Plato helps engineering and product leaders to learn soft skills and build better teams. We do this through our powerful mentoring platform, where new leaders connect with seasoned professionals for 1-1 sessions, AMAs, and a comprehensive knowledge base.
Plato services are developed and marketed by Birdly,inc, a company with Head Office located at 303 2nd Street, San Francisco, Ca. in the United States of America and that has secondary offices at 46-48, avenue de la Grande Armée, Paris, France. Learn more at: www.platohq.com.
Your privacy and your personal data are of paramount importance to us. At Plato we have fundamental principles regarding the confidentiality and protection of personal data.
We only ask or process your personal information if it is essential or if you have given us your consent to do so. We do not share your personal data with anyone except to comply with the law, to assist you or to protect our rights or if you have given us your explicit consent to do so
You will find below our data use and confidentiality policy which incorporates these principles.
Plato's policy respects the confidentiality of information that we may collect in the context of the operation of our websites and applications and the processing of orders that you place with our company. Plato undertakes, within the framework of its activities and in accordance with the current legislation in the United States and in Europe, to ensure the protection, confidentiality and security of the personal data of the users of its services, as well as to respect their privacy.
To make it easier to read, this Policy has been crafted at two levels: the main text flow is legally-binding ("legal text") and "In a nutshell" frames, with text in italics, are non-binding. Our purpose in doing so is to help you have a better understanding of what we mean, how your data is processed, what you can expect from us and what we may expect from you.
In a nutshell: We have written these texts “in a nutshell” so that you can better understand our practices. However, the text to be takenbe taken nto account, if necessary, is that written outside the “in a nutshell” inserts.
In a nutshell : By continuing to visit the site, by providing data to order, using the application or creating an account, you acknowledge that you have read and accepted this policy.
1 - Data controller
Plato is responsible for the processing of personal data that it implements on its own behalf, in particular the processing of personal data relating to the management of access to its services, its contractual relations with its customers and its legitimate interests, in particular prevention of fraud, and management of payment incidents, disputes and litigation. In this context, Plato has completed all the necessary administrative formalities with the competent authorities. We comply with all effective laws and regulations pertaining to the protection of personal data in the countries where it operates, including in particular but not limited to:
- California Consumer Privacy Act (referred to as “CCPA”) of 2018, on privacy rights and consumer protection, effective on January 1, 2020, and later amended and expanded by the California Privacy Rights Act of November 2020
- European Directive No. 95/46 / EC of 24 October 1995 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such data;
- from May 25, 2018, European regulation 2016/679 of April 27, 2016 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such data, and repealing Directive 95 / 46 / EC (General Data Protection Regulation, often referred to as “GDPR”);
- French law n ° 78-17 of January 6, 1978 relating to data processing, files and freedoms and its developments.
In a nutshell : We are responsible for the data you entrust to us for the processing we carry out on our behalf. We give out our contact details so that you can contact us. We have abode by the regulations.
2 - Subcontractor
Likewise, as a subcontractor (a “processor” with regards to GDPR terminology and a “service provider” with regards to CCPA terminology) for our customers using the Plato application via https://www.platohq.com/app, we have completed all the necessary administrative formalities vis-à-vis the competent authorities, in particular the California Consumer Privacy Act (referred to as “CCPA”) of 2018, on privacy rights and consumer protection, effective on January 1, 2020, and later amended and expanded by the California Privacy Rights Act of November 2020 and the European regulation 2016/679 of April 27 2016 on the protection of individuals with regard to the Processing of Personal Data (general data protection regulation, often called GDPR) and on the free movement of such data, and repealing Directive 95/46 / EC.
It should be noted that documents and recordings deposited within the application are encrypted with strong ciphers. The owner of a subscription to Plato can explicitly grant access to some of the data that they have provided and stored in the application, in particular to employees, service providers or partners, various stakeholders, as well as to Plato teams and in particular for technical support purposes.
In any case, it is Plato's client that decides to store personal data, which are theirs, within Plato and to grant access to their data and that has full control over them, including with regard to the documents and recordings deposited therein, which only the persons to whom they has given access may access for consultation.
