Skip to main content

Privacy policy

How useful is this policy?

Licorne Society, which manages the platform Leonar.app, attaches great importance to the protection and confidentiality of your personal data as a pledge of seriousness and trust.

The Privacy Policy specifically reflects our willingness to enforce compliance within Licorne Society with applicable data protection rules and, in particular, with the General Data Protection Regulation ("GDPR").

The privacy policy aims to inform users about how and why data is processed in connection with the services provided.

Who is this policy for?

The policy applies to all users of the Leonar.app service, regardless of their location.

Why do we process your data?

Data is processed to provide services for:

  • Using and benefiting from the service and all its features based on general terms of use
  • Providing user account management (account creation, service access, and account deletion) based on Terms of Service
  • Writing free comments on file management based on general conditions of use
  • Communicating with the support department via internal messaging system based on general terms of use
  • Receiving technical emails (password modifications, etc.) essential to the functioning of the service based on general conditions of use
  • Running videos to provide quality service based on terms and conditions of use
  • Ensuring and enhancing service security and quality (statistics, data security, etc.) based on legal obligations, terms and conditions, and legitimate interest

Data is collected directly from users during website use and processed only for the reasons described above.

What data do we process and for how long?

Categories of personal data and retention periods:

  • Professional identification data (last name, first name, position, company) and contact data (email address, business phone number) kept for the entire duration of the provision of the service, plus the legal statute of limitations, which is generally 5 years
  • Email address for technical messages kept until your account is deleted
  • Connection data (logs, IP address) kept for a period of 1 year

After retention periods expire, deletion is irreversible. Anonymous data may be retained for statistical purposes.

In the event of litigation, all data is retained for the duration of case processing even after retention periods expire.

What rights do you have to control the use of your data?

Data protection regulations provide specific rights exercisable at any time and free of charge:

  • Right of access and obtaining a copy of your personal data (unless conflicting with business secrecy, confidentiality, or correspondence secrecy)
  • Right of rectification of incorrect, obsolete, or incomplete personal data
  • Right to object to processing for commercial prospecting purposes
  • Right to request erasure ("right to be forgotten") of non-essential personal data
  • Right to restriction of processing allowing data use freezing during lawfulness disputes
  • Right to portability allowing download and transfer of personal data between systems
  • Right to provide guidelines on data fate in the event of death

Only the individual concerned can make requests. Proof of identity may be requested if identity is in doubt.

Responses occur within one month of receipt, unless complex or repeated (up to three months possible).

Who can access your data?

We never transfer or sell your personal data to third parties or business partners. All of your personal data are used exclusively by our staff or by our IT service providers.

Data can be transferred to service providers for technically operating the service (e.g., data hosting).

All service providers are audited before recruitment to verify strict compliance with personal data protection rules.

How do we protect your data?

Technical and organizational means are implemented to guarantee data security and prevent destruction, loss, alteration, or unauthorized disclosure (training, access control, passwords, etc.).

Can your data be transferred outside the European Union?

Unless strictly necessary and exceptional, data is never transferred outside the European Union and is always hosted on European soil.

Service providers are recruited to host data within the European Union when possible.

For necessary transfers outside the EU, appropriate safeguards ensuring confidentiality and protection are verified.

Who can you contact for more information?

An outsourced and independent Data Protection Officer (DPO) has been officially appointed to ensure personal data safety and confidentiality.

Contact the DPO anytime, free of charge: dpo@licornesociety.com for information or details on data processing.

How can you contact the CNIL?

The "Commission nationale de l'informatique et des libertes" (CNIL) can be contacted at: CNIL Complaints Department, 3 place de Fontenoy - TSA 80751, 75334 Paris Cedex 07 or by phone at 01.53.73.22.22.

Can the policy be modified?

The Privacy Policy may change at any time to adapt to new legal requirements and new processing implementations.

Google compliance

Leonar's use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.