Data Privacy Policy



Information collected and used


* Your customer information (email, password of your customer account, and possibly business name, first and last name of contact, address, postal code, country and VAT number) are stored after entering your registration. This information allows us to bill the service, if you chose the paid offer.

* If you have subscribed to the paid offer, we also store the following information: Your SEPA mandate if you have chosen the SEPA payment, the last 4 digits of your card if you have opted for card payment. The full details of your credit card, required for payment by card, are not stored by us, but at our payment provider Stripe (the world leader in online payment). We are not aware of it, each sample passes through a request that we send to this provider. When you fill in your bank details, they are sent directly to Stripe and are therefore not stored on our servers.

* You have the option to request the deletion of your account and the above information at any time.

* The Privacy Policies and GDPR referral contact for our services is: PASCAL AUBRY


Data Storage and Backups


* The storage of collected data (see 'Information collected and used') is done in a database. The password is not stored, but to enable the validation of your connection to your space bind, we store the encrypted borrowing of this password, generated by the SHA256 non-reversible encryption algorithm.

* The storage of customer instances are hosted by OVH in Europe (France).

* Once you have subscribed to the paid offer, a backup is made daily and stored on independent storage disks hosted on a different provider and datacenter that is ScaleWay in Europe (France). Only the last 30 days are kept.


Subcontractor


* Our services relies on the following subcontractors and service:
** The host of computer servers, which is OVH. These servers are hosted in Europe (France). No customer information is communicated to this subcontractor who only provides the hardware and network layer, the installation and operation being carried out by us directly.
** The online payment service Stripe, which is used, to ensure regular payment of the subscription. When you fill your credit card details, they are sent directly to Stripe when entering the number to make the payment (it means we never know your credit card data. Stripe give us only the last 4 digits, which allows us to be able to identify / analyze payment problems).



Software Protection


* Our services runs on Linux Ubuntu systems and software. They benefit from regular security updates when the operating system editor (Ubuntu Canonical) publishes them.

* Our services are accessible in HTTPS (HTTP encrypted) only, encrypted with SHA256 certificates.

* Our technical platform are protected by various state-of-the-art devices in terms of computer security: FireWall, Banishing Tools, System detection of use of SPAM and DOS Protection, anti-injection software protection, anti-XSS on software used for the customer area and provided to users. Testing of these software components is done automatically via the PHP-Unit and Travis-CI tools.


Data theft


* In case of suspicion of a theft of the data we have collected (see first point 'Information collected and used'), customers will be informed by email, at email corresponding to their customer account