Each user of the Plato application, whether a subscriber of a subscription or invited by a subscriber, is responsible for the data he/she provides within the application and as such is responsible for providing data that he/she has collected in accordance with regulations.
In a nutshell : Plato users are responsible for the data they provide and which is processed within the Plato application which performs processing on behalf of Plato customers.
3 - Purpose
3.1 As Data controller
Plato processes the personal data concerning you within the framework of the contractual or pre-contractual relationship which binds you to Plato or within the framework of the legitimate interest that Plato has to process your personal data or when you have given your consent for us to process your personal data.
A contractual relationship, governed by our Terms of Service and / or Use, exists when you have placed an order with Plato for the use of our application, when you have made a request to our after-sales service or when you have requested to be put in touch with a professional from our customer service. A pre-contractual relationship exists when you have expressed an explicit interest in an offer or a Plato product, in particular when you have requested information or a quote concerning one or several of our offers or products or when a user account has been created (even when it has not been ordered).
The processing of personal data by Plato pursues such legitimate interests as one or more of the following:
- Provide, maintain, and improve the Services, including the quality of the mentoring;
- Provide and deliver the products and services you request, process transactions, and send you related information;
- Verify your identity and, if applicable, authorization for you to use the Services (such as from your employer);
- Respond to your comments, questions, and requests;
- Send you technical notices and other administrative messages;
- Communicate with you about products, services, offers, promotions, rewards, and events offered by us or others, and provide news and information we think will be of interest to you;
- Monitor and analyze trends, usage, and activities in connection with the Services;
- Conduct research, analysis, and surveys;
- Personalize and improve the Services and provide content or features that match user profiles or interests;
- Link or combine with information we get from others in connection with the Services;
- Carry out any other purpose for which the information was collected.
Plato also has a legitimate interest in ensuring the commercial success of its offers and services and in providing offers and services that can contribute to its overall commercial success. Our company also has a legitimate interest in identifying the people best able to fill vacant positions within our departments.
In a nutshell : When you entrust us with your data for a specific purpose (creation of your account, mentoring processes, question, etc.) we process this data so that this purpose is achieved. We may also process some of your data to carry out analysis and studies in order to improve our Services, to prospect or retain our customers and to resolve disputes. For all this, we need personal data. Other personal data is processed only if you have consented to it.
3.2 As subcontractor
The Plato application allows Plato clients to perform treatments that pursue at least one of the following objectives:
- Creating and maintaining their user profile
- Creating and maintaining their team
- Bringing together engineer and product leaders and seasoned professionals
- Requesting a 1-1 session or an AMA
- Assigning scheduling slots to a 1-1 session or an AMA
- Conducting a 1-1 session or an AMA
- Creating feedback
Plato may also use its expertise to carry out studies and analysis of the use of the site, in particular for the purposes of establishing indicators, revealing trends, carrying out treatments for predictive purposes, offering new services, as well as improving its productivity and that of Users.
In a nutshell : When you use the Plato application, you and we have certain obligations and responsibilities which, where applicable, are detailed in the TOS and TOU of the application. The Application is intended to render certain services to Plato customers, that retain control over the data they provide or that is provided by users of the Application created by those customers.
4 - Data Protection Officier
The Data Protection Officer is Yves Gattegno, SysStreaming SAS, located at 34, rue de l'Orme sec in L’Haÿ-les-Roses (F94240), France for Plato, 303 2nd Street in San Fransisco, California, United States of America. He or the service responsible to deal with requests related to privacy and personal data usage may be contacted at the email address email@example.com
5 - Retention period of personal data
The personal data collected by Plato are kept only for the time necessary to accomplish the objective that was pursued during the collection or to meet legal and regulatory provisions.
More specifically, the following data retention periods are:
- Data collected when taking out a subscription and during the term of the subscription: during the term of the contractual commitment and up to 12 months after the end of a contract (intermediate archiving according to legal and regulatory obligations and responsibilities, for tax and business related data only, up to 10 years after the end of the business relationship)
- Data collected during mentoring contacts, 1-1 sessions and AMAs: during the term of the contractual commitment and up to 60 days after its end.
