When using the website https://dashboard.pipplet.com/ (hereinafter the “Platform”) and www.pipplet.com, allowing companies, recruitment firms or training bodies (hereinafter the “Client”) to purchase our products and register your Test takers, collaborators, or employees (hereinafter the “Test takers”) in order to assess their linguistic skills, you will be communicating your personal data, designating any data allowing to identify you as an individual directly or indirectly.
We, Pipplet SAS (“Pipplet”, “we”, “us”), a simplified joint-stock company, registered at the Paris Trade and Companies Register under number 813 493 673, the registered office of which is located at 10 rue de Penthièvre – 75008 Paris, are committed to respecting your privacy. Please read this privacy charter carefully to understand our practices regarding your personal data and how we will process it. Pipplet has a clear objective to be transparent in its use of personal data and to ensure that Clients and Test takers, where we store or process personal data, have their privacy maintained to provide the security and trust expected of our organisation.We inform you that we implement to collect and process your personal data, in strict compliance with your rights.We indicate to you that we comply with law no. 78-17 of 6 January 1978 regarding Information Technology, Files and Liberties, in its applicable version, as well as with the General Data Protection Regulation no. 2016/679 of 27 April 2016 in the collection and management of your personal data.
“Examiner” means a third-party provider reviewing and scoring Pipplet’s test session.
“Personal data” is defined as any information (including opinions and intentions) relating to an identified or identifiable natural person. It can reference, but is not limited to, the following identifiers: a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Platform” means the platform where Client’s online account is hosted.
“Processing” of personal data may include “collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction and any may be by automated or manual means.”
“Client” is a reference to past or current Pipplet clients. The Client is a data controller and in a business relationship with Pipplet.
“Test taker” is a reference to any individual who has been registered to take a Pipplet test.
“Third-party service provider” is an organisation that is a data processor of company, such as a recruitment agency, and in a business relationship with us as a Client.
The controller of your personal data is the company Pipplet, a simplified joint-stock company, registered at the Paris Trade and Companies Register under number 813 493 673, the registered office of which is located at 10 rue de Penthièvre – 75008 Paris (hereinafter referred to as “We”).
We inform you, when collecting your personal data, if certain data shall necessarily be provided or if it is optional. We also indicate to you any consequences of a failure to respond.
We will collect the following data in this regard:
Information that you communicate to us
For the proper execution of services that we offer via the Platform, we collect the following data:
Information that we collect automatically
We may also automatically collect your personal data via tools and services proposed on the Platform, and notably the following data:
To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link
Your personal data is collected and processed for one or more of the following purposes:
Information that you communicate to us
Information that we collect automatically
Personal Data to ensure the validity of your test.
In order to ensure the validity of your test results, Pipplet has a legitimate interest to prevent Fraud or fraudulent behavior. In this respect and on behalf of the Client who invited you to take the test, Pipplet processes the following data:
- Picture of your face
- Valid ID card
Pipplet will store this Personal Data for 6 months. Thereafter, these personal data will be removed from our systems, unless a fraudulent behavior is detected. In this case, your personal data will be stored for 24 months. In case you request to delete your personal data sooner, this will be granted if the data is no longer necessary for the purpose of ensuring test validity.
In terms of the services that we provide to you via the Platform, we collect and process your personal data for the purposes listed above, for which the legal basis can be found in the GDPR. The legal basis may vary per purpose. Please find below an overview of the legal basis that we are using to allow the processing activities of your personal data:
Consent (article 6.1 (a) GDPR)
Whenever your prior consent is necessary to process your personal data, we will ask you to consent with a box to tick directly on the form for the collection of your data. You will have the possibility to express your refusal in this regard on the occasion of the collection of your data.
This is notably the case for the following purposes:
Performance of a contract (article 6.1 (b) GDPR)
In terms of the services that we provide to you via the Platform, we collect and process your personal data that is necessary for the execution of the contract binding us for the following purposes:
Necessary for compliance with a legal obligation (article 6.1 (d) GDPR)
Legitimate interest (article 6.1 (f) GDPR)
We collect your personal data for the purposes of our legitimate interest and notably for the following purposes:
Only the staff of our company, the services in charge of the control (notably auditors) and our subcontractors shall have access to your personal data.We will communicate your personal data to the Test takers that you register on the test for the strict necessity of the execution of services. Each Client remains however solely liable for compliance with its statutory obligations in terms of its processing of Test taker’s personal data, with its own means and for its own purposes. We are only liable for our use of Test taker’s personal data, excluding any other use by a Client using our services.Your personal data and Test taker’s personal data may also be sent to public bodies, exclusively for the purposes of complying with our statutory obligations, court officers and public officers.
