We believe that privacy is the responsibility of all team members, and we follow policies and practices designed to protect our clients data.
All of our employees undergo mandatory information security awareness training.
In addition, employees are required to abide by TOP’s Code of Conduct and Ethics, adhere to the terms of all company confidentiality agreements, and follow TOP’s policies and procedures.
DATA CENTERS BASED IN ILE DE FRANCE
T.O.P’s physical infrastructure is hosted and managed in Orange Business Services’ data centers located in Ile de France.
Orange Business Services designs and manages the T.O.P infrastructure according to the following standards: ISO 27001, ISO 27018, ISO 2701, ISO 9001, ISO 20000-1, ISO 50001, ISO 27001, ISO 14001, AICOA(SOC)
BACKED UP DATA
Backups are made every day to avoid losing your data! In case of unforeseen events, data recovery is possible until the last 24 hours.
T.O.P is developed following the best practices, as well as the practices recommended by OWASP (Open web Application Security Project), the leading security organization. We comply with all relevant principles, including those of the General Data Protection Regulation.
T.O.P strives to provide 24/7/365 service.
When your data is stored on our servers, an encryption algorithm ensures that it is only readable by our data science teams.
The encryption of your communications guarantees the protection of your data between our servers and your computer.
Respect for your privacy
All information related to the communication of individual users as well as survey responses are and will remain anonymized.
In partnership with the Cryptr company, TOP allows you SSO authentication but also the connection with Magic-Link without the need to define a password.
Our technical team employs a user access control system. It includes technical administrators, managers, and regular users who have access.
TOP understands the importance of protecting personal information. For this reason, TOP strives to have business procedures and security measures in place to protect personal information under its control.
Application and Scope
Any Personal Information (as defined below) received in the communication or material you transmit to the Site by electronic mail or otherwise is and will be treated in accordance with this Policy.
Definition of Personal Information
Personal Information is defined as “any information about an identifiable individual”. This may include, for example, e-mail, contact information and similar information provided to TOP in the course of its business operations, or that TOP may receive from requests for information. Aggregate Personal Information that cannot be associated with an identifiable individual is not considered Personal Information. We endeavor to limit our requests for Personal Information to that which we deem reasonably necessary to fulfill our purposes as described in the “Use of Personal Information” section below.
Use of Personal Information
In providing services, TOP only processes Personal Information in accordance with the Terms and Conditions and applicable law. TOP generally uses Personal Information from or about its Customers and Users (as defined in the Terms), (hereinafter referred to as “Customer Personal Information”) for the following purposes:
To provide you with service information and news,
To support the services offered on the Site,
To contact you for your feedback on our services,
To conduct research about TOP’s customers or services,
To process your payments, including credit checks and collection,
To notify you of technical updates or policy changes, or
To contact you for marketing and promotional purposes.
We may use information that is not Personal Information such as demographic data to analyze and develop our marketing strategy and improve the Site and our Services.
Information Sharing and Disclosure
TOP will not sell, rent or trade Personal Information to third parties. However, TOP may share Personal Information when permitted and/or required by law or as follows:
If sharing the information is reasonably necessary to provide a service you have requested;
If we believe in good faith that we are required to do so by law, in connection with litigation, to prevent a crime, or to protect personal safety, the public or the Site;
In connection with a sale or merger with another entity or if TOP should declare bankruptcy or have its assets sold to another entity;
When we have your consent to share Personal Information.
TOP may also share information that is not Personal Information with third parties (for example, aggregate or demographic data).
Before sharing Personal Information with a third party, TOP will ensure that the third party maintains reasonable data management practices to maintain the confidentiality and security of Personal Information and to prevent unauthorized access.
When we collect your contact information from you, you will have the opportunity to indicate your preferences for receiving direct marketing or market research information.
You may correct, amend or delete your Personal Information by contacting us.
We are committed to protecting Personal Information from loss, misuse, disclosure, alteration, unauthorized access and destruction. TOP will store and process Personal Information in a manner consistent with industry security standards. TOP has implemented technical, organizational and administrative systems, policies and procedures to ensure the security, integrity and confidentiality of Personal Information and to reduce the risk of unauthorized access to Personal Information, including (i) physical safeguards and other security measures to ensure the security and confidentiality of Personal Information under its control; (ii) security design to prevent compromise of its own information systems, computer networks, or data files by unauthorized users, viruses, or malicious computer programs; (iii) appropriate internal practices, including, but not limited to, encryption of data in transit; use of appropriate firewall and antivirus software; maintain such countermeasures, operating systems and other applications with up-to-date virus definitions and security patches to avoid any negative impact on the Personal Information it manages; appropriate logs and alerts to control access and ensure data integrity and confidentiality; allow only authorized users to access systems and applications; and (iv) all persons with authorized access to Personal Information shall have a genuine need to know before accessing it (“security program”).
Third Party Sites
The Site may contain links to other sites. TOP is not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave the Site to read the privacy statements of each and every site that collects Personal Information.
