Privacy Policy

  1. Scope
    1. SPITCHE SAS, with its registered office at 2 rue Niepce 60200 Compiegne (SPITCHE or we) is committed to protecting the personal data of our customers and individuals who visit our websites and platforms (including at, and (our Websites), and individuals who indirectly use our services, through our customers. This privacy policy (the Privacy Policy) sets out our practices for collecting, processing and sharing such personal data.
    2. Our Websites may contain links to other third party websites, especially our customers’ websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information. Please check these policies before you submit any personal information to such third-party websites.
  2. Information we may collect about you as data controller
    1. We will collect and process all or some of the following personal information about you:
      • Information you provide to us: personal information that you provide to us such as when you complete a form on our Websites or when you sign a contract with us, or when you communicate with us otherwise, including but not limited to, your name, email address, phone number, country and company (and/or the industry your work in). We may also require information on your education and work experience in connection with a job opening at SPITCHE for which you wish to be considered.
      • Our correspondence: if you contact us, we will typically keep a record of that correspondence.
      • Survey information: we may ask you to complete surveys, and you are able to provide feedbacks, that we use for research purposes. In such circumstances we shall collect the information provided in the survey/feedback.
      • Websites and communication usage: details of your visits to the Websites and information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, browser language, access time, traffic data, location data, web logs, movements on the Websites, referring web site addresses and other communication data. We may also collect information about the pages you view within the Websites and other actions you take while visiting us. In addition, we may also use such technologies to determine whether you’ve opened an e-mail or clicked on a link contained in an e-mail.
  3. Uses made of your personal data
    1. In this section, we set out the purposes for which we use personal data that we collect via our Websites and, in compliance with our obligations under European laws and regulations, identify the “legal grounds” on which we rely to process the information.
    2. These “legal grounds” are set out in the European General Data Protection Regulation No 2016/679 (GDPR), which allows companies to process personal data only when the processing is permitted by a specific “legal ground”.
    3. Please note that in addition to the disclosures we have identified below, we may disclose personal data for the purposes we explain in this notice to service providers, contractors, agents, advisors (e.g. legal, financial, business or other advisors) and affiliates of SPITCHE that perform activities on our behalf.
      • To communicate effectively with you and conduct our business, including to fulfil your requests ► to respond to your contact / free trial / demo requests, your registration request to events organized by SPITCHE or your appointment request with one of our experts, to respond to your partnership request if you were interested in doing business with us, to respond to your job application, to otherwise communicate with you, or to carry out our obligations arising from any agreements entered into between you and us;

        Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)

      • To provide you with access to restricted Websites areas ► to provide you with an online account and access to restricted areas such as your client account. Please note that providing certain data (marked as such) is mandatory to create an account and that without such data, we will not be able to provide you with our full services.

        Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)

      • To provide you with marketing materials: ► to provide you with email alerts, updates, offers and invitations to SPITCHE events. We may also use your information for marketing our own and our selected business partners’ products and services to you by email, and, where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. When required by law, we will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you.

        Use justification: consent, legitimate interest (to provide you with updated news in relation to our products and services).

      • For research and development purposes: ► to analyse your personal information in order to better understand your and our (other) clients’ services and marketing requirements, to better understand our business and develop our products and services.

        Use justification: legitimate interests (to allow us to improve our services).

      • To analyze and personalize your experience on our Websites ► to collect statistics about our Websites’ usage and effectiveness with various technologies and personalize your experience while you are on our Websites, as well as tailor our interactions with you (see Section 6 below for further information).

        Use justification: consent, legitimate interest (to improve our Websites’ users’ experience)

      • To monitor certain activities ► to monitor queries to ensure service quality, compliance with procedures and to combat fraud.

        Use justification: legal obligations, legal claims, legitimate interests (to ensure that the quality and legality of our services)

      • To inform you of changes ► to notify you about changes to our services and products, or about changes to this policy.

        Use justification: legitimate interests (to allow us to notify you about changes to our service).

      • To reorganise or make changes to our business ► in the event that we: (i) are subject to negotiations for the sale of our business or part thereof to a third party; (ii) are sold to a third party; or (iii) undergo a re-organisation, we may need to transfer some or all of your personal data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or re-organisation. We may also need to transfer your personal data to that re-organised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy.

        Use justification: legitimate interests (in order to allow us to make changes in our business).

      • In connection with legal or regulatory obligations ► We may process your personal data to comply with our regulatory requirements or dialogue with regulators as applicable which may include disclosing your personal data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world or where compelled to do so. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.

