Privacy Policy
1. Introduction & Scope
This Privacy Policy describes how we collect, use, store, process, and protect personal data of users of our platform. We are committed to full compliance with Algerian data-protection laws (Law 18-07 amended by Law 25-11), ensuring respect for privacy, data sovereignty, and individual rights. This policy applies to all individuals and entities using our services — whether organizations, institutions, professionals, or end users.
2. Data We Collect & Purpose
We may collect the following categories of personal data: • Identity data (name, surname, phone number, email, position/role) • Organizational data (department, role, institution) when onboarding institutions or corporate clients Purpose of processing: • Provide communication and collaboration services (chat, calls, file sharing, collaboration) • Secure user authentication and authorization • Maintain platform functionality, performance, and availability • Enable administrative control, audit, compliance, and data governance for institutional clients • Ensure data protection, integrity, and security • Fulfill legal or regulatory obligations We only collect data that is adequate, relevant, limited to the needs of providing the service.
3. Lawful Basis & Consent
All personal data processing is lawful, fair and transparent. We process data only when: • the user (data subject) gives explicit consent, or • processing is necessary for providing the service (authentication, collaboration), or • required to comply with laws or regulations, or protect vital interests, or other legitimate interests consistent with law and rights protection. Sensitive data (health, biometrics, etc.) are not collected by default; any such data would require additional, explicit authorization under Law 18-07.
4. Data Retention & Deletion
Personal data are retained only for as long as necessary to fulfill the purposes for which they were collected. Once data is no longer needed, or upon user request (see rights below), data will be securely deleted. We implement data-minimization and regular data-purging practices, unless legal obligations require longer retention.
5. Data Security & Hosting / Sovereignty
• All data is hosted on servers located in Algeria (on-premise or private cloud) to ensure full data sovereignty. • We apply strong technical and organizational security measures: encryption in transit (TLS/WSS), encryption at rest, access controls, audit logging, secure backups, regular security reviews. • Processing is limited to personnel or subcontractors under strict confidentiality obligations.
6. Rights of Data Subjects
Under Law 18-07 / 25-11, all data subjects have the following rights: • Right to information — clear notice of data collection and use • Right of access — ability to request a copy of their personal data • Right to rectification — correct inaccurate or outdated data • Right to object or withdraw consent — stop processing or request erasure when lawful basis is consent • Right to data deletion or restriction when processing is no longer justified • Right to data portability (when applicable) • Requests may be made by contacting our Data Protection Officer (DPO) at the details below. We commit to respond within the time frames mandated by law.
7. Data Processing & Third-Party Disclosure
We do not share, sell, or transfer personal data to third parties outside of Algeria, except when: • required by law or regulatory authority, or • with explicit consent from the user, or • for sub-processing under contract with equivalent data protection obligations Any processing by third parties (if any) is subject to data-processing agreements ensuring compliance with applicable laws.