Your personal data shall not be subject to transfers, leases or exchanges to the benefit of third parties, for the execution of one of the purposes detailed above and with the aforementioned reservations.You are however informed that we reserve the option to communicate your fully anonymised data to third parties in an aggregate form, that is in a form that does not allow for your identification in any manner whatsoever. This anonymised data is used for marketing and business purposes.
Your personal data is kept and stored for the entire duration of its storage on servers of the company Heroku located within the European Union. Your personal data shall not be subject to any transfer outside the EEA or Switzerland in terms of the use of services that we provide to you.However, if it were to be transferred, we inform you that the transfer shall necessarily occur in terms of the execution of the purposes detailed in this Charter and to a country representing an adequate level of protection or after having concluded an agreement governing the transfer in accordance with the model agreement of the European Commission. We may also make transfers to recipients with approved Binding Corporate Rules.Pipplet does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data.
1.Regarding the management of data subject requests and objection lists to be received from prospection:Information allowing to take into account your right to object to email marketing is stored at least twenty-four (24) months as from the date your exercise your right.Information allowing to take into account the exercise of your rights, granted by the GDPR, is stored at least twenty-four (24) months as from the collection date.
2. Regarding statistics of audience measurements:Information stored on the users’ terminal or any other element used to identify the users and allowing their traceability or visit shall not be stored for more than thirteen (13) months.To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link.
3. For data regarding the monitoring and management of relationships with Clients:Your personal data is stored for a maximum period of twenty-four (24) months as from the collection date. We can delete your data upon simple request at any time.However, data allowing to prove a right or a contract, to be stored in terms of compliance with a statutory obligation, shall be stored for the duration provided for by the applicable law, that is for a maximum duration of five (5) years as from the collection thereof, on an intermediary storage device.
We inform you that every necessary caution as well as all appropriate organisational and technical measures to preserve the security, integrity and confidentiality of your personal data and notably to prevent any misuse of, damage or unauthorised third-party access to it.
To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link
Pipplet respects the rights of EEA residents to access, correct and request erasure or restriction of their Personal Data as required by law. This means:
It is reminded that any person can request the restriction of processing of data concerning him/her or object to the said processing, on legitimate grounds.
You have the right to access your data to have it communicated to you and if applicable to rectify or delete it by sending us a mail at:
Please understand that we may need to verify your identity before we can process your request. We also inform you that we will notify the request to the persons to whom we communicated your data, unless this communication turns out to be impossible.
We inform you that in case of rectification or deletion of your personal data, as well as in case of restriction of processing carried out following your request, we will notify the said changes to the persons to whom we communicated your data, unless this communication turns out to be impossible.You also have a right to the portability of the personal data that you provided to us, understood as data that you actively and deliberately declared in terms of the access to and use of the Platform, as well as data generated by your activity in terms of the use of the Platform. We remind you that this right does not concern the data collected and processed on a legal basis other than the consent or the execution of the contract biding us, and notably the data collected in our legitimate interest or on a statutory basis.
This right may be exercised free of charge at any time, and notably when you close your account on the Platform, in order to recover and store your personal data. In this regard, we send you your personal data in a standard open commonly used and machine-readable format in any way deemed necessary, according to the state of the art.You are also informed that you have the right to submit a complaint to the National Commission for Information Technology and Liberties (Commission Nationale Informatique et Libertés) if you consider that the processing of your personal data, that is the subject matter of this Charter, constitutes a breach of applicable provisions. This remedy may be exercised without prejudice to any other remedy before an administrative or judicial court. You in fact also have a right of effective administrative or judicial remedy if you consider that the processing of your personal data constitutes a breach of applicable provisions.
We will inform you as soon as possible if we observe a security breach in the processing of your personal data that can present a significant risk for your rights and liberties. On this occasion, we will provide you with the detail of the nature of the breach encountered and the measures implemented to put an end to it.
We reserve the right to amend this charter at any time, in full or in part, at our sole discretion. These amendments shall enter into force as from the publication of the new charter that will be notified to you in any way deemed necessary. Your use of the Platform following the entry into force of these amendments shall constitute acknowledgment and acceptance of the new charter. Failing which and if you are not satisfied with the new charter, you should no longer access the Platform.
