Privacy Policy

Version 1.0

1. Ownership and editorial control

The Website is published by CAPTAIN DATA, a joint stock company with a registered capital of 3.600 €, registered at the Nantes Trade Register under number 838 098 598, whose offices are 1 rue de la Noë 44321 NANTES, France, represented by as President, duly authorized for such purposes.

In order to provide the Website and the Service, CAPTAIN DATA may collect and process Personal Data of the Client.

While using the Service via the Scraping tool, the Client may also create its own Databases, which may include Personal Data. The Client is then data controller and CAPTAIN DATA is data processor. Specifics rules govern this situation, which way vary from the rest of the Privacy Policy, in compliance with Article “DATABASES CREATED BY THE CLIENT”.

Confidentiality of Personal Data is very important for CAPTAIN DATA, who implemented rules and procedures to protect them. The Client must read this Privacy Policy relative to the use of Personal Data with attention.

The Client is informed that Personal Data provided and collected will be automatically processed.

2. Definitions

In this Privacy Policy, the following definitions will apply to all terms which begin with capital letters, in singular or plural:

  • Account”: the account of the Client on the Service, accessible via its login and password, which includes its personal information and use of the Service.
  • Client”: CAPTAIN DATA’s client.
  • Data”: texts/image/videos/localization (non-exclusive list) extracted and compiled in a Database by Scraping.
  • Database”: databases created by the Client while using the Service.
  • Order”: any order of an access to the Service by the Client, from CAPTAIN DATA.
  • Personal Data”: personal data as defined by laws and regulations, collected by CAPTAIN DATA when the Client uses the Website and the Service, or during any Order.
  • Privacy Policy”: the present document, which details the conditions which are applicable to any Personal Data processing by CAPTAIN DATA.
  • Scraping”: process of information (Data) extraction on any website. Any script developed by CAPTAIN DATA or the Client may be reused by CAPTAIN DATA for its needs and business.
  • Service”: the SaaS service provided by CAPTAIN DATA on the Website.
  • ToS” or “Terms of Us”: the terms of use of CAPTAIN DATA’s Website, accessible on the Website.
  • Website”: the website captaindata.co and its components (code, visual elements, databases, documents, etc) edited by CAPTAIN DATA, as well as any other means to load the website (such as a mobile application).

3. Scope and modification of the Privacy Policy

3.1. This Privacy Policy governs the collection, processing and transfer of Personal Data by CAPTAIN DATA while providing the Service and the Website, and processing Orders. It also details how data subjects may use their rights on Personal Data.

3.2. The Client must read the entire Privacy Policy and accept it without reservation.

This acceptance will be expressed by ticking the corresponding box, while registering on the Service or during an Order.

3.3. CAPTAIN DATA reserves the right to modify its Privacy Policy at any moment, by publishing a new version of it on the Website, notifying it to the Client by email or at their next log in to the Service.

If the Client refuses the modified Privacy Policy, the Client may use its refusal right by deleting their Account on the Website. Prior to this Account deletion, the Client may download their data and Databases. In this case, the prior Privacy Policy will remain into force until the end of the Client’s subscription period.

The applicable Privacy Policy is the one in force at the date of use of the Service or the Order.

It applies to all Clients, regardless of their country of origin and of use.

3.4. The Website and the Service may include links to a third-party website. This website may have a different privacy policy and CAPTAIN DATA will not be liable for it.

4. Personal Data collection

CAPTAIN DATA may collect Personal Data in different manners while the Client uses the Service or during Orders:

  • When the Client fills a form on the Website (Account creation and edition).
  • When the Client Orders an access to the Service.
  • When the Client uses the Website and the Service.
  • When the Client uses the Scraping tool within the Service.
  • When the Client contacts CAPTAIN DATA due to an issue with the Website or the Service.
  • When the Client contacts CAPTAIN DATA.

5. Which Personal Data are collected and processed?

CAPTAIN DATA may collect and process the following Personal Data, if they have been provided:

  • Client contact information (name and first name, mail, phone number, postal address);
  • Connection information (IP, browser type, time and location of connection, terminal ID);
  • Data, and Databases, created while using the Scraping tool (upon Client’s request and instructions);
  • Details of the use of the Website and Service, which includes cookies such as: quantity of data received, pages viewed, actions in the Website or Service, etc.

Such Personal Data is necessary for CAPTAIN DATA to comply with its contractual obligations.

6. Payment information

In case of payment, the Client may be invited to provide their payment information.

Any transaction is processed by a payment processor which complies with its legal obligations.

CAPTAIN DATA will not have any payment information as they remain with the payment processor.

