Privacy Policy — DIS+ App
Last updated: May 9, 2026
Preamble
This Privacy Policy describes how Today's Internat Business (hereinafter "the Publisher"), publisher of the DIS+ App platform accessible at https://displus.app, collects, uses, retains and protects the personal data of users (hereinafter "the User").
The Publisher is committed to respecting Users' privacy and protecting their personal data in accordance with the General Data Protection Regulation (GDPR - EU Regulation 2016/679) and the French Data Protection Act of January 6, 1978, as amended.
By using the Platform, the User acknowledges having read this Privacy Policy.
Article 1 — Identity of the data controller
The controller of personal data collected on the Platform is:
Today's Internat Business
Legal representative: Mr. Raimundo ELA NSANG
Registered office: 27 Boulevard Saint-Martin, 75003 Paris, France
Email: contact@displus.pro
Article 2 — Personal data collected
2.1 Data collected directly
When using the Platform, the Publisher may collect the following categories of data:
- Identification data: surname, first name, date of birth, title;
- Contact data: email address, phone number, postal address;
- Professional data: company name, position, sector of activity, SIRET number;
- Login data: username, password (encrypted);
- Payment data: billing information (credit card data is never stored on our servers, it is processed by our PCI-DSS certified payment service providers);
- Published content: texts, images, logos, videos, professional information that the User publishes on their card or website.
2.2 Data collected automatically
- Technical data: IP address, browser type, operating system, device type, mobile device identifier;
- Browsing data: pages visited, visit duration, actions performed on the Platform, date and time of connection;
- Geolocation data: country, city (approximate, based on IP address);
- Cookies: see our Cookie Policy for more details.
2.3 Data collected by third parties
During registration, the Publisher may complete account information with publicly available data via:
- Google Places API (for information on businesses and professionals);
- Professional social networks (with User authorization);
- Public professional directories.
Article 3 — Purposes and legal basis for processing
Personal data is collected and processed for the following purposes:
| Purpose | Legal basis |
|---|---|
| User account creation and management | Performance of the contract (article 6.1.b GDPR) |
| Provision of subscribed services | Performance of the contract |
| Payment management and billing | Performance of the contract / Legal obligation |
| Customer service and technical support | Performance of the contract |
| Platform improvement and statistics | Legitimate interest (article 6.1.f GDPR) |
| Marketing communications and newsletters | Consent (article 6.1.a GDPR) |
| Compliance with legal and tax obligations | Legal obligation (article 6.1.c GDPR) |
| Fraud prevention and security | Legitimate interest |
Article 4 — Data recipients
Personal data may be communicated to the following recipients:
- Authorized personnel of Today's Internat Business: technical team, customer support, sales team;
- DIS+ App commercial agents: for the follow-up of accounts they have attributed (with limited access to necessary data);
- Technical subcontractors: host (Hosting.com / Web Hosting Canada), payment service providers, video conferencing services (8x8 JaaS), email sending services;
- Business partners: only with explicit consent of the User;
- Competent authorities: upon legal request (police, justice, tax administration).
The Publisher undertakes never to sell or rent personal data to third parties for commercial purposes.
Article 5 — Data transfers outside the European Union
Some data may be processed by subcontractors located outside the European Union, including:
- Mobile Money services in Africa (Orange Money, MTN Money, Wave, Airtel Money, etc.);
- Cloud hosting services (Web Hosting Canada);
- Push notification services.
In these cases, the Publisher ensures that these transfers are framed by appropriate guarantees:
- Standard contractual clauses adopted by the European Commission;
- Adequacy decisions by the European Commission;
- Explicit consent of the User where required.
Article 6 — Data retention period
Personal data is retained for the following periods:
| Type of data | Retention period |
|---|---|
| Active account data | Throughout the duration of the contract |
| Account data after termination | 3 years (for commercial prospecting purposes, except in case of opposition) |
| Accounting and tax data | 10 years (legal obligation) |
| Connection data (logs) | 1 year (article L.34-1 of the French Postal and Electronic Communications Code) |
| Cookies | 13 months maximum (CNIL recommendation) |
| Provisional accounts (created by Agents) | 30 days without activation, then deletion |
At the end of these periods, the data is either deleted or anonymized for statistical purposes.
Article 7 — User rights
In accordance with the GDPR, the User has the following rights over their personal data:
7.1 Right of access
The User can request the communication of all personal data concerning them held by the Publisher.
7.2 Right of rectification
The User can request the correction of inaccurate or incomplete data concerning them. They can generally do so directly from their dashboard.
7.3 Right to erasure ("right to be forgotten")
The User can request the deletion of their personal data, subject to legal retention obligations.
7.4 Right to portability
The User can retrieve their data in a structured, commonly used and machine-readable format, to transmit it to another data controller.
7.5 Right to object
The User can object to the processing of their data for legitimate reasons, in particular to processing for commercial prospecting purposes.
7.6 Right to restriction of processing
The User can request the limitation of the processing of their data in certain situations (contesting accuracy, opposition, etc.).
7.7 Right to withdraw consent
When processing is based on consent, the User can withdraw it at any time, without calling into question the lawfulness of the previous processing.
7.8 Right to define post-mortem directives
The User can define directives relating to the retention, deletion and communication of their data after their death.
7.9 Right to lodge a complaint
The User can lodge a complaint with the French National Commission for Information Technology and Civil Liberties (CNIL):
CNIL
3 Place de Fontenoy - TSA 80715
75334 Paris Cedex 07, France
Website: www.cnil.fr
7.10 Procedures for exercising rights
To exercise these rights, the User can:
- Send an email to: contact@displus.pro
- Send a postal letter to: Today's Internat Business, 27 Boulevard Saint-Martin, 75003 Paris, France
The Publisher undertakes to respond within one month of receipt of the request. This period may be extended by two months in the case of complex or numerous requests.
Proof of identity may be requested to verify the identity of the requester.
Article 8 — Data security
The Publisher implements appropriate technical and organizational measures to protect personal data against destruction, loss, alteration, disclosure or unauthorized access, including:
- Encryption of data in transit (HTTPS/TLS);
- Password encryption (bcrypt hashing);
- Secure hosting with a qualified provider;
- Strict access control (multi-factor authentication for staff);
- Regular backups and business continuity plan;
- Regular security updates of systems;
- Periodic security audits;
- Awareness and training of staff in data protection.
However, since no transmission or storage system can be guaranteed 100% secure, the Publisher cannot guarantee absolute security.
Article 9 — Data breach notification
In the event of a personal data breach likely to entail a high risk for the rights and freedoms of the User, the Publisher undertakes to:
- Notify the CNIL within 72 hours of becoming aware of the breach;
- Inform the Users concerned as soon as possible when the breach presents a high risk to their rights and freedoms.
Article 10 — Minors
The Platform is reserved for adults (18 years of age). The Publisher does not knowingly collect data concerning minors. If a parent or guardian finds that a minor has provided personal data, they can contact the Publisher at contact@displus.pro to request immediate deletion.
Article 11 — Modifications of the Privacy Policy
The Publisher reserves the right to modify this Privacy Policy at any time to adapt to the evolution of the Platform, the legal framework or data protection practices.
Users are informed of modifications by email and/or by notification on the Platform. The date of last update is indicated at the top of this document.
Article 12 — Contact
For any question relating to this Privacy Policy or the processing of your personal data:
Today's Internat Business
27 Boulevard Saint-Martin, 75003 Paris, France
Email: contact@displus.pro
This Privacy Policy is an integral part of the Terms and Conditions of Use of DIS+ App.
Effective date: May 9, 2026