This charter enters into force on 22/02/2021
When using the Pipplet’s platform test Audition.pipplet.com (hereinafter the “Platform”), allowing companies, recruitment firms or training bodies (hereinafter “Clients” and “Third-party service provider”) to assess the linguistic skills of their recruitment candidate, their collaborators or employees (hereinafter the “Candidates”), you will be communicating your personal data.
Pipplet SAS (“Pipplet”, “We”, “Us”), a simplified joint-stock company, registered at the Paris Trade and Companies Register under number 813 493 673, the registered office of which is located at 10 rue de Penthièvre – 75008 Paris, is committed to respecting your privacy. Please read this privacy charter carefully to understand our practices regarding your personal data and how We will process it. Pipplet has a clear objective to be transparent in its use of personal data and to ensure that Candidates, where We store or process personal data, have their privacy maintained to provide the security and trust expected of our organisation.We inform you on the means that we implement to collect and process your personal data, in strict compliance with your rights.We indicate to you that we comply with law no. 78-17 of 6 January 1978 regarding Information Technology, Files and Liberties, in its applicable version, as well as with the General Data Protection Regulation no. 2016/679 of 27 April 2016 (the “GDRP”) in the collection and management of your personal data.
“Controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Client” is a reference to past or current Pipplet clients. The Client is a data controller and in a business relationship with Pipplet.
“Examiner” means a third-party provider reviewing and scoring Pipplet’s test session.“Personal data” is defined as any information (including opinions and intentions) relating to an identified or identifiable natural person. It can reference, but is not limited to, the following identifiers: a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Platform” means the platform where Pipplet’s tests are being administered and which is available to test takers following their registration by the Client.
“Processing” of personal data may include “collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction and any may be by automated or manual means”.
“Processor” means a natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
“Test taker” is a reference to any individual who has been registered to take a Pipplet test.“Third-party service provider” is an organisation that is acting as a data processor for a company, such as a recruitment agency, and which is in a business relationship with us as a Client.
The Controller of your Personal data is the Client which has registered you to a Pipplet’s test session. It means that Pipplet is acting as a Processor or a sub-processor on behalf of the Client or Third-party service provider and We invite you to refer to the information for data subjects or privacy policy provided to you by such Client or Third-party service provider for details on how your personal data are being processed by them.In case of any conflict between the information provided by the Client or the Third-party service provider and the below provisions, the information provided by the Client or Third-party service provider supersedes the below provisions.We always establish a Data Processor Agreement (DPA) with our Clients. The agreement regulates which data We can process, and how We can do it. Our promise to our Clients and Test taker is that we will never process data in any other way or for any other purpose than what is agreed in the DPA, unless we have a legal obligation, or We have obtained your prior explicit consent to do it.
We will collect the following data in this regard:
Information that you communicate to us or our Client communicate to us on your behalf
For the proper execution of services that We offer via the Platform, We collect the following data:
Information that We collect from Examiner
Our Examiners only access anonymized data. They cannot identify you with the information that we are providing them with in order to evaluate your test session.However, Pipplet can collect any comments or remarks from the Examiner on the Test taker’s performance during the linguistic test session.
Information that We collect automatically
We may also automatically collect your personal data via tools and services proposed on the Platform, and notably the following data:
To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link
We inform you, when collecting your personal data, if certain data shall necessarily be provided or if it is optional. We also indicate to you any consequences of a failure to respond.Your personal data is collected and processed for one or more of the following purposes:
Information that you communicate to us or our Client communicate to us on your behalf
Information that We collect from Examiner
Information that We collect automatically
In terms of the services that We provide to you via the Platform, We collect and process your Personal data for the purposes listed above, for which the legal basis can be found in the GDPR. The legal basis may vary per purpose. Please find below an overview of the legal basis that we are using to allow the processing activities of your Personal data:
Consent (article 6.1 (a) GDPR)
Whenever your prior consent is necessary to process your Personal data, We will ask you to consent with a box to tick directly on the form for the collection of your data. You will have the possibility to express your refusal in this regard on the occasion of the collection of your Personal data.
Performance of a contract (article 6.1 (b) GDPR)
In terms of the services that we provide to you via the Platform, we collect and process your personal data that is necessary for the execution of the contract binding us for the following purposes:
Necessary for compliance with a legal obligation (article 6.1 (d) GDPR)
Legitimate interest (article 6.1 (f) GDPR)
We collect your personal data for the purposes of our legitimate interest and notably for the following purposes:
Only the staff of our company (notably our examiners), the services in charge of the control (notably auditors) and our subcontractors shall have access to your personal data.We will communicate your personal data to the company that registered you for the assessment of your linguistic skills for the strict necessity of the execution of services. This company may use the data provided for the same purposes and under the same conditions as those referred to in this Charter. Each company remains however solely liable for compliance with its statutory obligations in terms of its processing of your personal data, with its own means and for its own purposes. We are only liable for our use of your personal data, excluding any other use by a company using our services.Your personal data may also be sent to public bodies, exclusively for the purposes of complying with our statutory obligations, court officers and public officers.
