Privacy and personal data processing policy
BlueCerts, in its capacity as a Digital Trusted Third Party, takes respect for privacy and the Protection of Personal Data very seriously and undertakes to implement adequate measures to ensure the Protection of Personal Data and to process and use such Data in compliance with the applicable provisions and in particular European Regulation 2016/679 of April 27, 2016 (hereinafter the “General Data Protection Regulation”) and Law n ° 78-17 of 6 January 1978 known as the Data Protection Act.
1. Responsable for the processing
Your Data is collected by BlueCerts acting in the name and on behalf of its technological partners:
Be-YS Almeyris, SWISSSIGN, CamerFirma, Certigna and Infocert, acting as Data Controller. Within the meaning of articles 24 of the General Data Protection Regulation 2016/679 of April 27, 2016, BlueCerts acts as Data Processing Responsable.
2. Identification of the data collected, purposes and use of the data processed
BlueCerts, as Data Controller, is required to collect, consult, use, modify, store, transmit and delete Personal Data (hereinafter the “Data”) in the context of its commercial and contractual activities.
In accordance with article 4 of the General Data Protection Regulation 2016/679 of April 27, 2016, the terms “Data” or “Personal Data” designate any information relating to an identified or identifiable natural person (hereinafter referred to as ” Concerned person “) ; is deemed to be an “identifiable natural person” a natural person who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, an online identifier, or to one or more specific elements specific to its physical, physiological, genetic, psychological, economic, cultural or social identity.
Most of this data is collected directly from the people concerned,when they:
- Create a personal space on one of the BlueCerts sites;
- Make a request for information on one of the BlueCerts sites;
- Place an order on one of the BlueCerts sites or through any other medium or subscribe to a free trial;
- Browse one of the BlueCerts sites and / or view the products;
- Participate in a game or contest;
- Contact Customer Service or Service Support;
- Write a review / comment visible on one of the BluCerts sites.
As part of the above-mentioned collection activities, BlueCerts collects the following data:
- Identity data,
- Contact details,
- Billing data and payment terms,
- Details of the services and subscriptions taken out,
- The history of the contractual relationship,
- A copy of the correspondence of the people with the Customer Relations department,
- Where applicable, responses to surveys and questionnaires and comments / opinions,
- Technical information related to navigation (eg: IP address).
- Management of the loyalty program within an entity or several legal entities,
- The selection of customers and users to carry out loyalty actions, product testing.
Carrying out processing relating to commercial prospecting and in particular:
- The selection of people to carry out prospecting actions;
- Carrying out solicitation operations;
- Updating its prospecting files by the body in charge of managing the list of opposition to canvassing,
- The organization of contests, lotteries or any promotional operation.
Processing relating to the management of complaints:
- Management of complaints and after-sales service,
- The processing of requests for the right of access, rectification, opposition, erasure,
- The management of disputes.
Carrying out processing relating to the management of commercial activity:
- The selection of people to carry out studies and / or surveys,
- The development of trade statistics.
The treatments implemented by BlueCerts are based on:
- The execution of the contract for processing relating to the management of contracts, orders, invoicing and the customer / user relationship of BlueCerts services,
- Consent for commercial prospecting for non-client natural persons,
- The legitimate interest in processing relating to the management of commercial activity and the commercial prospecting for legal persons,
- Compliance with a legal obligation for tax-related processing, for example.
3. Data hosting
Most of the Personal Data collected and processed by BlueCerts is hosted in the European Union.
4. Destination of the Data collected .
The data collected may be processed outside the European Union. In this case, BlueCerts undertakes to make the necessary arrangements with its subcontractors and partners to guarantee an adequate level of protection of your data and this in full compliance with the applicable regulations.
5. Data retention period:
The data is kept for a period adapted to the purposes of the processing and in accordance with the laws and regulations in force.
Customer data is kept during the contractual relationship, and can be kept for ten (10) years after the termination of the contractual relationship to meet accounting and tax obligations.
The data of prospects who are natural persons can be kept for up to three (3) years after the last contact from the prospect.
6. Exercise of rights:
In accordance with the General Data Protection Regulation 2016/679 of April 27, 2016, each person has a right to access, rectify, erase and port their Personal Data, and a right to limitation and opposition to the processing of these data.
