Last updated : June 7, 2021
We collect and process your personal data in compliance with applicable laws and regulations and in particular with French Law No. 78-17 of January 6, 1978, known as "Informatique et Libertés" and the General Data Protection Regulation No. 2016/79 of April 27, 2016.
The entities responsible for collecting and processing your personal data are BUFU, Inc., a Delaware corporation having its registered office at 651 N Broad St, Suite 206, Middletown, DE 19709 United States of America, and its subsidiary BUFU S.A.S., a French société par actions simplifiée, with a share capital of EUR 1,000, its registered office at 5 avenue du Général De Gaulle, 94160 Saint-Mandé, France, registered with the Trade and Companies Register of Créteil under number 890 556 368.
Contact details :
651 N Broad St, Suite 206
Middletown, DE 19709
United States of America
5 avenue du Général De Gaulle
Personal data means any data that enables a natural person to be identified, directly or indirectly (the "Personal Data").
The Company will collect some Personal Data including but not limited to :
Information about the user's identity: surname, first names, day and month of birth, telephone number, profile picture, biography;
Information about the user's professional activity: days worked, days off, place of work, job position;
Registration information allowing the person to use the Services: email, password, IP address, credit card information;
Information fields marked with an asterisk are required fields.
You can always refuse to complete these required fields, in which case we will inform you of the consequences of this refusal.
Personal Data is collected directly by the Company, in particular when you use the Services and when you contact the Company.
Your Personal Data is collected for example when you :
Your Personal Data is collected in order for us to :
The Company will only collect Personal Data that is adequate, relevant and strictly necessary for these purposes.
The following persons will have access to some of your Personal Data :
Persons working within the Company or for the Company (managers, employees, interns, freelancers);
The Company's subcontractors (Website host, CRM, cloud platform, payment platform, plugins, HRIS, etc.) such as AWS (Amazon Web Services), Stripe, Intercom, Tableau and Amplitude;
If applicable, accountants, lawyers, auditors, court officers, public bodies, ministerial officers and bodies responsible for debt collection.
The Website is hosted by AWS in the United States.
Furthermore, depending on the subcontractors, some Personal Data can be transferred outside the European Union.
The transfer of your Personal Data outside the European Union, if any, is secured as follows:
The country outside the European Union has been deemed to offer an adequate level of protection by a decision of the European Commission;
The transfer of your Personal Data in this context is secured by means of a specific contract governing the transfer of your data outside the European Union, based on the standard contractual clauses between a data controller and a data processor approved by the European Commission, adapted to the specificities of the transfers implemented for the needs of each of the services provided by our data processors.
Personal Data will be kept for the period of time necessary to fulfill the purposes set forth in section 3 above.
Personal Data related to sending you information will be deleted three (3) years after you unsubscribe from our mailing list.
Personal Data related to the provision of the Services will be deleted five (5) years after you unsubscribe from the Services.
Information collected via Cookies used by the Company is kept for thirteen (13) months.
The Company undertakes to take all useful precautions, organizational and technical measures appropriate to preserve the security, integrity and confidentiality of your Personal Data and in particular to avoid their destruction, loss, theft, alteration or unauthorized access.
In order to reinforce the security of your Personal Data, we invite you to choose a complex password and to take all precautions to keep it secret, to log out after each session, to avoid logging in on a computer that does not belong to you, and to avoid logging in to your account via a public wifi network.
We do not support Do Not Track ("DNT"). Do Not Track is a preference you can set in your web browser to inform websites that you do not want to be tracked.
You can enable or disable Do Not Track by visiting the preferences or settings page of your web browser.
Cookies are small text files which are downloaded to your computer, tablet or mobile phone when you visit a website or application.
Generally, cookies are very useful and are a common method used by almost every website you visit because they help to make your online experience as smooth as possible.
Cookies have multiple uses: security reasons, remembering information that you have entered on the Website (products chosen, language, etc.), statistical or advertising purposes, etc.
Functional cookies are used to facilitate your browsing experience and provide you with functional features. A functional cookie may be used, for instance, to remember the information you entered in a sign-up form, language preferences and to improve the performance and security of the Services.
We use Amplitude Cookies that enable us to measure the number of visits to our Website, the number of page views, and user's activity on the Website.
When you first visit the Website, a Cookies banner will appear and will allow you to refuse or accept all or part of the Cookies, with the exception of functional Cookies that do not require your prior consent.
No Cookies that do require your prior consent will be deposited until you have given your consent.
Your choices will be retained for a period of six (6) months. At the end of this period, your consent will again be required.
You can change your choices at any time by clicking on the "Cookies" link in the footer of the Website.
It is also possible to set your browser to accept or reject certain Cookies.
Each browser has different settings.
You can go to the following page to obtain more information : here
You have the following rights regarding your Personal Data:
Right to information: the right to obtain clear information about the use of your Personal Data and your rights;
Right of access: the right to obtain your Personal Data;
Right to object: right to object to the use of your Personal Data;
Right of rectification: right to rectify inaccurate or incomplete Personal Data;
Right of limitation: right to request to freeze the use of one\'s Personal Data for a certain period of time;
Right to portability: the right to receive one\'s Personal Data in a readable format and to request their transfer to the recipient of one\'s choice;
Right to be forgotten: the right to request the deletion of Personal Data and to prohibit any future collection of Personal Data;
Right to send a complaint to the Commission Nationale de l\'Informatique et des
des Libertés (CNIL);
Right to define instructions after your death: the right to define instructions concerning the conservation, deletion and communication of your Personal Data after your death.
These instructions can be general, i.e. they concern all of your Personal Information. In this case, they must be transmitted to a trusted digital third party certified by the CNIL.
These directives may be specific, i.e. they relate only to your Personal Data processed by the Company. In this case, they must be transmitted to the Company.
You may change or revoke your instructions at any time.
For any additional information, do not hesitate to go on the website of the CNIL.
To exercise your rights, you can contact the Company at the following e-mail address contact\@at.cafe and provide a photocopy of your identity card with your signature.
To exercise your right to send a complaint to the CNIL, you can contact the CNIL on its website or by mail at the following address :
CNIL - Service des Plaintes
3 Place de Fontenoy - TSA 80715
75334 PARIS CEDEX 07