We use third-party advertising companies to serve ads on our behalf. These companies may use a cookie or action tag, also known as a web beacon or 1-pixel .gif file, to tailor the ads you see on this and other sites, to track your response to their advertising and measure the effectiveness of their advertising or to award incentives or points to their members who respond to their ads. Cookies, action tags or similar files do not contain any personal information.
You can learn more about targeted advertising, its benefits and your choices by visiting aboutads.info. The targeted advertising companies we work with are members of the Network Advertising Initiative. The NAI allows you to limit targeted advertising from its members by using an opt-out tool available on the NAI website at networkadvertising.org.
Your Consent to this Policy
By using this Site, you agree to this Policy. We may occasionally update this Policy. If we change our policy, we will post those changes on TOP.com. If we decide to use Personal Information in a manner different from that stated at the time of collection, we will notify users by email (if an email address has been provided) or post a notice on https://top-turnover.ai/. We encourage you to periodically review this Policy to stay informed about how we protect the Personal Information we collect. Your continued use of this Site constitutes your acceptance of this Policy and any updates.
If you have any questions, comments or concerns about this Policy, please contact us at
Tour Black Pearl -14 Rue General Audran
Assistant: +33 1 76 35 06 16
Email address: firstname.lastname@example.org
How to mobilize Artificial Intelligence for HR data in an ethical and GDPR-compliant logic?
Data is at the heart of human resources management. From an ethical point of view, using this data paired with Artificial Intelligence can raise questions about the purpose of its exploitation. As HR data is considered to be sensitive, the company must pay particular attention to it in order to respect security rules and GDPR compliance.
Ethical and GDPR issues are central to HR Tech tools’ challenges.
We also note the predominant need for these departments to be equipped to benefit from the total wealth of their data through intelligent use.
Artificial intelligence and technology can have a positive impact on the HR profession and on each of the company’s employees, particularly through improved reading and interpretation of data, machine learning and automation. Data can solve a number of problems based on companies’ HR data.
So how can artificial intelligence harness HR data while remaining ethical and GDPR compliant?
Mobilizing artificial intelligence ethically in the service of people:
Human resources departments have a lot of data on their employees: position, seniority, career path, satisfaction, etc.
All of this data can, if properly handled, make sense in different contexts.
It is now essential for these teams to be aware of this data and to know how to use it to achieve their objectives.
Artificial intelligence is therefore capable of helping them to better understand and use this data. It serves the HR function through its ability to better manage this information. HR teams and managers can then rely on this technology to perform more effectively.
Artificial intelligence supports the established HR strategy in order to improve accuracy and performance. As with any technology, it is applied in a functional context, focusing on its outcome to align with the defined ethics.
Artificial intelligence does not replace the human being, it advises him, allows a better understanding of the data, and supports him in his decision-making.
A better reading of the data of the company’s employees, therefore, enables a better understanding of these audiences and thus a better response to their expectations.
It is through this prism that T.O.P’s algorithms were developed, in collaboration with HR experts and artificial intelligence ethics committees. The aim is to respond effectively to the need to ensure the continuity of its teams by anticipating resignations and advising on the necessary adjustments to be made for the benefit of the employee and his/her relationship with the company.
Each employee is also invited to give his or her consent (opt-in) to share personal data, through a communication explaining how this solution works and its benefits.
Ensuring security and GDPR compliance for a solution using artificial intelligence :
Then comes the question of security, an essential subject when data is mobilized, and all the more so in a context as sensitive as this one.
The GDPR is also now framing all these practices in the service of the protection of privacy and the proper use of all this data.
These issues have been considered since the first developments of the solution. The guarantee of ethical and secure use of HR data is at the heart of T.O.P.’s development strategy.
Securing HR data:
In order to avoid any risk of attack and fraudulent intent concerning the use of this data, T.O.P has developed in compliance with various standards:
The application was developed in accordance with the best practices of the OWASP (Open Web Application Security Project). A not-for-profit foundation that sets the standard in the web ecosystem in terms of security.
Establish a partnership with Orange Business Services (an ISO 27001, 2718, 9001 and 14001 certified company) in order to offer secure cloud hosting located in France.
Create a backup system to save data in case of loss.
Encrypt all data within the solution to ensure its integrity and confidentiality.
GDPR compliance :
The subject of GDPR compliance is all the more important in this context in light of the sensitivity of the data.
In order to ensure that user data is hosted in a region that complies with RGPD standards, it is essential to host it on European territory.
This is what we have been able to achieve by entering into a partnership with Orange Business Services, which offers Cloud hosting on servers located in France.
This compliance must also be audited and monitored by various specialists in these practices and the law. The law is constantly evolving with regard to these practices.
T.O.P is therefore monitored by expert lawyers on these subjects in order to offer a solution that is always more ethical, stable and compliant with the law.
The search for data is also regulated, in particular by the CNIL which supervises this practice for the benefit of Internet users. A lot of information can be found on social