The payment processor is Stripe Payments Europe, Ltd.

Its terms of service are accessible at the following address: Stripe Terms of Service (https://stripe.com/fr/ssa).

7. Cookies

CAPTAIN DATA may use the following cookies on the Website and in the Service:

  • Session cookies. These cookies allow to connect to the Account on the Service. They are necessary for the Service and Website to function.
  • Google Analytics (https://marketingplatform.google.com/about/). These cookies allow CAPTAIN DATA to collect traffic statistics. Their installation may be refused as they are not necessary for the Service and Website to function.
  • Hubspot (Cookies set in the HubSpot product). These cookies allow CAPTAIN DATA to collect information on visitors to qualify a prospect.
  • Crisp (Crisp Cookie Policy). These cookies allow CAPTAIN DATA to collect information on users for support purposes.
  • Auth0 (Auth0 Privacy Policy). Collect information to signin and signup users.

Cookie installation may be refused as follows:

Only technical cookies may not be refused as they are necessary for the Website and Service to function.

Cookies are installed for a maximum duration of thirteen (13) months.

8. What use?

Personal Data is collected for CAPTAIN DATA to be able to comply with its contractual obligations towards the Client, such as:

  • Provide a functioning Website and Service
  • Provide the Scraping tool inside the Service
  • Create, upon Client’s instructions, Databases via the Scraping tool
  • Allow the Client to download the Databases created via the Scraping tool
  • Process orders and payments
  • Provide a personalized experience
  • Manage the Website and the Service
  • Update the Website and Service
  • Provide support to the use of the Website and Service
  • Solve disputes regarding the Website and Service
  • Notify any change regarding the Website and Service

Personal Data is not used in any other manner.

9. Data hosting

Personal Data is hosted in the EU, by a provider who comply with computer security industry standards.

By exception, HUBSPOT (which manages the CAPTAIN DATA client/prospect file with the following information: name, first name, email, phone number, company, company address, company legal information, transaction information, website visits and pages consulted, email history) hosts Personal Data in the USA. HUBSPOT is contractually obliged (https://legal.hubspot.com/dpa) to comply with the Privacy Shield terms, which governs transfer of Personal Data from the EU to the USA.

Additionally, CAPTAIN DATA uses Auth0 to signin users and signup new users. More information can be found on the website Auth0 Data Processing and Auth0 GDPR.

No other data will be transferred out of the EU.

10.  Personal Data transfer

Personal Data will never be transferred to a third party without your prior agreement.

CAPTAIN DATA may however transfer the Personal Data as follows:

  • If CAPTAIN DATA is bought by a third party, in which case the Personal Data will be transferred to the buyer, who will be substituted to CAPTAIN DATA in the performance of the Privacy Policy.
  • If CAPTAIN DATA is legally obliged to transfer Personal Data.

CAPTAIN DATA’s subcontractors, which may intervene on the Personal Data are the following:

  • Clever-Cloud for (General) Account data and Databases data. Clever Cloud SAS is a simplified joint-stock company with a capital of 17,625 € Registered at French Trade Register (RCS) in Nantes under the number RCS Nantes B 524 172 699. Its headquarters is located at 3 rue de l’Allier, 44000 Nantes, France. VAT Number: FR 87 524 172 699.
  • Auth0 Inc. for (Users) Account data. Its headquarters is located at 10777 Main Street, Suite 204, Bellevue, WA 98004, United States
  • Hubspot for prospect and Client data. All legal data can be found on their website.
  • Stripe Payments Europe, Ltd. for payments.

11.  Personal Data security

CAPTAIN DATA ensures that Personal Data is hosted in conditions which comply with industry standards.

Website and Service are encrypted with an SSL certificate.

CAPTAIN DATA ensures that all its employees and subcontractors which may process Personal Data have an appropriate confidentiality obligation.

In case of Personal Data breach, CAPTAIN DATA will inform the Client as soon as it is practical.

If the breach concerns persons included in the Databases, the Client will be solely responsible to inform the data subject, as data controller.

CAPTAIN DATA will host Personal Data for the duration of validity of the Account. Databases may be deleted by CAPTAIN DATA at any moment, varying on the size of the Database.

If an Account is not active for two (2) years (date of last login) or in case of deletion of the Account by the Client, Personal Data will be automatically deleted.

In this case, CAPTAIN DATA will delete all Personal Data, unless they are necessary for CAPTAIN DATA’s accounting or legal obligations.

12.  Data subject rights

In compliance with applicable regulations, any data subject has the following right on any Personal Data which may have been provided to CAPTAIN DATA:

  • Access right.
  • Correction and modification right.
  • Right to limit the processing of data.
  • Right to oppose the processing of data
  • Portability right.