- Connection data collected as part of the use of our web site or web application: depending on the solution, based on logs retention that are replaced / overwritten based on the storage space they use. Usually, these data are not kept for more than 2 months.
In a nutshell : We do not keep your data longer than necessary or required by law. For example, some laws require you to keep invoices for your orders for 10 years.
6 - Scope of data collected
For the purposes of using the Services, we may need to collect and process the following personal data:
- When you use Plato, we process the following data :
- First name
- Last name
- Email address
- Company name
- Phone number (optional)
- Years in current position
- Years of management experience
- Team size
- Linkedin profile URL
- Profile picture (optional)
- Location (City, Country code)
- Meeting recordings*
- Information Collected by Cookies and Other Tracking Technologies: We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files stored in device memory that help us to improve the Services and your experience, see which areas and features of the Services are popular, and count visits. We may also collect information using web beacons (also known as "tracking pixels"). Web beacons are electronic images that may be used in the Services or emails and help deliver cookies, count visits, understand usage and campaign effectiveness, and determine whether an email has been opened and acted upon. See section 12. Trackers and Cookies
- We may also obtain information from other sources and combine that with information we collect through the Services. For example, we may collect information about you from third parties that provide services on our behalf, such as maintaining and monitoring usage of the Services and processing payment transactions. We also may receive information about you from the mentors with whom you interact through the Services.
- The Services are designed to allow you to upload documents or to record videos. Said documents or videos may contain personal data about you or about anyone else. Plato has no way to determine what such data may be. You are of course the sole responsible for the data you store within Plato’s app.
Connection data is also collected and processed, in particular the IP address used for the connection: this is necessary to be able to use the application or web site, to assist you, for the implementation of our security measures, and to satisfy our legal constraints, in particular with regard to concerns the traceability of access and use.
In a nutshell : We need your contact details to process your order, create your user account, contact you and process your applications, and login data to assist you and fulfill our obligations, in particular with regard to traceability.
The data processed to create and manage your access to the Plato application include a username and password. The username is an email address.
- The App will not use this data for serving advertisements.
- The App will not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes such as investigating abuse, to comply with applicable law, or for the App's internal operations and even then only when the data have been aggregated and anonymized.
You must never share any data related to your account to log into the Services with anyone, including your login ID and password. We recommend that you use a unique password for your account (password that is not associated with other websites). We recommend that you check your account regularly to ensure that your data has not been altered or modified. You guarantee Plato against any claims, claims or demands of third parties that would invoke a violation of their rights, as a result of the use of the Services made by you. You acknowledge that any use of the Services with your identification elements is presumed to be made by you and will be attributed to you.
In a nutshell : The confidentiality of your information is your responsibility as well. Do not share your credentials. Take care of the passwords you create and create unique and difficult-to-guess passwords.
6.1 Locations and categories of processing
The categories of processing that Plato is likely to carry out on personal data are: collection, access, modification, hosting, storage, transmission, archiving and deletion.
The processing that Plato is likely to carry out on personal data is carried out in data centers hosted by its service providers. Most of the processing directly under the control of Plato is carried out in the United States of America. Some processing is carried out by Plato’s sub-processors, which can take place in various locations.
Plato makes its best to work with service providers, suppliers, sub-processors and subcontractors that carry out processing in the United States of America or in the European Union or in a country on the list of countries recognized as suitable by having given the necessary guarantees (for example by adopting programs such as Privacy Shield, or by setting up Binding Company Rules (BCR), Standard Contractual Clauses, Data Processing Agreements, etc.). Were it not the case, the contractual relationship between Plato and such third parties would require the implementation of appropriate guarantees. Plato works with third parties whose data protection agreements comply with the standard contractual clauses of the European Commission and / or which give all the necessary guarantees.
In all cases, and in particular would regulations evolve, Plato takes all the necessary measures to regulate cross-border data transfers and establishes, when necessary, data protection agreements (DPAs) to guarantee data transfers in accordance with the legislation in force, in particular under the provisions of the CCPA and Article 46 of the GDPR.