These rights can be exercised by contacting us at the following address:
- BY MAIL :
BlueCerts Lda Avenida da Republica 679. Piso 3 4450-242 Matosinhos – Porto – Portugal
- BY EMAIL :
In addition, and since Law No. 2016-1321 of October 7, 2016, those who wish to do so have
the possibility of organizing the fate of their data after their death.
For reasons of simplification and understanding of this information page, the terms below have been defined as follows:
“Cookie (s)”: is a text file placed on your hard drive by the server of the Site you are visiting. It usually contains the name of the server that deposited it, an identifier in the form of a unique number and an expiration date. Its purpose is to collect information relating to your browsing in order to offer you services adapted to your terminal (computer, mobile, or tablet).
“Data Controller”: “is, unless expressly designated by the laws or regulations relating to this processing, the person, public authority, service or body which determines its purposes and means. In practice and in general, this is the legal person embodied by its legal representative ”1. The data controller is BlueCerts.
2.1 Functional cookies
Functional cookies are necessary for the website to function. Functional cookies are essential for the operation of BlueCerts sites and for users’ navigation on them. They allow people to use the main functionalities of the sites and to secure their connection.
They can also allow them direct access to areas reserved for them, using identifiers or data that they may have previously entrusted to the Data Controller. Finally, the deposit of these cookies allows visitors to add a product to the basket of one of the BlueCerts “shop” sites, and to store the contents of the basket in an encrypted cookie, and thus leave the user the possibility to browse the pages of the store without losing the contents of his basket.
These cookies have a very short lifespan, while the session remains active.
Without these cookies, users will not be able to use the sites normally and it is therefore not recommended to prevent their use or to delete them.
2.2 User experience optimization cookies
These cookies make it possible to optimize the functioning of the BlueCerts sites. They also make it possible to adapt the presentation of these sites to the display preferences of the terminal used by people during their visits. These cookies thus allow users to have a smooth and personalized navigation.
In the context of browsing BlueCerts merchant sites, purchasing experience optimization cookies may be used. These cookies allow BlueCerts in particular to offer personalized support and assistance to the users of its services, for example by offering them the opportunity to interact with them. They have a maximum lifespan of thirteen months.
In case of refusal of the implementation of these cookies, users will not be able to benefit from the functionalities described above.
2.3 Technical performance cookies
The lifespan of technical performance cookies is limited to thirteen months.
The fact of refu sing the implementation of such cookies or deleting them has no impact on the navigation of people on the sites, but is likely toprevent BlueCerts from ensuring the improvement of the quality of services offered to visitors to its sites.
2.4 Audience measurement cookies
Audience measurement and statistical cookies allow the Data Controller to know the use and performance of sites, to establish statistics, volumes of visits and use of various elements (content visited, routes, etc.) in order to improve the interest and ergonomics of the services offered (the most frequently consulted pages or sections, the most read articles, etc.). These cookies are also used to measure website consultation traffic. For some of these cookies, the IP address, the only data linked to the identification of visitors to the Sites in this context, is anonymized with deletion of the last byte.
The lifespan of audience measurement cookies is limited to thirteen months.
The fact of refusing the implementation of such cookies or deleting them has no impact on the navigation of people on the sites, but is likely to prevent BlueCerts from ensuring the improvement of the quality of services offered to visitors to its sites.
2.5 Advertising cookies
In the context of browsing all the pages of its sites, BlueCerts may process browsing data and / or use advertising cookies in order to offer visitors advertising in line with their centers. ‘interest. These advertisements can be displayed on the various BlueCerts sites, but also on other sites on which the user could navigate. These cookies also make it possible to limit the number of times a visitor will see an advertisement and are also used by the Data Controller to assess the effectiveness of its advertising campaigns.
The lifespan of advertising cookies is limited to thirteen months.
The refusal of these advertising cookies has no impact on the use of the BlueCerts sites.
2.6 Sharing cookies (social networks)
BlueCerts sites may include social media buttons or modules, such as Linkedin, Facebook and Twitter, which allow visitors to share content from BlueCerts sites with other people or to communicate to third parties your consultation or your opinion regarding content from our site.
When visitors use these sharing buttons, a third-party social network cookie is installed. If visitors are connected to the social network while browsing the sites, the sharing buttons allow the content viewed to be linked to their user account.
Visitors are invited to consult the privacy protection policies of these social networks in order to learn about the purposes of use, in particular advertising, the browsing information that they can collect using these application buttons, and the duration life of associated cookies.