Data Protection

Personal Data Protection Policy

Citalid (“Citalid”, or “we”) is very attentive to the protection of the privacy and personal data of users (the “User” or “you”) of its Website (the “Website”). In this respect, Citalid ensures that privacy is respected and undertakes to protect personal data in accordance with the applicable regulations, and in particular European Regulation 2016/679 of 27 April 2016 (the “GDPR”) and French Act no. 78-17 of 6 January 1978 known as the Data Protection Act (together the “Applicable regulations”).

The purpose of this data protection policy (hereinafter, the “Policy”) is to present to you in a clear and transparent manner the way in which Citalid processes your personal data and ensures that your rights in this regard are respected.

Who is the Data Controller?

For the application of the above-mentioned texts, Citalid, a simplified joint stock company with capital of 21,048 euros, whose registered office is located at 72 rue Dulong – 75017 Paris, SIREN no. 833926264, is the Data Controller.

What Personal Data do we collect and when?

You may be asked to provide us with personal data via the Website:

  • When you fill in the contact and demo forms.
  • When you subscribe to the Citalid newsletter.
  • When you register for our free public events.
  • When you wish to join our team by sending us your application.
  • When you browse the Website.

The personal data collected relates to:

  • Your identification: this includes data such as surname, first name, e-mail address, telephone number.
  • Your professional life: job title, CV.

When collecting your personal data, mandatory information is indicated on the collection forms by an asterisk. Failure to provide this mandatory information may make it impossible to provide our services.

Why do we process your Personal Data?

We collect and process your personal data for the following purposes:

  • Managing your demo requests,
  • Management of your registrations for our free public events,
  • Management of commercial prospecting,
  • Recruitment management.

The table below sets out in detail, according to the different situations described above, the uses to which your data is put and the legal basis on which we process your data.

SourcesPurposesLegal basis
When you fill in the contact and demo formsTo contact you again in order to offer you a demonstration of Citalid products and services and to provide you with further information relating to them.Citalid’s legitimate interest in satisfying your queries and ensuring its external communication.
When you subscribe to the Citalid newsletter.To keep you informed of Citalid’s activities, products and services.Your consent when required by Applicable regulations and the legitimate interests pursued by Citalid.
When you register for our free public eventsTo keep you informed of Citalid’s activities, products and services.Your consent when required by Applicable regulations and the legitimate interests pursued by Citalid.
When you apply to join CitalidTo examine your application and evaluate your professional skills in relation to Citalid’s needs.

To contact you and schedule interviews.

To keep a record of your application and contact you in the event of new recruitment opportunities that may be of interest to you.

Citalid’s legitimate interest in optimizing its recruitment process.

When you browse our Website, Citalid may collect personal data relating to your browsing, for example your IP address, connection data, geographical area, etc., by means of cookies or similar technologies deposited on your terminal device.

For more information on the purposes of these cookies and similar technologies and your rights in relation to them, please refer to our Cookie Policy.

How long do we keep your Personal Data?

Citalid retains your personal data for the time necessary to meet the purposes for which this data is collected, as described in the table above. Depending on the different purposes, the following retention periods are applicable:

(a) For contact requests, your personal data is kept until your request has been processed.

(b) For newsletters, your personal data is kept, depending on the case, for the duration of your subscription to these communications, until you exercise your right to object or withdraw your consent, or for three years from the date of collection or last contact.

(c) When you apply to join Citalid:

  • if your application is successful and you join our teams, your personal data will be kept for the duration of your employment with Citalid and for the applicable legal periods of prescription.
  • if your application is unsuccessful, your personal data required for recruitment purposes will be kept for 2 years from our last contact.

(d) When you browse our Website, the data we may collect, in particular cookies, is kept for no longer than 13 months.

Who are the recipients of your Personal Data?

Your personal data is strictly confidential and is intended primarily for our internal services authorized to receive it.

The data collected is intended for us in our capacity as data controller.

Except in the case of legal, accounting or judicial obligations, we do not transmit your personal data within the framework of the processing carried out by Citalid in its capacity as Data Controller.

During all the time of their conservation by Citalid, data is hosted by :

  • OVH, 2 rue Kellermann 59100 Roubaix – France, RCS Lille Métropole 424 761 419.
  • Amazon Web Services EMEA SARL, 38 avenue John F Kennedy, 1855 Luxembourg, RCS Nanterre 831 001 334.

Where do we transfer your Personal Data?

Your data is not transferred outside the European Union.

How do we ensure the security of your Data?

Citalid has implemented technical and organizational measures to guarantee the security, confidentiality and integrity of personal data.

We take all the necessary precautions, whether physical, logical or administrative, with regard to the nature of the data processed and the risks presented by the processing that we carry out, to preserve the security of your personal data and prevent them from being distorted, damaged or accessed by unauthorized third parties.

Among these measures are the management of authorizations for data access :

  • authorization management for data access ;
  • reinforced authentication for access to our sensitive tools;
  • encryption of personal data;
  • access control, security of workstations, servers, networks, administration, audit and incident management, etc…

What are your rights on your Personal Data?

In accordance with Applicable regulations, you have the following rights regarding the use of your personal data. These rights may be subject to conditions, limitations or legal exceptions.

  • The right of access

It allows you to obtain confirmation that personal data concerning you is being processed and to receive a copy of this data as well as certain information related to its processing.

  • The right of rectification

You have the right to obtain the rectification of your personal data which are inaccurate and to have them completed.

  • The right to erasure (“right to be forgotten”)

You can, in certain cases well defined by the regulation, obtain the erasure of your personal data.

  • The right to limit the processing of your data

In certain cases, you have the right to obtain the limitation of the processing of your personal data.

  • The right to object

You can object at any time and for reasons related to your particular situation, to the processing of your personal data.

  • The right to the portability of your data

You have the right, in certain cases, to request to receive the personal data you have provided to us and to transmit them to another data controller.

  • The right to withdraw your consent

You have the right at any time to withdraw your consent for processing requiring your consent. However, such withdrawal shall not affect the lawfulness of processing based on the consent given prior to such withdrawal.

  • Right to submit a request to a supervisory authority

You also have the right to lodge a complaint with the “Commission Nationale Informatique et Libertés” (CNIL). For more information, you can consult the CNIL website.

How can you exercise your rights?

 To exercise your rights, please send an e-mail to

Changes to our Policy

The Policy may be modified in order to comply with regulatory, jurisprudential or technical developments.

When we do, we will change the “last updated” date and indicate the date the changes were made.

We encourage you to check this page regularly for any changes or updates to our Policy.

Version updated on February 1, 2024.