Legal information and Management of Personal Data

Legal information and Management of Personal Data

Domain names

Intellectual Property

The site is the property of Certinomis SAS, except for the brands, logos or content belonging to other partner companies, to the Certinomis shareholders or to authors. 

The general structure, graphic elements and, more generally, content of this site are protected by copyright, design law and trademark law. 

Any person downloading or gathering information disseminated on the site can only use the said information on the basis of a private, personal and non-transferable usage right.

Any total or partial representation or reproduction is forbidden without the formal approval of Certinomis and constitutes an infringement sanctioned by articles L.335-2 et seq of the [French] Intellectual property code.

The reproduction of a page from the site in a framework outside of Certinomis or the insertion of a page belonging to Certinomis within a page on another site is forbidden.

The headings, articles, documents and other texts published on this site can be reproduced on a paper medium or electronic medium, but only with an indication of the source (for example, by indicating the following: “Written by Certinomis, http://www.certinomis.com).

Non-compliance with the above provisions could constitute an infringement resulting in the civil or penal liability of the author of the infringement.

The creation of a hypertext link to the site  www.certinomis.com can only lead to the homepage unless authorised otherwise by Certinomis, provided that this will result in no confusion in the minds of web surfers regarding the identity of the site or origin of the information. 

Graphic design and site development : 

Agence WordPress Big District
10 rue des moulins
75001 Paris

Tél. : +33 (1) 84 17 06 36

Host :

Seres SA: www.seres.fr

RCS Créteil B 343 778 163.

Siège social : 45-47 Boulevard Paul Vaillant-Couturier – CS 50108 -94 766 IVRY SUR SEINE CEDEX

Tél. : +33 (0) 1 56 29 79 00

Company : 

Certinomis SAS

RCS Créteil B 433 998 903.

Siège social : 45-47 Boulevard Paul Vaillant-Couturier – CS 50108 -94 766 IVRY SUR SEINE CEDEX

Tél. : +33 (1) 56 29 72 60.

Publication contact : webmaster [@] certinomis [dot] fr

Collection and Management of personal data

Presentation

In the course of his business, Certinomis is collecting and treating personal data related to natural persons who are beneficiary of a digital certificates or identified as agent or legal representative or invoicing contact of an organisation client of Certinomis.

This page presents the measures taken by Certinomis to ensure the respect of your rights and the protection of your personal data in accordance with the provisions of the law n°78-17 of 6 January 1978 and of the European Regulation UE 2016/679 of 27 April 2016.

Responsible for processing

The company Certinomis registered in Register of Commerce of Créteil under the number B 433 998 903 and whose Head Office is located 45-47 Boulevard Paul Vaillant-Couturier – CS 50108 -94 766 IVRY SUR SEINE CEDEX FRANCE collects the data for its own benefit.

Personal Data Collected

–          Personal Data included in the digital certificate: the name, first name, and e-mail address of the natural person identified by the digital certificate [i.e. the beneficiary] and, where appropriate, the name and registration number of the legal person it represents.

–          Personal data designed to process certificate requests and to manage certificate lifecycle: for certificate for an organisation or a server, the name, first name, professional e-mail addresses and professional phone numbers, together with a copy of an ID document are requested from the beneficiary and from the natural person identified to interact with Certinomis under the contract (i.e.: the legal representative, the agent, the contact for invoicing).

–          Data designed to perform traffic analysis or statistics: connexions or navigations data and IP adresses.

–          Data used for payments: characteristics of credit cards used for payment of an order shall be collected and processed by the company Vérifone e-Commerce (service PAYBOX) who will not communicate them to Certinomis.

–          Personal data collect in the purpose of supplying trade information: these are name, first name, phone number, e-mail or postal addresses and where appropriate the name of the organisation concerned; they are submitted via e-mail or phone or contact formula by people seeking information from the sales service of Certinomis.  

