Privacy Policy


This Privacy Policy (hereinafter referred to as the "Policy") defines and describes the means implemented by DrData as part of the collection, use and processing of data collected concerning users (hereinafter referred to as the "User") on its website and platforms. Its purpose is to fully inform you of the security and confidentiality guarantees implemented by DrData in the protection of your personal data collected. The Policy is an integral part of the Terms & Conditions of Use of the website and its platforms.


DrData responsible for processing the personal data provided by the User on the Website and its affiliated platforms is DrData, a simplified joint stock Company, whose registered office is located at 81 rue Réaumur, 75002 PARIS, and which is registered with the Paris Trade and Companies Registry under number Siren 838152122.


The personal data collected is used within the framework of the services provided by DrData through its website and platforms. DrData ensures that it only collects data that is strictly necessary for the purpose of the processing carried out. This data is used for the following main purposes: processing an information request, sending DrData's training catalog, managing your subscription to DrData's publications and newsletter, managing your registrations for events organized by DrData. This processing of personal data is based on your consent. This information has been brought to the attention of DrData's Data Protection Officer (DPO), who has included it in his register of processing activities. In compliance with the regulations applicable to the use of your personal data, DrData reserves the right to use your data for the purposes of providing information about its products and services or for any other obvious purpose necessary to inform you about the use of the service in which he/she has expressed interest.


The recipients of the personal data collected and processed are the relevant departments of DrData.


This website is hosted by Heroku Inc., 415 Mission Street Suite 300 San Francisco, California 94105.


Our Policy strictly applies the regulations in force concerning the protection of personal data introduced by Law no. 78-16 of January 6, 1978, as amended, relating to information technology, files and freedoms in its consolidated version (hereinafter "Law on data processing and civil liberties") and by the General Data Protection Regulation (GDPR) no. 2016-679 of April 27, 2016. This Policy also undertakes to comply with any legislation or regulations that may be adopted and applied in France or in any other country to which DrData may transfer the collection, use and processing of such data. This Policy may be amended and supplemented in accordance with legal, regulatory and jurisprudential developments.


DrData uses all the means at its disposal to create an environment that preserves the quality and security of the integrity of your data. DrData implements all appropriate technical and organizational security measures to protect your personal data. Any natural or legal person, whether internal or external to DrData, who is authorized by the latter to access your personal data, within the framework of the contractual relations established for the services provided by the Website, is required to comply with this Policy. Sensitive personal data provided by the User may be subject to additional specific protection measures in accordance with the legal and regulatory requirements in force.


DrData retains your personal data for as long as is necessary for the operations for which it was collected and in compliance with the regulations in force. Thus, data relating to Users is kept for the duration of the contractual relationship, plus three (3) years for promotion and prospecting purposes, without prejudice to retention obligations or limitation periods. Data relating to prospective customers is kept for a period of three (3) years from the last incoming contact with DrData.


Personal data collected via this website is hosted by our service providers within the European Union. As part of the management and operation of our Site, our service providers may transfer personal data to the United States for the purposes of maintenance and service improvement. Since July 10, 2023, the United States is considered to have an adequate level of protection for personal data, by the European Commission. More specifically, organizations located in the USA must publicly declare their commitment to comply with the new personal data protection framework to the US Department of Commerce. Once entities are registered on the list of certified organizations, they can receive and process personal data from European citizens without the need for additional data protection guarantees. The service providers we use are on the list of certified organizations. They are therefore obliged to comply with the personal data protection framework in force between the European Union and the United States. Personal data collected from Users will not be transferred, whether free of charge or in return for payment, nor will it be shared with or communicated to third parties, except as provided for in this Policy. In fact, personal data may be shared with third parties acting on behalf of DrData in the context of a specific data processing purpose to meet particular legal or regulatory requirements, or in the context of subcontracting or the supply of services necessary for the operation, evaluation and marketing of the site and its platforms by an external service provider. In such cases, all third parties are obliged to approve and strictly apply this Policy. This obligation is stipulated in the contracts binding these third parties to DrData. In the event of the sale of all or part of DrData, personal data may be assigned or transferred to the purchaser or assignee, provided that the processing of such data complies with this Policy. The personal data collected may be communicated to third parties in the event of a legal obligation imposed on DrData by law, regulation, government text or court order. This communication may also be necessary in the context of an investigation, in particular a criminal investigation, on French territory or abroad.


