Privacy Policy

At V3GA, the protection of your personal data is a priority.

When you use the website www.simplesim.fr (hereinafter the “Site”), we collect personal data about you.

The purpose of this policy is to inform you about the ways in which we process these data in compliance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “GDPR“).

1. Who is responsible for processing?

The data controller is the company V3GA, a SAS registered with the Paris RCS under number 984 105 569, with its registered office at 9 rue Sainte-Lucie, 75015 Paris (hereinafter “We“).

2. What data do we collect?

Personal data is data that identifies an individual directly or by cross-referencing with other data.

We collect data in the following categories:

• Identification data (including your name, first name, email and postal address, phone number);
• Data related to your professional life (identity of the company);
• Data related to your orders;
• Connection data (e.g., IP address, logs);
• Economic and financial data (e.g., credit card, PayPal);

Mandatory data are indicated when you provide us with your data. They are marked with an asterisk and are necessary to provide you with our services.

3. On what legal basis, for what purposes, and for how long do we keep your personal data?

Purposes	Legal Basis	Retention Periods
Provide our services available on our Site via your account	Execution of the General Terms and Conditions that you or your company have subscribed with Us	Your data is kept for the duration of your account. In case of an inactive account for 2 years, your personal data will be deleted if you do not respond to our reactivation email. In addition, your data may be archived for probative purposes for a period of 5 years.
Execute your order, perform operations related to the management of our clients regarding orders, invoices, and follow-up of the contractual relationship with our clients	Execution of the contract you or your company have subscribed with Us	Personal data is kept for the duration of the contractual relationship. Your invoices are archived for 10 years. In addition, your data (except for your bank details) are archived for probative purposes for a period of 5 years. As for data related to your credit card, it is kept by our payment service provider (Stripe) until the execution of the service plus your withdrawal period. Data related to the visual cryptogram or CVV2, written on your credit card, are not stored.
Constitute a file of clients and prospects	Our legitimate interest in developing and promoting our activity	Our legitimate interest in developing and promoting our activity
Send newsletters, solicitations, and promotional messages to our clients	Our legitimate interest in retaining and informing our clients of our latest news	Data is kept for 3 years from your last contact with Us
Send newsletters, solicitations, and promotional messages to our prospects	BtoC prospects: Your consent BtoB prospects: Our legitimate interest in retaining and informing our prospects of our latest news	Data is kept for 3 years from your last contact with Us or until you withdraw your consent.
Respond to your requests for information and support	Our legitimate interest in responding to your requests	Data is kept for the time necessary to process your request and deleted once the request is processed.
Manage requests for the exercise of rights	Our legitimate interest in responding to your requests and keeping track of them	If we ask you for proof of identity: we keep it only for the time necessary for identity verification. Once the verification is done, the proof is deleted. If you exercise your right to object to receiving prospecting: we keep this information for 3 years.

4. Who are the recipients of your data? 

The following will have access to your personal data:

1. Our company’s staff;
2. Our subcontractors: hosting providers, email service providers, CRM tools, payment providers;
3. Where applicable: public and private bodies, exclusively to comply with our legal obligations.

5. Are your data likely to be transferred outside the European Union?

Your data is kept and stored for the duration of the processing on the servers of Amazon Web Services, located in Paris, France.

As part of the tools we use (see article on the recipients regarding our subcontractors), your data may be subject to transfers outside the European Union. The transfer of your data in this context is secured by the following means:

• either the data are transferred to a country that has been subject to an adequacy decision by the European Commission, in accordance with Article 45 of the GDPR: in this case, this country provides a level of protection deemed sufficient and adequate to the provisions of the GDPR
• or the data are transferred to a country whose level of data protection has not been recognized as adequate to the GDPR: in this case, these transfers are based on appropriate safeguards indicated in Article 46 of the GDPR, adapted to each provider, including, but not limited to, the conclusion of standard contractual clauses approved by the European Commission, the application of binding corporate rules, or under an approved certification mechanism.
• or the data are transferred on the basis of one of the appropriate safeguards described in Chapter V of the GDPR.

6. What are your rights regarding your data?

You have the following rights regarding your personal data:

• Right to information: this is precisely why we have drafted this policy. This right is provided for by Articles 13 and 14 of the GDPR.
• Right of access: you have the right to access all your personal data at any time, under Article 15 of the GDPR.
• Right to rectification: you have the right to rectify your personal data that is inaccurate, incomplete, or outdated at any time in accordance with Article 16 of the GDPR.
• Right to restriction: you have the right to obtain the restriction of processing of your personal data in certain cases defined in Article 18 of the GDPR.
• Right to erasure: you have the right to demand that your personal data be erased and to prohibit any future collection for the reasons set out in Article 17 of the GDPR.
• Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a violation of the applicable texts. (Article 77 of the GDPR)
• Right to set directives regarding the retention, erasure, and communication of your personal data after your death.
• Right to withdraw your consent at any time: for purposes based on consent, Article 7 of the GDPR provides that you can withdraw your consent at any time. This withdrawal will not affect the legality of the processing carried out before the withdrawal.
• Right to data portability: under certain conditions specified in Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a standard machine-readable format and to demand their transfer to the recipient of your choice.
• Right to object: under Article 21 of the GDPR, you have the right to object to the processing of your personal data. Note, however, that we may maintain their processing despite this opposition, for legitimate reasons or the defense of legal rights.

You can exercise these rights by writing to us at the contact details below. We may ask you to provide additional information or documents to justify your identity on this occasion.

7. Contact point for personal data

Contact email: contact@simplesim.fr

Contact address: 9 rue Sainte-Lucie, 75015 Paris

8. Modifications

We may modify this policy at any time, particularly to comply with all regulatory, jurisprudential, editorial, or technical developments. These modifications will apply on the effective date of the modified version. You are therefore invited to regularly consult the latest version of this policy. However, we will inform you of any significant changes to this privacy policy.

Effective date: 01/01/2024