Privacy Policy

NextGen’ SAS offers a platform commercialized as “NextGen’” which provide the means to assess and monitor various quotients in organization (the “NextGen’ Platform”). NextGen’ SAS understands the importance of protecting Personal Information (as defined below).

Application and Scope

This Privacy Policy describes our practices with respect to the collection, use and disclosure of Personal Information by NextGen’.

This Privacy Policy (this “Policy“) is intended to establish responsible and transparent practices for the management of Personal Information and to satisfy the relevant and applicable legal requirements. This Policy sets out the standards, responsibilities and obligations of NextGen’ in respect of any Personal Information collected, accessed or processed by NextGen’ in the course of its business operations and specifies the obligations of NextGen’ that arise from NextGen’ Terms of Service (available at https://nextgeninstitute.fr/termsofservice) (the “Terms”) entered into between NextGen’ and its corporate customers (each, a “Customer”), whereby NextGen’ might handle or have access to Personal Information.

This Policy also governs Personal Information collected about NextGen’s website Users (as defined in the Terms of service) and explains how NextGen’ uses and discloses Personal Information collected from people who visit its website and otherwise interact with NextGen’ through www.nextgeninstitute.fr, the “website”. It also explains how NextGen’ uses cookies and similar technologies. If you do not agree with this Policy, do not access or use the NextGen’ Platform and any related services (the “services”) or the website.

1) DEFINITION OF PERSONAL INFORMATION

“Personal Information” is defined as any information about an identifiable individual. This may include, for example, email addresses and contact details and any similar information provided to NextGen’ in the course of its business operations, or which NextGen’ may receive from business inquiries. Personal Information that is aggregated and/or de-identified or that cannot be associated with an identifiable individual is not considered to be Personal Information.

2) INTERNATIONAL COMPLIANCE

NextGen’ complies with:

data protection laws applicable to NextGen’;
anti-spam legislation applicable to NextGen’;
applicable industry standards concerning data protection, confidentiality or information security.

NextGen’ complies with the General Data Protection Regulation (Regulation (EU) 2016/679). NextGen’ (or third parties acting on NextGen’s behalf) may transfer Personal Information that NextGen’ collects to countries outside of the European Economic Area. Where such transfer occurs, NextGen’ will take steps to ensure that Personal Information is protected.

NextGen’ will Process Customer Personal Information in accordance with the following instructions:

a) Users credentials(such as emails, names, etc.)

User credentials permit the Users to access the NextGen’ Platform and include emails and password hashes.
Account administrator that purchases the subscription and manages the account.
Company managers and group managers which use the answers and comments provided by the survey respondents to improve their leadership skills.
Employees answering the surveys and providing comments.
Provide, maintain and improve the NextGen’ Platform.
Prevent or address service, security, support or technical issues with the NextGen’ Platform.
Handling, storing, sharing with Subprocessors, accessing and reviewing Customer Personal Information for the Processing purposes set out adjacent.

b) Employee profiles

The account administrator creates a profile for each of his employees, which contains the first name, last name, job title and email of the employee. Each employee has access to his employee profile and can update his information. He can specify his survey language, his time zone and his preferences for the survey delivery (including survey day, survey time, survey method). The employee can also upload his own picture in his profile.
Company managers and group managers which use the answers and comments provided by the survey respondents to improve their leadership skills.
Employees answering the surveys and providing comments.
Provide, maintain and improve the NextGen’ Platform.
Prevent or address service, security, support or technical issues with the NextGen’ Platform.
Handling, storing, sharing with Subprocessors, accessing and reviewing Customer Personal Information for the Processing purposes set out adjacent.

c) Answers to surveys

Answers to surveys can reveal a wide range of Personal information.
Employees answer surveys such as “Do you have the freedom to try new tools that will help you do your work better?” and “How do you feel about your level of stress at work?”
NextGen’s internal database includes the identity of the Survey Respondents.
Employees answering the surveys, which may include company managers and group managers.
Prevent or address service, security, support or technical issues with the NextGen’ Platform.
Create statistics based on the aggregated Customer Personal Information for benchmarking and marketing purposes.
Handling, storing, sharing with Subprocessors, accessing and reviewing Customer Personal Information for the Processing purposes set out adjacent.

d) Comments

Comments given by Survey Respondents can reveal a wide range of Personal Information.
NextGen’ can encourage employees to share comments with questions
NextGen’’s internal database includes the identity of the comment providers.
Employees providing comments, which may include company managers and group managers.
Provide, maintain and improve the NextGen’ Platform.
Prevent or address service, security, support or technical issues with the NextGen’ Platform.
Handling, storing, sharing with Subprocessors, accessing and reviewing Customer Personal Information for the Processing purposes set out adjacent.