In a nutshell : The data you have entrusted to us are processed in the US or in a country whose law requires respect for the basic principles of loyalty, transparency and confidentiality, or by a service provider which gave all the guarantees necessary for you to be reassured.
6.2 Recipients of processed data
Plato may possibly transmit the personal data that you have provided or that it has collected to its employees, service providers or affiliated organizations which need to be aware of this information in order to process it on behalf of Plato or to provide services for the purposes mentioned above, and which have agreed not to disclose them to third parties.
These potential recipients may be companies that provide:
- Platform as a Service
- Chat services
- Office automation, communication and digital resource usage analysis services
- Analysis services for the use of Plato Solutions and Services
- Email sending and management services
Plato may also use the services of providers that provide accounting, emailing, marketing agency, companies specializing in research and analysis, as well as satisfaction surveys, which may need to use personal data concerning you to carry out our missions or the missions that you have entrusted to us.
A complete list of Plato’s sub-processors may be obtained on demand.
Plato will not rent or sell personal data to third parties. Apart from its employees, contractors, and affiliated organizations, as indicated above, Plato only discloses personal data in the event of a subpoena, court order or other governmental order, or when Plato believes that this disclosure is necessary to protect the property or rights of Plato, a third party or the general public.
If you are a registered user on a Plato site or have an access to the Services and have provided your email address and have consented to receive communications from Plato, Plato may occasionally send you an email to notify you of new features, to ask for your opinion or keep you informed of news from Plato and its offers. We can also use our various blogs to communicate this type of information, in particular in order to limit the number of emails.
Plato takes all reasonable and necessary measures to protect your personal data against unauthorized access, use, modification or destruction of personal (or potentially personal) data.
In a nutshell : The data you have entrusted to us will only be transmitted if absolutely necessary or if you have given us permission to do so. The recipients of your data, including us, give all the necessary guarantees so that you are reassured.
6.2.1 Transfer of processed data to third parties
The data that you provide or that are collected by Plato or on its behalf are not transmitted to third parties, except, potentially, to the recipients mentioned in Article 6.2.
In a nutshell : We do not transmit your data, except in the cases that we have already mentioned.
6.3 Transfer of data to a third country outside of the United States or the European Union
Some of the data that you provide or that is collected by Plato or on its behalf may be transmitted to third parties operating outside the European Union. These third parties, mentioned in section 6.2 have all adhered to the Privacy Shield program and / or have given the necessary guarantees for the protection of personal data.
In a nutshell : We do not transmit your data, except in the cases that we have already mentioned. When we transmit them, it is to service providers that operate in a country whose law requires compliance with the basic principles of loyalty, transparency and , transparency and confidentiality, or to service providers that give all the guarantees necessary for you to be reassured.
6.4 Business development
If you are a registered end user of Plato’s application and have provided your email address or mobile number and consented to receive our communications, or if you have previously ordered from us, Plato may send you emails or texts to let you take advantage of our offers, announce new features, ask for your opinion or simply keep you informed of news from Plato and its offers. You always have the possibility to oppose any prospecting of this type, by contacting us using the “Contact Us” link on our website, by land mail to the above addresses or by telephone to the number you provided when establishing your relationship with Plato.
All digital communication for commercial or information purposes from Plato (email, text message, etc.) contain a link or instructions to object to future similar communications.
In a nutshell : If you have provided us with your email address or mobile number and have given us permission to do so or are a customer of ours, and if you have not objected, we may send you informational or promotional emails and text messages. You can refuse to receive such emails and text messages at any time.
7 - Exercising your right of access, correction and opposition
As a customer or user of our Services, websites and web applications, you have the right:
- To request that the processed data concerning you be erased from our files. This is called the right to be forgotten. If you exercise your right to be forgotten, and you have access to a user account on Plato Services, this access will then be suspended since your username will be deleted from our files. We cannot erase your data as long as there is an order in progress which is intended for you and which has neither been fully processed nor canceled or as long as there is a dispute between you and us or, more generally, as long as that we need your data to perform a contract or fulfill one of our obligations, including keeping some data in intermediate archiving as so to protect Plato, its users and customers from future disputes.
