Personal Data Protection Policy

(Update date : September12th 2022)

The purpose of this Protection Notice (hereinafter referred to as the “Notice”) is to explain how the company Cryptolog International (hereinafter referred to as “Universign” or “we/us”) collects and processes your personal data acting as a data controller when you visit or use its websites (hereinafter referred to as the “Sites”).

The Notice is intended for visitors and users of the Sites (hereinafter referred to as “users” or “you”).

This Notice does not apply to processing of personal data of people using Universign services. Universign’s Personal Data Protection Policy contains information on such processing.

Finally, there is a separate notice regarding the collection and processing of Universign’s staff personal data.

In this Notice, ”personal data” or data of a personal nature is any information relating to a natural person identified or identifiable directly or indirectly based on this data and the term “processing” refers to any operation or a set of operations which is performed on personal data, irrespective of the process used.

Collection of personal data

When you visit our Site or use it (for example to send us a request for information, apply for a job offer, subscribe to our newsletter, etc.) we are likely to collect and process some of your personal data.

Depending on your use of the Site, the transmission of some information is mandatory. Failure to transmit the data will prevent you from fully using the Universign Site.

Personal data are collected directly from you via:

  • voluntary registration of an e-mail address enabling you to receive one of our newsletters or our offers;
  • inputting of your personal contact details when you register on the Site or take part in an online survey;
  • sending of an information request via one of the Site’s forms;
  • the job application that you submit to us via the Site’s Careers space;
  • data on your browsing on the Site via cookies

The Notice is applicable irrespective of the method of collection of your personal data.

The data that you send us directly depend on your use of the Site and may include:

  • identification and contact details (surname, first name, gender, e-mail address, telephone number);
  • information that you send to our customer service;
  • information contained in your application for a job to be filled (information contained in your curriculum vitae and your cover letter);
  • communication preferences (preferred language).

The data regarding the use of the Site are collected automatically, this information depends on your browsing and may include:

  • information on the computer, the login environment, i.e. IP address, technical user name(s), error reports and operating data;
  • data on your use, such as the features you have used, the settings you have selected, the data on which you have clicked, including the date and time and the webpages visited;
  • geographical information on services based on the IP address localisation.

Cookies

Information on the way in which you interact with the Site is collected via our servers and the use of cookies and other technologies. Cookies are small text files that can be read by a Universign web server that placed the cookie on your hard drive.

We can use these technologies to store your preferences and settings, help you through registration, and analyse the service’s operations.

Only Universign can read or modify the information that is contained on its own cookies.

Universign uses two types of cookies:

  • session cookies that disappear as soon as you leave the Universign Site;
  • permanent cookies that will remain on your device until expiry of their lifespan or until they are deleted using your browser’s features.

You have two options to manage cookies.

  • You have the option of setting up your browser to choose to accept all cookies or to systematically reject them or otherwise to choose the ones that it accepts according to the issuer.
  • You can also regularly delete the cookies from your device using your browser.

However, if you block certain cookies, you will no longer be able to visit some Site content and/or use certain of its features.

Use of personal data

Depending on your use of the Site, personal data are used by Universign to:

  • enable you to use Universign services
  • enable you to request information on Universign services
  • subscribe to our newsletter and be informed of events organised by Universign
  • enable the proper functioning and securing of the Site
  • improve the Site and offer you custom content to make it more relevant and/or better meet your expectations
  • inform you of modifications, updates and other announcements on our products and services
  • enable you to submit your job application for vacancies at Universign and its subsidiaries
  • be included in our CV database
  • comply with our legal obligations.

Personal data retention period

All personal data collected are retained for a limited period depending on the purpose of the processing and on the retention period stipulated by the legislation applicable to Universign.

PurposesData retention periods prior to their deletion
To enable you to use Universign services13 months
To enable you to request information on Universign services3 years
To subscribe to our newsletter and be informed of events organised by Universign3 years
To enable the proper functioning and securing of the Site13 months
To improve the Site and offer you custom content to make it more relevant and/or better meet your expectations13 months
To inform you of modifications, updates and other announcements on our products and services3 years
To enable you to apply for vacancies at Universign and its subsidiaries3 years
To be included in our CV database3 years
To comply with our legal obligations12 months

Upon expiry of the periods specified, the data shall be, if necessary, archived for a period not exceeding the time limits stipulated by the applicable archiving regulations.

Transmission and transfer of personal data

Other than in the cases stipulated in this Notice, your personal data shall never be sold, shared or transmitted to third parties by Universign.

Your personal data may be transmitted to our service providers with the sole aim of performing the processing for which they were initially collected. In this context, our service providers are personal data processors in accordance with the regulation, they act on our instructions and on our behalf. They are required to process them in accordance with this Notice. They are not authorised to sell them or to disclose them to other third parties.

Personal data can be transferred to our service providers located outside the European Union. In such an event, we guarantee an appropriate protective framework for the transfer of data.

Furthermore, if you access the Universign Site via a third-party application, your personal data may be shared with the editor of this third-party application to enable the latter to provide you with access to the Site, under the terms of a license and confidentiality policy specific to this editor.

Finally, personal data may be disclosed if we are required so to do by law or by a regulatory provision or if this disclosure is necessary in connection with a judicial or administrative request or litigation proceedings.

Security and confidentiality

Our concern is to preserve the quality, confidentiality and integrity of your personal data.

To ensure the security and confidentiality of the personal data we collect, we use technical means (networks protected by standard systems such as firewalls, network partitioning, appropriate physical hosting, etc.) and organisational means (strict and individual access control, procedures, security policy, etc.).

When processing your personal data, we take all reasonable measures to protect them against any loss, misuse, unauthorised access, disclosure, alteration or destruction.

People with access to your personal data are bound by a duty of confidentiality and secrecy: they shall face disciplinary measures and/or other sanctions if they do not comply with these obligations.

In spite of our efforts to protect your personal data, Universign cannot guarantee on its own the infallibility of this protection given the inevitable risks that are out of its control.

Right of access, to rectification, to erasure and to objection

Whenever we process personal data, we take all reasonable measures to ensure the accuracy and relevance of your personal data based on the purposes for which we collect them and guarantee that you can exercise your rights regarding these data.

You have a right to access your data, to correct incorrect data on you, and in the cases and according to the limits stipulated by the regulation, to object to, to erase some of these data, to restrict their use or to request their portability for their transmission to a third party.

If you have to update your data, you may do so directly via your browser regarding cookies or by contacting the Data Protection Officer at the following address:

Universign – Data Protection Officer

7 rue du Faubourg Poissonnière 75009 Paris.

The written request must be sent by letter with acknowledgement of receipt and include a copy of your identity document. This allows us to ensure that you are the person who submitted the request.

Data Protection Officer

Universign has appointed a Data Protection Officer (DPO) who is responsible for ensuring the protection of personal data and the compliance with the related legal and regulatory requirements.

For any additional information or claims regarding the implementation of the Notice, you may contact the latter at the address: privacy@universign.com

In case of unresolved issues relating to the use of your personal data, you may contact the CNIL, the French Data Protection Authority.

Modifications of the Personal Data Protection Policy

This Notice can be updated based on changes made to the Universign Site or if required by the applicable regulation.