A "cookie" is a small data file sent to the user's browser and stored on the user's terminal (e.g. computer, smartphone), (hereinafter "Cookies"). This file includes information such as the user's domain name, the user's Internet service provider, the user's operating system, and the date and time of access. Cookies are in no way likely to damage the user's terminal.You can refuse cookies (except those necessary for the proper operation of the Website) by unchecking the boxes on the banner provided for this purpose. If you accept the deposit of cookies, your consent will be valid for thirteen (13) months from the date of registration. There are 4 cookies on the Website, which are necessary for its proper operation :

rc::a Distinguishing between humans and robots Persistent
rc::c Distinguishing between humans and robots Until the end of the session
CookieConsent Store the user's permission to use cookies for the current domain 1 year
PHPSESSID Maintain user settings through page requests Until the end of the session

There are also two statistical cookies on the Site which help us to understand how users interact with the Website. You are free to decide whether or not to accept these statistical cookies. If you agree, the following data will be collected and processed:

  • your partially anonymized IP address, with the last components removed so as not to identify you and therefore not to collect any geographical information;
  • the date and time of the request;
  • the title and URL of the web page consulted and the one consulted before;
  • the time in the user's time zone;
  • files clicked and downloaded;
  • links to external domains clicked (outlink);
  • web page generation time;
  • information relating to your browsing device (type of device, screen resolution, operating system, web browser and main browser language).

_pk_id# Gather site traffic statistics (number of visits, average time spent, pages viewed) 1 year
_pk_ses# Track visitor page requests during the session 1 day

In order to measure traffic and performance and generate statistics, we use an audience measurement tool that respects your personal data and your rights, Matomo, a tool recommended by the CNIL, for which you can consult the confidentiality Policy here.


In accordance with the French Data Protection Act of January 6, 1978, as amended, and the European Regulation on the protection of personal data of April 27, 2016, except where restricted, your data rights are as follows:

  • Right of access: the right to be informed and to request access to the personal data that DrData processes;
  • Right of rectification: the right to ask for personal data to be amended or updated if it is inaccurate or incomplete;
  • Right to erasure (right to be forgotten): the right to request the permanent deletion of personal data processed for the purposes described in this Policy, in compliance with our legal data retention obligations;
  • Right to restrict processing: the right to request that the processing of all or part of personal data be temporarily or permanently discontinued;
  • Right to object: the right to refuse the processing of personal data at any time, in compliance with our legal obligations;
  • Right to data portability: the right to request a copy of personal data in electronic format and the right to transmit this personal data for use by a third-party service;
  • Right not to be subjected to automated decision-making: the right not to be subjected to a decision based solely on automated decision-making, including profiling, where the decision would have a legal effect on you or produce a similar significant effect.

You can also inform us of your wish to define the fate of your personal data after your death. In such cases, we undertake to comply with the terms and conditions governing the processing of personal data within the limits of applicable legal obligations. In the absence of specific instructions from you, we undertake to destroy the personal data concerned, unless its retention is necessary for evidentiary purposes or to meet a legal obligation.


If you have any queries or requests concerning the application of this Policy or our personal data collection or processing practices, or if you wish to exercise your rights, please contact us using the following details:

In the event of a complaint, you may refer the matter to the French supervisory authority responsible for compliance with personal data protection rules, the Commission Nationale de l'Informatique et des Libertés (CNIL) :

  • By internet :
  • By post : CNIL, 3 Place du Fontenoy TSA 80715, 75334 Paris, Cedex 07