Your personal data shall not be subject to transfers, leases or exchanges to the benefit of third parties, for the execution of one of the purposes detailed above and with the aforementioned reservations.You are however informed that we reserve the option to communicate your fully anonymised data to third parties in an aggregate form, that is in a form that does not allow for your identification in any manner whatsoever. This fully anonymised data will be used for evaluation purposes.
Your personal data is kept and stored for the entire duration of its storage on servers of the company Heroku located within the European Union. Your personal data shall not be subject to any transfer outside the EEA or Switzerland in terms of the use of services that we provide to you.However, if it were to be transferred, we inform you that the transfer shall necessarily occur in terms of the execution of the purposes detailed in this Charter and to a country representing an adequate level of protection or after having concluded an agreement governing the transfer in accordance with the model agreement of the European Commission. We may also make transfers to recipients with approved Binding Corporate Rules.Pipplet does not rely on the EU-U.S. Privacy Shield Framework as a legal basis for transfers of personal data.
1.For data regarding the monitoring and management of relationships with users and data regarding your linguistic skills:Your personal data is stored for a maximum period of twenty-four (24) months as from the collection date. We can delete your data upon simple request at any time.However, data allowing to prove a right or a contract, to be stored in terms of compliance with a statutory obligation, shall be stored for the duration provided for by the applicable law, that is for a maximum duration of five (5) years as from the collection thereof, on an intermediary storage device.
2. Regarding the management of data subject requests:Information allowing to take into account the exercise of your rights, granted by the GDPR, is stored at least twenty-four (24) months as from the collection date.
3; Regarding statistics of audience measurements (if applicable):Information stored on the users’ terminal or any other element used to identify the users and allowing their traceability or visit shall not be stored for more than thirteen (13) months.To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link
We inform you that every necessary caution as well as all appropriate organisational and technical measures to preserve the security, integrity and confidentiality of your personal data and notably to prevent any misuse of, damage or unauthorised third-party access to it.
To learn more about the cookies that we collect during your visit on one of our platforms, please check out the Cookie Policy via this link
Pipplet respects the rights of EEA residents to access, correct and request erasure or restriction of their Personal Data as required by law. This means:
It is reminded that any person can request the restriction of processing of data concerning him/her or object to the said processing, on legitimate grounds.You also have a right to the portability of the personal data that you provided to us, understood as data that you actively and deliberately declared in terms of the access to and use of the Platform, as well as data generated by your activity in terms of the use of the Platform. We remind you that this right does not concern the data collected and processed on a legal basis other than the consent or the execution of the contract biding us, and notably the data collected in our legitimate interest or on a statutory basis.This right may be exercised free of charge at any time, and notably when you close your account on the Platform, in order to recover and store your personal data. In this regard, we send you your personal data in a standard open commonly used and machine-readable format in any way deemed necessary, according to the state of the art.
To exercise these rights, please contact us at:
Please understand that we may need to verify your identity before we can process your request. We also inform you that we will notify the request to the persons to whom we communicated your data, unless this communication turns out to be impossible.
Additionally, our ability to delete Personal Data will be limited in those cases where we are required to retain records, such as in connection with score reports and test security processes.
If you believe that we have processed your Personal Data in violation of applicable law, you may file a complaint with a Supervisory Authority or contact Pipplet.
This remedy may be exercised without prejudice to any other remedy before an administrative or judicial court. You in fact also have a right of effective administrative or judicial remedy if you consider that the processing of your personal data constitutes a breach of applicable provisions.
We will inform you as soon as possible if we observe a security breach in the processing of your personal data that can present a significant risk for your rights and liberties. On this occasion, we will provide you with the detail of the nature of the breach encountered and the measures implemented to put an end to it.
We reserve the right to amend this charter at any time, in full or in part, at our sole discretion. These amendments shall enter into force as from the publication of the new charter that will be notified to you in any way deemed necessary. Your use of the Platform following the entry into force of these amendments shall constitute acknowledgment and acceptance of the new charter. Failing which and if you are not satisfied with the new charter, you should no longer access the Platform.
This charter enters into force on 22/02/2021