        Use justification: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities)

  4. Transmission, storage and security of your personal data
    1. To fulfil your requests and carry out our activities, we or you may need to share your personal data internally with our teams, such as to the Sales, Communication, Information technology or Accounting teams.
    2. We may also share your personal information with our service providers who perform services on our behalf, for the purposes described in this Privacy Policy. These are ours hosting providers, backend infrastructure providers, infrastructure monitoring providers, contact management and emailing service providers, survey and feedback service providers, support and contact request management service providers, user database management service provider.

      We contractually require these service providers to both keep your personal data confidential and not use it for any purpose(s) other than those necessary for the performance of our agreement with them.

    3. Security over the internet
    4. No data transmission over the Internet or Websites can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.
    5. All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
    6. Export outside the EEA
    7. Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the country in which you are located, whose data protection laws may be of a lower standard than those in your country. We will, in all circumstances, safeguard personal information as set out in this Privacy Policy.
    8. Where we transfer personal information from inside the European Economic Area (the EEA) to outside the EEA, we may be required to take specific additional measures to safeguard the relevant personal information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries which have not had these approvals (see the full list here), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.
    9. Please contact us as set out in the “Contacting Us” section below if you would like to see a copy of the specific safeguards applied to the export of your personal information.
    10. Storage limits
    11. Our retention periods for personal data are based on business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain the information you provided to us as long as necessary to provide you with the services you requested through our Websites and until the time limit for claims which may arise from those services has expired, or to comply with regulatory requirements regarding the retention of such data. So if we use your personal information for two purposes we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose with a shorter period once that period expires.
    12. When personal data is no longer needed, we either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data.
  5. Your rights & contacting us
    1. You have the right to ask us not to process your personal information for marketing purposes. We will inform you if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal information. You can also exercise the right at any time by contacting us as set out in the “Contacting Us” section below.
    2. Updating information
    3. We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by contacting us as set out in the “Contacting Us” section below.
    4. Your rights
    5. If you have any questions in relation to our use of your personal information, you should first contact us as per the “Contacting Us” section below. Under certain conditions, you may have the right to require us to:
      • provide you with further details on the use we make of your information;
      • provide you with a copy of information that you have provided to us;
      • update any inaccuracies in the personal information we hold (please see paragraph 5.2);
      • delete any personal information that we no longer have a lawful ground to use;
      • where processing is based on consent, to withdraw your consent so that we stop that particular processing (see paragraph 5.1 for marketing);
      • object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
      • restrict how we use your information whilst a complaint is being investigated.
    6. Please be aware that certain exceptions apply to the exercise of these rights and so you will not be able to exercise them in all situations. In addition, these will vary slightly between EU Member States. For instance, in France, in addition to the rights listed above, you also have the right to define directives as to how you wish your personal data to be used after your death. If you wish to exercise any of these rights, we will check your entitlement and respond within applicable timescale.
    7. If you are not satisfied with our use of your personal information or our response to any exercise of these rights you have the right to complain to the Supervisory Authority of your usual place of residence or place where the alleged breach to the law occurred. Please click here to see the list and contact information of the EU Supervisory Authorities.
    8. Contacting us
    9. If you have any questions in relation to this policy or want to exercise any of your subject rights described above, request, please contact us :
  6. Cookies policy
    1. We use cookies on our Websites. To find out more about how we use cookies, please see our Cookies Policy.
  7. Information collected and processed as data processor
    1. If you (You or Ambassador) use a brand ambassador program set up by one of our customers (the Brand), we process your personal data as a data processor. It means that the data is collected and processed on behalf of the Brand only. The Brandacts as a data controller.
    2. This data may include following: (IP) address, name, surname, gender, birth date, email address, phone number, login information, time zone setting, operating system and platform, information about visits including the URL, search terms, information about what you viewed or searched on our website, page response times, download errors, length of visits to certain pages, page interaction information, (such as scrolling, clicks, and mouse-overs) and the methods used to browse away from the page, activities of users, browsing web pages as well as Facebook / Instagram actions and behaviour in accordance to the corresponding social media developers and third-party app terms and conditions and privacy policies
    3. SPITCHE analyses this data to help the Brand provide its Ambassadors and others clients with relevant and interesting offers. SPITCHE does not make any decisions based solely on automated processing which would produce legal effects concerning you or which would significantly affect you. The Brand has the obligation to ensure that they have collected their Ambassadors’ consent in order to process such data in accordance with GDPR.
    4. To obtain further information on this processing, please refer to the Brand’s privacy policy.
  8. Changes to our Privacy Policy and/or Cookies Policy
    1. We may change the content of our Websites and how we use cookies and consequently our Privacy Policy and our Cookie Policy may change from time to time in the future. If we change this Privacy Policy or our Cookies Policy, we will update the date it was last changed below. If these changes are material, we will indicate this clearly on our Websites.
    2. This Privacy Policy was last updated on October 2023.