e) User attributes

The account administrator creates his own categories of User attributes (e.g. gender, age, …) and inputs the User attributes relating to the categories he created in each of the employee profiles. The Personal Information collected according to those User attributes will therefore vary accordingly.
NextGen’ does not have control over the categories of User attributes created by the account administrator, however the account administrator is prohibited under the Terms of Service to create a category of User attributes that would result in the input of Sensitive Personal Information in the NextGen’ Platform.
NextGen’’s internal database includes the identity of the employee in respect of which User attributes are provided.
Employee answering the surveys and providing comments, which may include company managers and group managers.
Provide, maintain and improve the NextGen’ Platform.
Prevent or address service, security, support or technical issues with the NextGen’ Platform.
Handling, storing, sharing with Subprocessors, accessing and reviewing Customer Personal Information for the Processing purposes set out adjacent.

f) Collection and Use of Personal Information through the Services

When providing the Services, NextGen’ only processes Personal Information in accordance with the Terms and applicable laws. NextGen’ generally uses Personal Information from or about its Customers and Users for the following purposes:

to create, establish and administer Customer’s account, to respond to Customer’s inquiries related to its account and to contact Customer about NextGen’s Services or account-related matters;
to provide Services, including to provide Customer and its Users with access and use of the NextGen’ Platform and customer support;
to manage and develop NextGen’s business and operations;
to measure and analyze User behavior;
to monitor, maintain and improve NextGen’s Services or features;
to understand how Users interact with NextGen’ and ensure our services, products or features work correctly;
to develop new services, products, features, programs and promotions;
to understand Customers and Users’ needs and preferences and customize how we tailor and market products, programs and Services to our Customers and Users based on their interest;
to meet legal and regulatory requirements and to allow NextGen’ to meet contractual requirements relating to the Services provided to Customer;
to conduct surveys on the quality of NextGen’’s Services or to collect feedbacks on the Services;
to provide Customer with offers for additional services, features and products that NextGen’ believes may be of interest to Customer;
to conduct market or benchmarking research and data analytics by tracking and analyzing current or previously collected Personal Information; and
to measure the effectiveness of our marketing.

When possible, NextGen’ will use Personal Information in an aggregated and/or de-identified format.Unless required or authorized by law, NextGen’ will not use Personal Information for any other or new purpose without obtaining prior consent.

g) Collection and Use of Personal Information through the Website

NextGen’ generally collects and uses Personal Information from or about its website & Services users as follows:

Information Provided by Users.In many cases, NextGen’ collects Personal Information directly from Users when they visit or use the website& Services. For instance, NextGen’ may collect the following types of information:
Inquiries and Requests for a Trial or Service.NextGen’ may collect Users’ name, contact information as phone number, email address and any other information provided when Users make an inquiry or contact NextGen’ through the website& services, when Users sign up to receive NextGen’s newsletter or when Users submit a request or an order for an NextGen’ trial or service.
Technical Information.When Users visit the website& services, NextGen’ may collect, using electronic means such as cookies, technical information. This information may include information about visits to the website, including the IP address of the Users’ computer and which browser was used to view the website, the Users’ operating system, resolution of screen, location, language settings in browsers, the site the User came from, keywords searched (if arriving from a search engine), the number of page views, information entered, advertisements seen, etc. This data is used to measure and improve the effectiveness of the website& services or enhance the experience for Users. While most of the time this information is depersonalized, if this information relates to an identifiable individual, NextGen’will treat this information as Personal Information. NextGen’ may also, without limitations, collect and use the following type of information when Users visit and/or interact with NextGen’ on the website:
Google Analytics: NextGen’ uses Google Analytics which allows it to see information on User website activities including, but not limited to, page views, source and time spent on our website. This information is depersonalized and is displayed as numbers, meaning that it cannot be tracked back to individuals. Users may opt-out of NextGen’’s use of Google Analytics by visiting the Google Analytics opt-out page.
Inbound software: NextGen’ uses inbound software which allows it to see information on User website activities including, but not limited to, page views, source and time spent on our website. However, this information is not depersonalized and Users may not opt-out of NextGen’’s use of inbound software.
Google AdWords: NextGen’ uses Google AdWords Remarketing to advertise NextGen’ across the Internet and to advertise on third party websites (including Google) to previous visitors of the website. AdWords remarketing will display ads to Users based on what parts of the NextGen’ website they have viewed by placing a cookie on the Users’ web browser. It could mean that NextGen’ advertises to previous visitors who haven’t completed a task on the site or this could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. This cookie does not in any way identify the User or give access to the Users’ computer or mobile device. The cookie is only used to indicate to other websites that the User has visited a particular page on the website, so that they may show the User ads relating to that page. If Users do not wish to participate in Google AdWords Remarketing, they can opt out by visiting Google’s Ads Preferences Manager.
Choice with Cookies.Users can block the use of cookies by activating the settings in their browser. The “Help” feature on most browsers will tell Users how to prevent their browser from accepting new cookies, how to have the browser notify the Users when they receive a new cookie, or how to disable cookies altogether. If Users choose to withhold consent, or subsequently block cookies, they may not be able to access all or part of the content of the website. Additionally, Users can disable or delete similar data used by browser add-ons, by changing the add-on’s settings or visiting the website of its manufacturer.
Privacy Policies of other Websites.This Policy only addresses the use and disclosure of information by NextGen’. Other websites that may be accessible through the website have their own privacy policies and data collection, use and disclosure practices.
Personal Information from Other Sources.NextGen’ may obtain from third parties additional Personal Information about a website User if such User gave permission to those third parties to share its information.

