Data Protection & GDPR Compliance

Last updated: February 20, 2026

1. Introduction

Edware is committed to protecting your personal data and ensuring compliance with data protection regulations, including the General Data Protection Regulation (GDPR) and other applicable privacy laws.

This document outlines our data protection practices, your rights as a data subject, and how we ensure the security and privacy of your information.

2. Data Controller Information

Data Controller: Edware

Address: [Your Address]

Email: privacy@edware.fr

Phone: [Your Phone Number]

Data Protection Officer: [DPO Name] - dpo@edware.fr

3. Legal Basis for Processing

We process your personal data based on the following legal grounds:

3.1 Contract Performance

Processing is necessary for the performance of our contract with you to provide the EDS Training Platform services.

3.2 Legitimate Interests

Processing is necessary for our legitimate interests in:

  • Providing and improving our services
  • Ensuring security and preventing fraud
  • Communicating important service updates
  • Analyzing usage patterns to enhance user experience

3.3 Consent

For certain processing activities, we rely on your explicit consent, which you can withdraw at any time.

3.4 Legal Obligations

Processing may be necessary to comply with legal obligations, such as tax requirements or regulatory compliance.

4. Categories of Personal Data

4.1 Identity and Contact Data

  • Name, email address, phone number
  • Username and account credentials
  • Professional information (job title, organization)
  • Profile information and preferences

4.2 Usage and Technical Data

  • Login and access logs
  • Training progress and completion data
  • System performance and error logs
  • Device information and browser data
  • IP addresses and location data

4.3 Training and Performance Data

  • Course enrollment and completion records
  • Assessment scores and progress tracking
  • Performance objectives and achievements
  • Workspace activities and collaborations

5. Data Processing Purposes

We process your personal data for the following purposes:

  • Service Provision: To provide, maintain, and improve our training platform
  • Account Management: To create and manage your user account
  • Training Delivery: To deliver training content and track progress
  • Communication: To send important service updates and notifications
  • Security: To ensure platform security and prevent unauthorized access
  • Analytics: To analyze usage patterns and improve user experience
  • Compliance: To meet legal and regulatory requirements

6. Data Sharing and Transfers

6.1 Internal Sharing

Your data may be shared internally among authorized personnel for service delivery and support purposes.

6.2 Third-Party Service Providers

We may share data with trusted third-party service providers who assist us in:

  • Hosting and infrastructure services
  • Database management and backup
  • Analytics and monitoring tools
  • Customer support and communication services

6.3 Legal Requirements

We may disclose your data if required by law or to protect our rights, property, or safety.

6.4 International Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure appropriate safeguards are in place through:

  • Standard contractual clauses
  • Adequacy decisions
  • Other approved transfer mechanisms

7. Data Security Measures

We implement comprehensive security measures to protect your personal data:

7.1 Technical Security

  • Encryption of data in transit (TLS/SSL) and at rest
  • Multi-factor authentication and access controls
  • Regular security assessments and penetration testing
  • Secure data centers with physical security measures
  • Network security and intrusion detection systems

7.2 Organizational Security

  • Employee training on data protection and security
  • Access controls and role-based permissions
  • Regular security audits and compliance reviews
  • Incident response and breach notification procedures

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy:

8.1 Retention Periods

  • Account Data: Retained while your account is active and for 7 years after deactivation
  • Training Records: Retained for 10 years for compliance and certification purposes
  • Log Data: Retained for 2 years for security and troubleshooting
  • Analytics Data: Retained for 3 years for service improvement

8.2 Data Deletion

When data is no longer needed, we securely delete or anonymize it in accordance with our data retention policies.

9. Your Data Protection Rights

Under GDPR and other applicable data protection laws, you have the following rights:

9.1 Right of Access

You can request a copy of your personal data and information about how we process it.

9.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

9.3 Right to Erasure

You can request deletion of your personal data in certain circumstances.

9.4 Right to Restrict Processing

You can request limitation of how we process your personal data.

9.5 Right to Data Portability

You can request transfer of your personal data to another service provider.

9.6 Right to Object

You can object to certain types of processing, including direct marketing.

9.7 Right to Withdraw Consent

Where processing is based on consent, you can withdraw consent at any time.

9.8 Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority.

10. Exercising Your Rights

To exercise your data protection rights, please contact us:

Email: privacy@edware.fr

Data Subject Request Form: Available in your account settings

Response Time: We will respond to your request within 30 days

We may need to verify your identity before processing certain requests.

11. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze service usage:

11.1 Types of Cookies

  • Essential Cookies: Required for basic service functionality
  • Performance Cookies: Help us understand how you use the service
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Provide insights into service usage patterns

11.2 Cookie Management

You can control cookie settings through your browser preferences or our cookie consent management system.

12. Data Breach Notification

In the event of a data breach that poses a risk to your rights and freedoms, we will:

  • Notify the relevant data protection authority within 72 hours
  • Inform affected individuals without undue delay
  • Document the breach and our response measures
  • Take immediate steps to contain and remediate the breach

13. Updates to This Policy

We may update this Data Protection Policy from time to time to reflect:

  • Changes in our data processing practices
  • Updates to applicable laws and regulations
  • Improvements in our security measures
  • Feedback from users and stakeholders

We will notify you of any material changes through the service or by email.

14. Contact Information

For questions about data protection or to exercise your rights, please contact us:

General Privacy Inquiries: privacy@edware.fr

Data Protection Officer: dpo@edware.fr

Data Subject Requests: privacy@edware.fr

Security Incidents: security@edware.fr

← Back to Login Privacy Policy Terms of Service