Data Protection Policy (DPP)
Last updated 09 June 2026
In accordance with EU Regulation No. 2016/679 of 27 April 2016 (the GDPR — General Data Protection Regulation), MADTECH provides on this page all the information you need to understand how your personal data is managed. Below are the details of MADTECH and the Publication Director of the Klara application:
- Company name: MADTECH, Simplified Joint-Stock Company (SAS) with share capital of €30,000, registered with the Paris Trade and Companies Register under no. 854076205
- Registered office: 2, rue du Sentier, 75002 PARIS, France
- Publication Director: Nazim Chibane
- Contact: n.chibane@klarahr.com
Parties
Data processor(s) (referred to in the Agreement as "Processor" or "Supplier"):
- Name: MADTECH
- Address: 2, rue du Sentier, 75002 PARIS, France
- Contact person: Nathan Himpens – CISO, DPO – n.himpens@klarahr.com
- Data Protection Officer (DPO): Nathan Himpens – n.himpens@klarahr.com
Your contacts
The Data Protection Officer plays an advisory and oversight role alongside the Data Controller. They are responsible for protecting your personal data and ensuring compliance with the GDPR. Their contact details are as follows:
- Name: Nathan HIMPENS
- Position: CISO, DPO
- Contact: n.himpens@klarahr.com
The ICO (Information Commissioner's Office) is the UK's independent authority set up to uphold information rights. For users based in France, the relevant supervisory authority is the CNIL (Commission Nationale de l'Informatique et des Libertés).
Your rights
For each item of personal data you share with MADTECH, you may exercise any of the following rights at any time by emailing us at support@klarahr.com. We will respond within one month where possible.
Right to withdraw consent
You may withdraw your consent to the use of your data at any time. We will cease processing it, but any processing carried out while we had your consent will remain valid.
Right of access
You may ask whether we hold data about you and request that we provide it so you can verify its content.
Right to rectification
You may ask us to correct any inaccurate or incomplete information we hold about you.
Right to erasure
Also known as the right to be forgotten: you may request the deletion of your personal data.
Right to restriction of processing
You may ask us to temporarily suspend the use of certain data.
Right to object
You may object to all or part of the processing of your data.
Right to data portability
You may request a copy of the data you have provided to us, in a readily usable format.
You also have the right to lodge a complaint with your relevant supervisory authority (ICO in the UK, CNIL in France), as well as the right to seek judicial redress if you believe your rights have not been respected.
Your personal data
Processing and management of personal data
In the course of providing our services, including training and SaaS solutions, we collect and process certain personal data (first name, last name, email address, IP address, logs, etc.) relating to employees and participants. This data may be used for administrative management, customer relationship management and activity tracking purposes. No sensitive data is processed.
In compliance with French Law No. 78-17 of 6 January 1978 and the GDPR, we guarantee:
- Data will only be used for the purposes for which it was collected.
- Transparency regarding the nature of data processed, its purpose and retention period.
- Participants' rights of access, rectification and erasure.
Sub-processors
| Identification | Processing purpose | Description | Duration | Third countries | Data categories |
|---|---|---|---|---|---|
| SCALEWAY 8 rue de la Ville l'Évêque – 75008 Paris, France RCS PARIS B 433 115 904 DPO: privacy@scaleway.com | Data hosting — Database management | Infrastructure provision | Duration of the service | Netherlands (data replication) | Non-sensitive data — Civil status — Format: database |
| Sinch AB Lindhagensgatan 74, Stockholm, 112 18 Sweden DPO: dpo@sinch.com | Transactional email sending — Deliverability statistics | Infrastructure provision — Messages retained for a maximum of 7 days | Duration of the service | No transfer outside the EEA | Non-sensitive data — Professional contact details — Format: database |
Security of collected data
MADTECH is committed to ensuring the confidentiality of collected data and to implementing all appropriate technical and organisational measures to preserve its security and integrity, in particular against accidental loss, alteration, unauthorised disclosure or access.
Version history
| Classification | Author | Storage | Version |
|---|---|---|---|
| Public | Nathan Himpens | Cloud | 1.6-2025-11-25 |