Exercise of your rights:

–          Consent: the consent for collecting and processing personal data included in digital certificates or used for treating certificate requests or used for certificate life cycle management is given by the signature by the concerned person of the General Usage Terms sheets included in the certificate request file ;  the consent for collecting and processing connexions or navigations data and IP addresses is given by acceptation of cookies when connecting to the web site ; the consent for collecting and processing the characteristics of the credit carte is given on the payment site; the consent for collecting and processing personal data submitted for receiving trade information is made by the request of the customer or the lead.

–          Right of access, rectification, deletion, portability of personal data: Under the law n°78-17 of 6 January 1978 and Under the European regulation n° UE 2016/679 of 27 April 2016, you enjoy the right of access, opposition, rectification, deletion and portability of your personal data.  

Nevertheless, the exercise of your rights cannot play to the detriment of legal obligations, particularly the requirement made to qualified certification service providers to keep the data justifying the emission of a digital certificate during the five years following the expiration of that said certificate.

–          Point of contact: you can exercise your rights by writing us by e-mail at ld-politiquecertification@certinomis.fr or by mail at Certinomis, DPO, ACI 1A2 101, 45-47 Boulevard Paul Vaillant-Couturier – CS 50108 -94 766 IVRY SUR SEINE CEDEX.

Retention Period:

–          Personal Data included in the digital certificate or designed to process certificate requests and to manage certificate lifecycle: these data are maintained during the seven (7) years following the expiration of the last certificate to which they are linked.

–          Data designed to perform traffic analysis or statistics: these data are stored during 13 months, maximum.

–          Data submitted in order to receive trade information: this data are stored five (5) years after the last interaction with the person concerned.

Purpose of treatment:

–          Personal Data included in the digital certificate: these data are appended to the public key of the beneficiary together with some other technical data to build his digital certificate. The beneficiary is informed that a digital certificate is an open structure that he spreads every time he uses it (authentication, signature, and encipherment).

–          Personal data designed to process certificate requests and to manage certificate lifecycle: these data are checked by authorized staff of Certinomis in order to allow certificate emission; unless the concerned person opposite to it, these data might be used by Certinomis for marketing or promotional purposes, only for services supplied by Certinomis.

–          Connexion and navigation data and IP addresses: these data are used for measuring our web site audience and improve the navigation on it or the presentation of our services.

–          Data submitted in a request for trade information: these data are used to answer to the request and might be used later to communicate collateral information of possible interest for the concerned person.

Safety of personal data:

Certinomis has settled safety measures to prevent any unauthorised access, modification, deletion nor robbery of your personal data.

All communications with and between our servers are enciphered, the access to data is restricted to people of our staff or of our supplier that has to know.

All personal data are stored on systems that are audited every two years in the course of qualification obtained by Certinomis that are the most demanding of our business (RGS 2 stars and qualification eIDAS).

Communication of personal data:

In any case will Certinomis give nor sell nor transfer personal data to third parties.

Nonetheless, we might be obliged, in order to fulfil legal obligations or to answer to judicial requisition or a request from a State that would be legitimate and conform to European legislation, to communicate demanded personal data, particularly but not only, in the aim to demonstrate that a digital certificate emission had been done rightfully.

Hosting of personal data:

All personal data are hosted in data centres belonging to our mother company Docaposte or to one of its subsidiary; every data centres are located in metropolitan area of France.

ACCESS RIGHTS

Pursuant to the “Information Technology and Freedoms law”, you have an individual right to access and rectify the information pertaining to you. You can access this information and ask us to modify it by simply writing to :
Certinomis

Droit d’accès – données personnelles

45-47 Boulevard Paul Vaillant-Couturier

CS 50108

94 766 IVRY SUR SEINE CEDEX

Or by sending us an e-mail

Does this site use cookies ?

By means of cookies used to track the browsing on its site, Certinomis can automatically collect information relative to the site’s visitors. The visitor can prevent the usage of cookies by configuring the Internet Explorer browser by successively clicking on “tools”, “Internet options”, the “Privacy” tab and moving the slider to “Block all cookies”.

Declaration of the site to the CNIL

Declaration made to the CNIL n°1160486

©  Certinomis. All rights reserved. 2019