Privacy Policy

DATA PROTECTION POLICY (Privacy Policy)

Znu-Cloud Data Protection Policy

Last updated: [Current Date]

1. Introduction

Znu-Cloud is committed to protecting your privacy and ensuring the security of your personal and business data. This Data Protection Policy explains how we collect, use, process, and protect your information in accordance with the General Data Protection Regulation (GDPR) and other applicable EU data protection laws.

2. Data Controller

Data Controller:
Znu-Cloud
SNCF Station, 14 rue de Dunkerque
Paris, 75010, France
Email: data.privacy@znu-cloud.com

3. Types of Data We Collect

Personal Data

  • Name and contact information (email, phone, address)
  • Company information and role
  • Account credentials and preferences
  • Communication history with our support team

Business Data

  • Customer relationship data you upload or create
  • Business analytics and usage patterns
  • Integration data from connected services

Technical Data

  • IP addresses and browser information
  • Usage analytics and performance metrics
  • Security logs and access records

4. Legal Basis for Processing

We process your data based on:

  • Legitimate Interest: To provide and improve our CRM services
  • Contract Performance: To fulfill our service agreement with you
  • Consent: Where explicitly provided for marketing communications
  • Legal Obligation: To comply with applicable laws and regulations

5. How We Use Your Data

  • Provide CRM and data services as contracted
  • Maintain and improve service performance and security
  • Provide customer support and technical assistance
  • Send important service updates and notifications
  • Comply with legal and regulatory requirements

6. Data Sovereignty and EU Hosting

EU Data Sovereignty Guarantee:

  • All data is hosted exclusively in the EU using trusted EU providers:
    • Infomaniak (Switzerland/EU) – Primary hosting and infrastructure
    • Brevo (France) – Email services and communications
    • Hetzner (Germany) – Additional hosting and backup services
  • No US or third-country data transfers
  • Strong EU data centers with advanced security measures

7. Data Sharing Policy

We do not sell or share your information for commercial purposes. Data may only be shared:

  • With EU-based service providers under strict data processing agreements
  • When required by EU law or legal process
  • With your explicit consent for specific purposes
  • To protect the security and integrity of our services

8. Payment Processing

Financial information is processed securely by Paddle, our EU-compliant payment processor, which:

  • Complies with EU payment regulations and GDPR
  • Maintains PCI DSS certification for payment security
  • Processes payments within the EU/EEA jurisdiction

9. Data Security

We implement industry-leading security measures:

  • End-to-end encryption for data transmission and storage
  • Multi-factor authentication and access controls
  • Regular security audits and vulnerability assessments
  • EU-based hosting with advanced physical security
  • Employee security training and background checks

10. Your Rights Under GDPR

You have the right to:

  • Access your personal data and obtain copies
  • Rectify incorrect or incomplete information
  • Erase your data (“right to be forgotten”)
  • Restrict processing in certain circumstances
  • Data portability – receive your data in a structured format
  • Object to processing based on legitimate interests
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@znu-cloud.com

11. Data Retention

  • Active account data: Retained while your account is active
  • Deleted account data: Securely deleted within 90 days of account termination
  • Legal requirements: Some data may be retained longer to comply with EU legal obligations
  • Backup data: Automatically deleted from backups within 12 months

12. Cookies and Tracking

We use essential cookies to:

  • Maintain your login session
  • Remember your preferences
  • Ensure website security and functionality

We use CCM19, a German cookie consent management platform, to:

  • Obtain your consent for non-essential cookies
  • Manage your cookie preferences
  • Ensure GDPR compliance for all tracking

13. International Transfers

We do not transfer your data outside the EU/EEA. All processing occurs within the EU using EU-hosted services and infrastructure.

14. Data Breach Response

In the unlikely event of a data breach, we will:

  • Notify the relevant supervisory authority within 72 hours
  • Inform affected individuals if the breach poses high risk
  • Take immediate action to contain and remedy the breach
  • Provide regular updates on our investigation and response

15. Children’s Privacy

Our services are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children.

16. Contact and Complaints

For privacy questions or to exercise your rights: Email: privacy@znu-cloud.com
Address: Znu-Cloud, SNCF Station, 14 rue de Dunkerque, Paris, 75010, France

To file a complaint: You have the right to lodge a complaint with the French Data Protection Authority (CNIL) or your local supervisory authority.

17. Updates to This Policy

We may update this policy periodically. Significant changes will be communicated via email and through our platform. Continued use of our services constitutes acceptance of the updated policy.

18. EU Representative

As we are established in France, no separate EU representative is required under Article 27 GDPR.

This Data Protection Policy demonstrates our commitment to EU data sovereignty, GDPR compliance, and protecting your privacy rights.

 
de_DEGerman
en_GBEnglish it_ITItalian fr_FRFrench es_ESSpanish de_DEGerman