Privacy Policy

Last updated: 2024/08/11

1. Introduction

This privacy policy (“Policy”) describes how Baskt (“we”, “us”, or “our”), a company registered in France, collects, uses, and discloses your personal data when you use our service. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the French Data Protection Act No. 78-17 of 6 January 1978 as amended (“LIL”).

2. Definition

For the purpose of the Privacy Policy, notably, the terms “Personal Data,” “Processing,” “Data Subject,” “Data Controller,” “Data Processor,” and “Personal Data Subject” have the meaning given by the General Data Protection Regulation (EU) 2016/679 of 27 April 2016 (the “GDPR”) and the French Data Protection Act entitled “Loi Informatique et Libertés” No. 78-17 of 6 January 1978 as amended (the “LIL”) (altogether the “Data Privacy Regulation”).

3. Data Controller

Baskt, is the data controller and is responsible for all data processing in its professional capacity and within its business activity. In this capacity, Baskt is subject to the obligations imposed upon it by the Data Privacy Regulation.

Data subjects are suppliers, service providers, consultants, partners, customers, and prospects as well as their employees and more generally anyone using the Website (the “Users” or “You”).

3. Personal Data We Collect

We collect and process the following types of personal data:

  • Account information: name, email address, company name
  • Authentication data: usernames, encrypted passwords
  • Usage data: login times, file transfer logs, storage usage
  • Technical data: IP addresses, device information, operating system
  • Communication data: support requests, correspondence with our team

We process your personal data on the following legal bases:

  • Performance of a contract: To provide our Service to you
  • Legitimate interests: To improve and secure our Service, and for business operations
  • Legal obligation: To comply with applicable laws and regulations
  • Consent: Where you have given explicit consent for specific processing activities

5. How We Use Your Data

We use your personal data to:

  • Provide, maintain, and improve our SFTP server service
  • Manage your account and authenticate access to the Service
  • Communicate with you about your account and our Service
  • Respond to your inquiries and provide customer support
  • Ensure the security and proper functioning of our Service
  • Detect and prevent fraud or abuse of our Service
  • Comply with legal obligations and enforce our terms of service

6. Data Sharing and Transfers

We do not sell your personal data. We may share your data with:

  • Service providers: Third-party vendors who help us operate our business and Service (e.g., hosting providers, analytics services)
  • Legal authorities: When required by law, court order, or governmental regulation
  • Business transfers: In connection with a merger, acquisition, or sale of assets

Any data transfers outside the European Economic Area (EEA) will be conducted in compliance with applicable data protection laws, using appropriate safeguards such as Standard Contractual Clauses.

7. Data Retention

We retain your personal data for as long as necessary to provide our Service, comply with legal obligations, resolve disputes, and enforce our agreements. Specific retention periods may vary based on the type of data and applicable legal requirements.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

9. Your Rights

Under the GDPR and LIL, you have the following rights:

  • Right to access your personal data
  • Right to rectification of inaccurate or incomplete data
  • Right to erasure (‘right to be forgotten’) in certain circumstances
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing based on legitimate interests
  • Right to withdraw consent where processing is based on consent
  • Right to lodge a complaint with a supervisory authority

To exercise these rights, please contact us using the information provided in the “Contact Us” section.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for legal, operational, or regulatory reasons. We will notify you of any material changes by posting the new Policy on our website and updating the “Last updated” date.

11. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at: [email protected]

For data protection inquiries, you can contact our Data Protection Officer at [email protected]