h) Sharing of Personal Information

NextGen’ will not sell, rent or trade Personal Information to any third party. However, NextGen’ may share Personal Information when authorized and/or required by law or as follows:

Within NextGen’.We may share Personal Information within NextGen’ in France for the purposes described in Sections 1 & 2 of this Policy.
Service Providers.NextGen’ may grant access to Personal Information to third party service providers in connection with the performance or the improvement of its website and Services. Before sharing any Personal Information with any of its third-party service providers, NextGen’ will ensure that the third party maintains reasonable data management practices for maintaining the confidentiality and security of Personal Information and preventing unauthorized access.
As Permitted or Required by Law.NextGen’ may disclose Personal Information as required by applicable law or by proper legal or governmental authority. NextGen’ may also disclose information to its accountants, auditors, agents and lawyers in connection with the enforcement or protection of its legal rights. NextGen’ may also release certain Personal Information when it has reasonable grounds to believe that such release is reasonably necessary to protect the rights, property or safety of others and itself, in accordance with or as authorized by law. In the event NextGen’ receives a governmental or other regulatory request for any Personal Information, NextGen’ will promptly notify Customer, unless it is prohibited to do so, in order that Customer shall have the option to defend such action.
Business Transaction.NextGen’ may disclose Personal Information to a third party in connection with a sale or transfer of business or assets, an amalgamation, re-organization or financing of parts of our business. However, in the event the transaction is completed, Personal Information will remain protected by applicable data protection laws. In the event the transaction is not completed, NextGen’ will require the other party not to use or disclose the Personal Information received in any manner whatsoever and to delete such Personal Information.

3) SECURITY OF PERSONAL INFORMATION

NextGen’ will store and process the Personal Information in a manner consistent with industry security standards, and as long as necessary for the purposes described in this Policy, unless a longer retention is required by law.

4) USERS LEGAL RIGHTS REGARDING PERSONAL INFORMATION

To the extent that NextGen’s processing of Personal Information is subject to the General Data Protection Regulation (Regulation (EU) 2016/679), NextGen’ relies on its legitimate interests, described above, which are not overridden by your data protection interests, to process Personal Information. Subject to applicable laws, Users also have the right to:

access and rectification or erasure of Personal Information, to the extent that NextGen’ may need to retain certain Personal Information, including for record keeping purposes or to comply with legal obligations;
restrict or object NextGen’s use of Personal Information (though, in some cases, this may mean no longer using the Services or the website) where NextGen’ is relying on a legitimate interest (or those of a third party) and there is something about User’s particular situation which impacts on User’s fundamental rights and freedoms;
lodge a complaint with their local data protection authority; and
data portability. Users will not have to pay a fee to exercise such rights, however, NextGen’ may charge a reasonable fee or refuse to comply if the request is unfounded, repetitive or excessive.

5) HOW TO CONTACT US

Any questions or complaints or requests regarding this Policy or NextGen’ handling of Personal Information can be addressed by sending an email to legal@nextgeninstitute.fr.

A User who seeks to exercise its data protection rights referred to in Section 6, in respect of Personal Information stored or processed by us on behalf of a Customer (e.g. the employer), must direct his/her query to such Customer, as being the data controller. If NextGen’receives such User’s request to exercise its data protection rights referred to in Section 6 (including for access to or correction of Personal Information), NextGen’ shall redirect the User to Customer and, upon request from Customer, shall assist Customer in responding to such request, if applicable.

6) CHANGE OF PRIVACY POLICY

NextGen’ will review and update its policies and procedures as required to keep current with rules and regulations, new technologies, standards and customer concerns. This Policy may therefore change from time to time. If NextGen’ makes changes that materially alter Users privacy rights, NextGen’ may provide additional notice, such as via email or through the Services or the website. If Users disagree with the terms of this Policy, their only remedy is to discontinue use of the website and the Services.

This Policy was last updated on May 26^th, 2020.