Such rights may be exerted by contacting CAPTAIN DATA at the following address: support@captaindata.co.

In compliance with its legal obligations, CAPTAIN DATA will do so at latest one (1) month from receipt of the request.

13. Databases created by the Client

By using the Service, the Client may also create its own Databases by collecting data on various websites via the Scraping tool.

The Client is solely responsible of any collected Data. CAPTAIN DATA only provides a technical tool which is to be configured by the Client for its own use.

The Client acts as the data controller while using the Scraping functions of the Service, as only them can decide on the Scraping target and the collected Data.

CAPTAIN DATA will be the Client’s data processor.

The Client must ensure that they have the authorization from the data subject to collect and process such data with the Scraping tool provided in the Service, and to create its own Databases. The Client must provide the information to the data subject when Personal Data is collected.

The Client will compensate CAPTAIN DATA for any sum which CAPTAIN DATA may be ordered to pay, for any reason, due to the unauthorized collection and processing of the Personal Data of a data subject. The Client will notably pay for any defense and amicable/judicial procedure fees (counsel and obligatory fees) as well as any damages that CAPTAIN DATA may be ordered to pay to the data subject. CAPTAIN DATA will be free to conduct its own defense and to choose its counsels.

The Client will comply with regulations regarding Personal Data Protect.

As the Client’s data processor, CAPTAIN DATA agrees to:

  1. Use the Personal Data only to provide the Service.
  2. Process the Personal Data following the documented instructions of the Client, as listed in the ToS. If CAPTAIN DATA considers that an instruction is in breach of the GDPR, or any other EU or national personal data regulation, CAPTAIN DATA will be free to suspend the Service and to delete the Account of the Client, without notice, in compliance with the ToS, without the Client being able to ask for reimbursement and without CAPTAIN DATA being liable.
  3. Ensure that the processed Personal data remains Confidential.
  4. Ensure that the persons authorized to process the Personal Data within its teams:
  • Commit to ensure confidentiality or are bound by a legal confidentiality provision.
  • Are given the necessary training to handle personal data.
  1. Take into account, in its own tools, products, applications or Services, the Privacy by Design and Privacy by Default principles.
  2. Only use subcontractors which have been authorized in the ToS and Privacy Policy, unless there was a prior written notification to the Client.
  3. On a best effort basis, CAPTAIN DATA must assist the Client to reply to any request by the data subject: access right, rectification, erasure, opposition, restriction of processing, portability, right to refuse automated individual decision making (including profiling).
  4. The Client must also assist CAPTAIN DATA to reply to any request by the data subject: access right, rectification, erasure, opposition, restriction of processing, portability, right to refuse automated individual decision making (including profiling).
  5. CAPTAIN DATA notifies the Client, by email and as soon as practicable from the date of discovery, of any breach of Personal Data. Notification must include all necessary documentation to allow the Client, if necessary, to notify this violation to the data authority.

Notification must include:

  • Description of the nature of Personal Data breach, including, if possible, the categories and quantity of impacted persons, as well as the categories and quantity of impacted Personal Data.
  • Name and contact information of the data protection officer, or any other contact information where information can be provided.
  • Description of the probable consequences of the Personal Data breach.
  • Description of any countermeasure taken, or proposal of countermeasure to be executed in order to remedy the Personal Data breach, including, if necessary, the measures taken to limit negative consequences of the breach.
  • CAPTAIN DATA must notify such breach to the person concerned, and to CNIL, if this breach is on its own servers. If not, the Client will be responsible to do so.

  1. CAPTAIN DATA will implement all necessary security measures to ensure Personal Data safety, depending on the type of processed data.  
  2. At the latest at the end of the Service, CAPTAIN DATA will delete all Personal Data which have been collected by the Client.
  3. CAPTAIN DATA will maintain a register of all the Personal Data collection and processing ordered by the data controller, in compliance with this obligations under Data Protection laws.
  4. CAPTAIN DATA will keep any necessary documentation, in order to demonstrate compliance with its obligations and to allow audits (including inspections) by the Client, available to the Client. CAPTAIN DATA will also contribute to such audits.

14.  Applicable law and dispute

French law applies to the present Privacy Policy.

The Privacy Policy is written in English but the French version will be applicable even in case of translation.

The Client may submit any dispute regarding the performance or interpretation of the Privacy Policy to CNIL, if it has not been settled amicably.

Such dispute may also be submitted to the Nantes Tribunal de Commerce, including in case of interlocutory proceedings, recourse in warranty or multiple defendants, and regardless of the Client’s country of origin.