibu Software or pre-contractual measures;
  • Compliance with a legal obligation;
  • Your consent to use your data (regarding cookies): You can, at any time, withdraw this consent, without this affecting the legality of the processing based on the consent given prior to its withdrawal;
  • Our legitimate interest in conducting prospecting or promotional operations concerning us or our subsidiaries (information about our products and services, our promotions or the events we organize within the ZABIBU group).

III. Processing of Personal Data

ZABIBU collects and processes your Personal Data in a fair and lawful manner, and in compliance with the principles of European Regulation 2016/679 of April 27, 2016 (GDPR).

This Privacy Policy describes ZABIBU's obligations as the controller of your Personal Data under the GDPR.

ZABIBU has appointed a Data Protection Officer (DPO) who continuously pilots Zabibu's compliance with the principles and rules of the GDPR and whom you can contact at dpo@zabibu.co.

The DPO's mission is particularly to: 

  • Inform and advise the Data Controller on the application of the GDPR in the company;
  • Raise awareness among Zabibu's collaborators about the protection of Users' Personal Data;
  • Support them during the implementation of processing;
  • Respond to requests related to the exercise of your rights, in accordance with Article VIII.

IV. Retention of your Personal Data 

4.1. Security 

ZABIBU does everything possible to prevent the loss, misappropriation, intrusion, unauthorized disclosure, alteration, or destruction of the Personal Data you communicate to us.

Thus:

  • The Data is stored on our own servers, which are hosted within Amazon Web Services infrastructure. The control of the servers' security and the update of our operating Software is carried out in real time.
  • All the information you transmit to us is encrypted [TLS V1.3 protocol].
  • ZABIBU's collaborators are subject to an obligation of confidentiality and non-disclosure and have all signed a specific commitment relating to the protection of Personal Data.
  • Access to your Data is governed by a strict access control policy, reserved for authorized individuals, under defined conditions.
  • When we use service providers to process Personal Data, we have previously verified that these providers guarantee an equivalent level of protection in terms of security.

For more information, refer to our Security FAQ, available here.

4.2. Duration

ZABIBU retains your Personal Data in accordance with the following legal and regulatory provisions:

  • We keep information related to the management of the customer account, orders, invoicing, payments for 10 years after the end of the contract or the last contact from the inactive customer.
  • We keep information related to the creation and management of prospect files for 3 years from the last contact from the prospect.
  • We keep the Data of inactive customers for the purpose of sending information on our commercial offers and marketing, within a period of 3 years after the end of the Commercial relationship.
  • We keep recordings of telephone calls between you and our sales teams for a period of six (6) months.

  • We are obliged to keep for 1 year the following Personal Data resulting from the creation, modification or deletion of User Content:

    • - Connection identification;
    • - Identification given by the terminal;
    • - Types of protocols;
    • - Nature of the operation;
    • - Date and time of the operation;
    • - Identification used by the author of the operation.

When the retention of Data is no longer justified by the management of a customer account, a legal obligation, commercial requirements, the assertion, exercise or defense of our rights in court, or when you ask us to apply one of your rights (Article VIII), we securely delete your Data.

4.3. Account Cancellation

You can also request that your Account be deleted under the T&Cs. Your Data will then be deleted under the conditions of article 4.2. above.

V. Recipients of your Personal Data

5.1. Access to your Data by ZABIBU group collaborators

Depending on the purposes defined in article I, the collaborators of the customer service, support, administrative, accounting, legal, technical, marketing & commercial departments of the ZABIBU group are likely to have access to Personal Data.

Access to your data is based on individual access authorizations, as specified in article 4.1.

5.2. Transmission of Data to third parties

ZABIBU may subcontract the following services:

  • Hosting
  • Sending of postal or digital mail
  • Customer relationship management
  • Maintenance
  • Technical developments

In accordance with Article 28 of the GDPR, access to your Data by our subcontractors is provided for and regulated by a contract. This contract that binds us with our subcontractors lists the various regulatory obligations that weigh on him in terms of the protection of Personal Data.

Furthermore, ZABIBU is likely to transmit Data to third parties (for example, to commercial partners), in compliance with its regulatory obligations.

5.3. Limitations on the use of your data as a Gmail account user

You have the option to sync your Gmail account to ZABIBU CRM Software via a connection application. In order to enhance the security and privacy of your user data from a Gmail account, and notwithstanding any other provision of this Privacy Policy, the use of your data by the connection application is subject to the following restrictions:

  • The connection application uses access to your Gmail User data only to perform the following actions: read, write, modify or control the content of Gmail messages (including attachments) and metadata, in order to provide a web mail client allowing users to compose, send, read and process emails;
  • The connection application never transfers this Gmail data to third parties, unless it is necessary to provide and improve the functionality of the connection application, to comply with applicable laws, or as part of a merger, acquisition or sale of assets;
  • The connection application does not use this Gmail data to broadcast advertisements;
  • The application does not allow a human person to read these data, unless you expressly authorize us for certain specific emails, for security reasons (investigations into abusive use), to comply with applicable regulations, or for an intervention on the application internally provided that the data has been previously aggregated and anonymized.

The use by Zabibu and the transfer to any other application of the information received from Google accounts is carried out in accordance with the Google API Services User Data Policy, including the Limited Use requirements.

VI. Transfer of Personal Data outside the European Union

We host your Personal Data within the European Union (article 4.1).

However, we may need to transfer some Personal Data to our subcontractors located outside the European Union. In this case, we ensure beforehand that appropriate guarantees are provided to frame any transfer of Personal Data (such as the Standard Contractual Clauses of the European Commission accompanied by additional security guarantees), in accordance with the GDPR and the recommendations of the European Data Protection Board.

We may need to disclose your Personal Data to a third party if we are compelled by law, a regulatory provision, or a court order, or if this disclosure is necessary for the purposes of an investigation, injunction or a judicial procedure initiated by a national authority, on national territory or abroad.

VII. Communications from ZABIBU

  1. 7.1. We may send you emails to the email address associated with your Account for reasons related to our business relationship, namely, technical or security reasons, administrative reasons related to your Software Subscription, your participation in our events, or to inform you about the evolution of our service offer.

  2. 7.2.We may also send you SMS or emails containing promotional and marketing offers, from which you can unsubscribe under the conditions recalled in article VIII. If you unsubscribe from these communications, you will still receive the communications listed in article 7.1.

VIII. Exercise of Users' Rights

In accordance with the French law "Informatique et Libertés" and the European Regulation 2016/679 of April 27, 2016 (GDPR), in force since May 25, 2018, you have the following rights concerning processing:

  • Right of access and rectification
  • Right to object
  • Right to erasure
  • Right to portability
  • Right to limit processing

You can:

  • Modify your Personal Data directly from your ZABIBU Account, if you have one,
  • Manage the receipt of promotional communications (not related to a transaction) by simply clicking on the "unsubscribe" link at the bottom of the emails sent by ZABIBU,
  • Object to the recording of our telephone exchanges by indicating it to your interlocutor or by asking us to delete the recording, by email at the address: dpo@zabibu.co

You can exercise these rights by writing to us at the following postal address: ZABIBU – 50 avenue du Ngombe 1500 Kinshasa, or by writing directly to our DPO at the address mdpo@zabibu.co

Any request must be justified and accompanied by a copy of a valid identity document.

You have the possibility to file a complaint with the National Commission for Information Technology and Liberties (CNIL), at the following address:

CNIL – Complaints Service, 3 Place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07 - phone: 01 53 73 22 22.

Download in PDF