PRIVACY & PERSONAL DATA PROTECTION POLICY

3.1 Convertr as Data Controller for its own processing

Convertr acts as a data controller for processing related to:

• the management of the convertr.fr website;
• contact, demonstration, or information requests;
• management of Customer accounts and platform accesses;
• contractual and administrative relationships;
• billing;
• support;
• security;
• abuse prevention;
• and the overall technical functioning of the service.

3.2 Convertr as Data Processor for Customer Data

When the Convertr solution is used by a Customer to process lead, prospect, or end-client data as part of their campaigns, pipeline, communications, automations, or business operations, the Customer acts as the data controller and Convertr intervenes as the data processor, under documented instructions and within the limits set out by applicable contractual documentation, in particular the DPA.

This covers in particular:

• prospect data imported, collected, or synchronized by the Customer;
• call and SMS data;
• metadata associated with communications;
• textual call transcriptions;
• summaries, tags, statuses, and qualification or scoring elements, according to configuration;
• reporting data or campaign attribution when the Customer connects their own services or accounts.

In this context, Convertr may resort to technical or operational providers functioning as sub-processors, under the terms outlined in the relevant contractual documentation.

3.3 Practical Consequence

If you are a Convertr Customer, you exercise your rights with Convertr for processing for which Convertr is responsible.

If you are a prospect, lead, or end-client contacted by a Customer utilizing Convertr, you primarily exercise your rights with this Customer, who remains the data controller for these operations. Convertr can, to the extent possible, help guide your request.

4.1 The convertr.fr website and requests directed to Convertr

Convertr may process, depending on the case:

• identity and contact data provided via a form, an email, or another contact channel, such as last name, first name, email address, phone number, company, job role, and message;
• technical data required for the website's functioning and security, such as IP address, timestamps, technical logs, information regarding the browser, or the device utilized.

Fields marked as mandatory are required to process the request. Without this, Convertr might be unable to respond to it or follow up appropriately.

4.2 Customer Accounts and platform access

For Customer Accounts, Convertr may process:

• the identity and professional contact details of authorized users;
• account, authentication, authorization, and access history data;
• correspondence relative to support, utilization, or commercial relationship;
• technical and security data, such as logs, login events, IP addresses, or data connected with platform use.

Data strictly necessary for account creation, management, and securing is required. Lacking such data, accessing the platform or utilizing specific features may be impossible.

4.3 Lead / Prospect data processed on behalf of the Customer

Based on the Customer's chosen configurations and activated features, data parsed on their behalf might encompass:

• contact information and coordinates conveyed via the Customer's forms, ad accounts, systems, or tools;
• business data like the source, status, notes, history, appointments, responses, and tracking logs;
• metadata relative to calls and SMS text communications;
• SMS content;
• and, conditional upon enabling related capacities, transcripts from sessions, call summaries, or granular qualification scoring signals.

When executing calls leveraging an automated AI voice agent or performing speech-to-text transcriptions, technically imperative facets enabling service functions—such as ongoing call logistics or transcription algorithms—are invoked strictly per functionality demands.

Compulsory fields or required data subsets dictating collection protocols are formulated exclusively under the Customer's discretion.

4.4 Sensitive Data

The facility inherently prohibits purposive amassing of privileged, categorized sensitive data.

The Customer promises not to orient setups yielding such collections aside from specific judicially protected mandates strictly managed autonomously.

Should sensitive variables unexpectedly surface within organic dialog loops, their retention strictly confines to operational minimal durations abiding purely by technical constraints barring direct purging capability without the Customer's explicit erasure instructions.

4.5 Audio Recordings

Convertr intrinsically abstains from recording baseline call streams by default during launch.

The service focuses principally on metadata parsing alongside text summaries extracted via concurrent processing protocols reliant upon enabled modes.

Implementation of direct audio logging—if rendered active later—necessitates rigorous Customer-solicited approval bearing complete accountability encompassing transparent data-subject forewarning along tightly governed procedural checks dictating lawful retention execution.

5.1 Processing where Convertr is the data controller

Convertr leverages personal data advancing respective goals explicitly listed below:

5.2 Processing conducted per Customer directive

When operating squarely beneath Processor capacities, Convertr addresses respective points directed singularly per Customer commands establishing:

• systematic lead capturing;
• workflow tracking throughout bespoke funnels;
• iterative autonomous routing paths;
• call scheduling, SMS pinging, and parallel dialog tracking;
• speech summarization paired logically atop grading heuristics dependent upon structural activations;
• visual campaign tracking correlating natively interlinked external accounts governed explicitly via Customer provisioning.

Governing mandates linking leads beneath overarching lawful processing guidelines rest definitively solely beneath Customer accountability.

6.1 Possibility of profiling or scoring

The Convertr interface may entail integrated qualification layers pivoting notably via:

• Customer-assigned heuristic filters;
• interaction metrics;
• intermittent AI-guided sorting modules executing logically conditionally.

These practices arguably traverse profiling semantics extracting underlying probabilistic likelihoods gauging interest spans or prioritization metrics defining next transactional phases conditionally.

6.2 Overarching Logic

System scores hinge variably around items encompassing logically:

• baseline coherence bridging product value with customer intent;
• enthusiasm traces expressed tangibly;
• highlighted hindrances limiting immediate progress;
• chronological urgencies;
• variable thoroughness linking extracted properties;
• recorded verbal determinations closing conversations;
• pipeline status tags shifting dynamically.

6.3 Real-World Impact Guidelines

Applying structured grading essentially produces paths resolving precisely either towards:

• routing prioritized prospects upstream efficiently;
• governing conditional triggers orchestrating asynchronous nudges;
• directing schedules reserving tangible conversational gaps effectively.