- To object to the collection and processing of data concerning you when it is not strictly necessary. If you are a client or user of the Plato Services, your email address is necessary for us to send you information, confirmation emails, password recovery or activation emails, to access the application, etc.
- To access and retrieve the data collected about you in a standard electronic format;
- To modify your data, in particular by yourself by editing the data in your user account;
- To request a limitation of their processing - for example by refusing any use for prospecting purposes;
These rights can be exercised by sending by contacting us at the contact details mentioned above or available on our website.
You also have the right to lodge a complaint with a supervisory authority and to lodge a judicial appeal, in particular if your requests for the exercise of rights have not been processed within one month after they have been received. were introduced.
In a nutshell : You have control over the data you have entrusted to us. You can consult them, rectify them, ask that they be erased or that they are used only for certain things and not for others, for example that they are not used to send you information or commercial offers. Whenever possible, we will do our best to accommodate your requests as quickly as possible.
8 - Data storage in the event of death
You can formulate directives relating to the storage, erasure and communication of your personal data after your death in accordance with articles 84 and 85 of law 78-17 of 6 January 1978 as amended. These guidelines can be general or specific.
You can formulate your advance directives by contacting through our website.
In a nutshell : You have control over the data you have entrusted to us and you can give us instructions that will be applied after your death, if we still have data about you at that time, which we hope will be as late as possible. For example, you can ask us to erase your data or to send it to a specific person.
9 - Data security
Plato takes all reasonable and necessary measures to protect the processed data against unauthorized access, use, modification or destruction of personal (or potentially personal) data.
In a nutshell : The data that you entrust to us or that you provide during your use of the Plato application is treated with care and we take many measures to protect and cherish it. For example, we encrypt your data on networks and on storage means, we only give access to this data to people who need this access, we monitor the computers that store and process it, we carry out regular backups, etc.
We have commitments relating to the security of our services and we have put in place physical, administrative and technical measures to prevent unauthorized access to your data. Our security policies cover security management for internal operations and our services. These policies govern all areas of security applicable to the Services and apply to all Plato employees as well as our service providers and contractors which need to have access to this data.
In a nutshell : We are very concerned about the security of the data that you entrust to us
We quickly assess and respond to incidents that create suspicion of unauthorized data manipulation. Our teams, including the global information security team, are informed of these incidents and, depending on the nature of the activity, define the processes and intervention methods to deal with the incidents. If we determine that your data has been misappropriated or otherwise incorrectly acquired by a third party, we will inform you as soon as possible, as well as the supervisory authority (e.g. the CNIL in France).
In a nutshell: Our teams monitor and supervise all suspicious activity and are mobilized to ensure that there is as little as possible
10 - Subcontracting
Plato only uses subcontractors that provide sufficient guarantees as to the implementation of appropriate technical and organizational measures so that the processing meets the requirements of European/Californian regulations and guarantees the protection of the rights of the data subject.
In a nutshell : When we need subcontractors, for example to host your data or process your orders, we only choose subcontractors who have given us sufficient guarantees for you and us to be reassured
11 - Asset disposal
In a nutshell : If our company is sold or passed on, your data will be passed on to the new processor, as it is one of our most valuable assets. But we guarantee that this data will then be processed at least as well by their new processor as by us.
12 - Trackers and cookies
We use various technologies to collect information, and this may include sending cookies to your computer or mobile device. Cookies are small data files stored in device memory that help us to improve the Services and your experience, see which areas and features of the Services are popular, and count visits. We may also collect information using web beacons (also known as "tracking pixels"). Web beacons are electronic images that may be used in the Services or emails and help deliver cookies, count visits, understand usage and campaign effectiveness, and determine whether an email has been opened and acted upon.
13 - Advertising
We do not display advertising on our sites.
In a nutshell : We can make changes to the way we treat your data, with a level of security that will be at least equivalent to that presented in this policy. These changes are mostly minor and only if necessary will we burden you with asking you to accept the policy again , but we do appreciate that you read from time to time the policy that applies. And remember that if ever you do not or no longer agree with our policy, or if you have a question, or if you want to exercise any of your rights, you just have to contact us through our website.