Last update: April 20, 2025
At WeDoBack, we attach great importance to the confidentiality and protection of our users’ personal data, regardless of their location or country of residence.
Our privacy policy is designed to comply with European regulations (in particular the RGPD), but also to respect local requirements applicable in other jurisdictions, including Africa, North America and other regulated areas. Where specific legislation prohibits or frames the transfer of data abroad, we take care to comply strictly with it.
The purpose of this policy is to provide you with transparent information on :
- The data we collect ;
- How we use it ;
- Your rights as a user ;
- Protective measures implemented.
1. Data controller
The WeDoBack website is published by Dédicace Software, a SAS with capital of €10,000, registered in the Angoulême Trade and Companies Register under no. 531466167, whose head office is located at 4 route de la côte à Bournet, 16440 Mouthiers-sur-Boëme.
Dédicace Software SAS represents the Pioneer Humani group in Europe, and is responsible for promoting, selling and supplying WeDoBack services in this area. Outside Europe, these activities are carried out directly by Pioneer Humani via its regional hubs and their respective subsidiaries.
2. Definition of a regional hub
As part of the governance of the Pioneer Humani group, a regional hub is an entity responsible for coordinating, supporting and supervising the activities of its subsidiaries located in the same geographical area. These hubs may access data required for the performance of services, regulatory compliance or support or communication actions, within the limits imposed by local and European data protection laws.
3. Collected data
Pioneer Humani may collect the following types of data and forward them to the relevant group entities (hubs or subsidiaries), depending on their geographical responsibility for said data:
- Identification data: title, surname, first name, email address, telephone number, postal address.
- Order data: order content, invoicing, payment methods.
- Technical data: IP address, browser type, language, operating system.
- Browsing data: pages visited, time spent, clicks (via Matomo, hosted in-house).
- Usage data: pages visited, time spent on the site (via our internal statistics server).
- Data from contact or subscription forms.
NB: Our services are intended for professionals only. We do not collect any personal data relating to minors.
4. Means of collection
Data is collected via :
- Online forms (contact, account creation, order),
- Cookies and tracers (see cookies section),
- Subscription to commercial communications,
- Direct exchanges with our teams.
5. Purposes and legal basis of processing
| Création de compte utilisateur | Contrat / mesures précontractuelles | Jusqu’à suppression ou 2 ans d’inactivité |
| Gestion des commandes et facturation | Contrat / obligation légale | 10 ans |
| Réponse aux demandes de contact | Intérêt légitime | 1 an après la dernière prise de contact |
| Envoi d’informations commerciales | Consentement | 3 ans à compter du dernier contact |
| Statistiques de fréquentation (interne) | Intérêt légitime / consentement | Jusqu’à 13 mois (37 mois pour données agrégées) |
| Sécurité du site / prévention de la fraude | Intérêt légitime | 13 mois |
| Prospection par filiales du groupe | Consentement | 3 ans |
The processing of your data for commercial prospecting purposes is based on your prior consent, except in the case of a pre-existing commercial relationship where it is based on our legitimate interest in promoting our products and services.
6. Cookies
We use cookies to :
- Save your language preferences,
- Keep the site running smoothly (especially the store),
- Carry out anonymous audience measurement (via our internal server, without transfer to third parties).
You can manage cookies via your browser, use private browsing or consult our page dedicated to cookies.
7. Recipients of data
Your personal data is processed by WeDoBack and the authorized entities of the Pioneer Humani group, in particular the regional subsidiary concerned, its regional division, as well as the parent company may, depending on your location, have access to your personal data.
This access is strictly limited to the needs associated with the provision of services, compliance with legal or regulatory obligations, and, where applicable, commercial canvassing in accordance with current data protection legislation.
No data is transferred to commercial third parties. Statistics are hosted on our own internal servers.
8. International transfers
WeDoBack undertakes to comply with all applicable regulations regarding personal data protection and international transfers, in accordance with the General Data Protection Regulation (GDPR) for European customers, as well as applicable local legislation in other territories.
For our customers located in theEuropean Union, personal data is exclusively hosted and processed on servers located within the European Economic Area (EEA). No data is transferred outside the EU, unless :
⇒ This is necessary for the performance of a service explicitly requested by the user;
⇒ Or it meets a legal or contractual obligation that is justified and framed.
For our customers based outside the European Union, notably in Africa, Asia or South America, data is hosted as locally as possible, i.e. :
⇒ Either in the customer’s country where the available infrastructure complies with security standards and local legislation;
⇒ Or in a third country recognized as having an adequate level of protection or where appropriate legal safeguards (standard contractual clauses, BCR, etc.) are in place.
In all cases, WeDoBack ensures that any cross-border transfer strictly complies with the legal framework in force, and implements appropriate technical and organizational measures to guarantee the security, confidentiality and integrity of the data processed.
Example: Data collected from customers located on African territory is not transferred to Europe or any other jurisdiction without prior verification of compliance with local laws and adequate legal supervision.
You can request information on these guarantees via our DPO contact.
9. Specific regulations by region
Morocco: In accordance with law 09-08 relating to the protection of personal data, WeDoBack undertakes not to transfer the personal data of Moroccan users outside the national territory without authorization from the CNDP. Services, technical and business data are hosted locally or on infrastructures located in Morocco or in countries recognized as suitable by the CNDP.
Users located in other African countries : We respect applicable local regulations on data sovereignty. Wherever possible, we host our African customers’ data and services on local or regional infrastructures, and we avoid any transfer of sensitive data outside the continent without consent or justified contractual necessity.
Brazil: In accordance with the LGPD, Brazilian user data is only transferred abroad if the destination country (such as the European Union) guarantees an adequate level of protection, or on the basis of explicit consent. WeDoBack hosts the services and sensitive data of its Brazilian customers locally, unless otherwise contractually agreed.
Mexico: In accordance with the LFPDPPP, WeDoBack informs Mexican users that certain data required to process orders (e.g. billing data) may be processed in the European Union. No sensitive data is transferred without explicit consent or legal obligation.
Asia / India / Southeast Asia: We comply with applicable local regulations, such as the Indian Data Protection Act (DPDPA 2023) or equivalent. WeDoBack takes care to host Asian customer services and data on regional or local infrastructures. No international transfers are made without a legal basis or informed consent.
China: In accordance with the PIPL law, no personal data collected in China will be transferred abroad without prior assessment of data security and, where applicable, authorization from the competent authorities. Chinese services and data are hosted exclusively on servers located in China.
10. Your rights
In accordance with the RGPD, you have the following rights:
- Right of access, rectification and deletion,
- Right to restrict processing,
- Right to object, including to commercial prospecting without justification,
- Right to portability,
- Right to withdraw your consent at any time,
- Right to define post-mortem directives (retention, deletion or transmission of your data after death).
To exercise your rights or if you have any questions about your personal data, you can :
- contact our Data Protection Officer (DPO) via this dedicated page.
- Send an e-mail to [email protected]
- Send a letter by post: see contact details in point 1.
You can also file a complaint with the CNIL in France (www.cnil.fr).
11. Data security
We take all necessary technical and organizational measures to ensure the confidentiality, integrity and security of your data:
- SSL/TLS encryption,
- Secure hosting,
- Rigorous access management,
- Regular internal audits.
12. Policy modification
This policy may be updated. In the event of substantial modification, you will be informed by email or via a message posted on the site. The current version is always the one published on this page.