Crucially at inception, Convertr purposefully bypasses producing unilateral rulings manifesting sweeping judicial constraints directly affecting data subjects unilaterally minus explicit Customer guidance directing the fundamental outcome.

6.4 Accompanying Rights

Prospective end-users interacting beneath explicit Customer umbrellas consistently reserve the fundamental capacity addressing inquiries strictly directed formally toward the primary regulating controller dictating core profiling methodologies intrinsically.

9.1 Hosting and Infrastructure

• Vercel: hosting the convertr.fr website and the app.convertr.fr application.
• Railway: API backend, PostgreSQL database, and Redis cache hosting.

9.2 File Storage

• Cloudflare R2: file, document, and ad creative repository.

9.3 Telephony, SMS, and Voice Agent

• Twilio: SMS infrastructure and associated comms routing dependent upon user activation.
• Retell AI: conversational AI routing processing calls and transcripts strictly bound behind activated configurations.

9.4 Transactional Emails

• Resend: transactional dispatch paths enabling core system updates covering confirmations, summaries, and authentication validations securely.

9.5 AI Models via API (based on activated workflows)

• OpenAI
• Anthropic
• Mistral
• Google Gemini

These AI model APIs integrate logically matching workflows or scripts functionally activated independently by Convertr primarily facilitated locally using secure n8n orchestration frameworks restricting exposure solely driving essential operational utility.

9.6 Customer Ad Integrations

• Meta Ads (Facebook / Instagram Ads): synchronizing campaigns and receiving leads precisely pending specific Customer consent switches.
• Google Ads: ad-campaign monitoring tracing mapped properties actively configured behind explicit Customer toggles.

9.7 Customer Calendar Integrations

• Google Calendar: appointment syncs powered safely via OAuth specifically enacted exclusively upon Customer authorization.
• Microsoft Outlook Calendar / Microsoft Graph: native calendar connecting paths requiring definitive active switching initiated fully by the Customer.

9.8 Internal Technical Tooling

Convertr leverages the n8n engine fundamentally operating privately as a strictly self-hosted internal element.

As an internally operated tool completely localized beneath Convertr's core framework securely, n8n exclusively acts as technical scaffolding and does not inherently reflect independent third-party subprocessor categorizations.

10.1 Principle

Specific providers or active setups predictably incorporate paths potentially transversing boundaries exterior toward the European Economic Area.

Identified pathways fundamentally associate conditionally based around operational engagements traversing entities prominently noted including Vercel, Railway, Twilio, Retell AI, Resend or variable bespoke additions plugged consciously by the Customer.

10.2 Guarantees

Operating pathways tracking personal data exterior toward the EEA structurally demand Convertr rigorously applies corresponding robust defensive frameworks commonly leaning efficiently atop adequate decisions inherently addressing cross-border transfers alongside legally bound supplementary technical or contract-driven mitigations conditionally where absolutely required.

Retained approaches flexibly align tracking:

• provider particularities;
• physical operational mapping;
• deployed system setups;
• specifically requested interactions natively.

10.3 Complementary Details

Further elaborations referencing granular safety mappings securing externalized transfer paths securely remain accessible writing formally addressing: contact@convertr.fr

11.1 Website and Requests

• Queries tracking inquiries matching contact links or demo drives log reliably capping roughly 24 months past finalizing initial resolutions logically;
• Security logs scaling technically generally drop systematically approaching the 12-month boundary barring extraordinary incident demands dictating protracted scrutiny legally.

11.2 Customer Data

• Account matrices mapping overarching operational contracts reside dependably retaining coherence bridging immediate subscription longevity cascading sequentially across restrictive limits addressing lingering litigation potentials legally;
• Crucial financial snapshots addressing invoice trails securely vault firmly retaining baseline data abiding standard state corporate codes formally;
• Support tickets track issues resolving organically extending moderately beyond immediate termination preserving actionable lookup contexts cautiously.

11.3 Data Processed on behalf of the Customer

Minus disparate commands pushing contradictory directions legally or functionally, customary constraints natively bind limits uniformly expressing:

• potential ongoing transcript logs natively terminating roughly capping safely close toward the 6-month standard barring extended retention documentation firmly demanded contextually;
• synopsis records, grading states, chronological checkpoints clearing effectively approaching a 12-month sunset effectively;
• SMS caches natively capping around a similar 12-month horizon logically;
• structural tracing covering systemic pathways mapping equivalently safely targeting analogous 12-month resets;
• snapshot redundancies caching baseline recovery states securely revolving steadily averaging safely toward 60-day loops commonly.

Blocking data targeting previously signaled opt-out constraints logically filters safely preventing persistent outreach attempts seamlessly indefinitely pending explicit user modification reliably.

At contractual expiration, the modalities relating to the restitution, exportation, deletion, anonymization, or limited technical archiving are framed by the applicable contractual documentation, notably the T&Cs and the DPA.

13.1 You are a Convertr Customer or Convertr account user

When Convertr assumes primary controller capacities, inquiries accessing rights traversing access, rectification, erasure, restriction, opposition, and portability (when applicable) track safely routing toward:

contact@convertr.fr

Convertr reserves basic validation verifying reasonable confidence proving identities whenever logically disputable protecting core structural trust explicitly.

13.2 You are a lead, prospect, or end-client processed for a Customer

In this scenario, the Customer independently maintains central controller mandates exclusively.

Invoking foundational rights consequently demands addressing those inquiries addressing the Customer directly firmly.

Should bridging contacts present difficulties tracing the operational origins, attempting inquiries addressing contact@convertr.fr potentially yields guidance reliably aiding discovery minus triggering binding substantive resolutions stretching beyond Convertr's defined processor limitations fundamentally.

13.3 Complaint

You can lodge a formal grievance before the competent regulatory data body practically, such as the CNIL in France.