Sigilium's Privacy policy

English Version, last updated on September 24th 2019

Created with Sketch.

Privacy and security are very important for Sigilium and we strive to ensure that our technical and organisational measures in place respect your data protection rights.

This Privacy Policy describes how we manage, process and store personal data submitted in the context of providing our services. “Personal data” refers to any information relating to an identifiable individual or his or her personal identity.

Consent

In subscribing to our services or filling in a contact form on our website (www.sigilium.com) or other sites owned by Sigilium, you agree and accept that we may gather, process, store and/or use the personal data submitted in accordance with the rules set forth below. By giving your consent to us, you also retain the right to have your personal data rectified, to be forgotten and/or to be erased.

Personal Data Collected

Identity and contact details of the Siglium's data processor

Personal data is collected on our website by Sigilium SARL, a registered company under French law number: B 809 637 382 with the Nanterre Trade & Companies Register, and having its registered office at: 11 rue René Weill - 92210 Saint-Cloud. Sigilium's Data Processor is Thomas Darde. he can be reached at: privacy@sigilium.com

Data Protection Authority Declarations

A declaration on the automated processing of data has been registered with the French data protection authority (CNIL) under number DPO-3806. You retain the right to file any complaints on data protection with this supervisory authority.

Data collected on the website

When you subscribe to our services, the following data is collected and managed: email, title, first name, last name, country, Intracommunity VAT number where applicable, login & password, postal address, telephone number, IP address(es) and domain name. By using our services, the following data is collected and managed: log-on data and browsing data where you authorise it, order history, complaints, incidents, information on subscriptions and messages on our site. Some data is collected automatically by reason of your activity on the site (see paragraph on cookies below).

The data submitted should not include any sensitive personal data, such as Government identifiers (i.e. social security, driving licence, or taxpayer identification numbers), complete credit card or complete personal bank card numbers, medical records or particulars connected with applications for healthcare or treatment associated with private individuals.

Purposes of processing and legal basis

The principal purpose of collecting your personal data is to offer you a safe, optimal, efficient and personalised experience. To this end, you agree and accept that we may use your personal data to:

  • provide our services and facilitate performance, including verifications relating to you;
  • resolve any problems so as to improve the use of our site and services;
  • personalise, assess, and improve our services, content and materials;
  • analyse the volume and history of your use of our services;
  • inform you about our services as well as our partners’ services and/or promotional offers;
  • prevent, detect and investigate any activities that are potentially prohibited, unlawful or contrary to good practice and ensure compliance with our terms of use and sending policy;
  • comply with legal and regulatory obligations.

We use the personal data submitted to us only in accordance with the applicable data protection legislation.

For our clients who have signed up on our website, we processes your personal data for the performance of the contract between us to provide our services.

For our newsletter, use case studies and marketing material sign ups, we process your personal data based on the explicit consent you provide for this specific purpose.

Newsletter and marketing emails

For those of you that have expressly opted in to receive our Sigilium newsletter, you are easily able to unsubscribe by following the “unsubscribe” links included in every email.

Email statistics

Years before RGPD launch, Sigilium announceed and engaged not to track and analyse individual open ratings of emails and email signatures. In order to attest the efficiency of Sigilium' service, we collect the click rate of each announcements, anonymously, without disctinction of sender or receiver. This way, we fully respect pricavy of exchanges between Sigilium's users and their contacts that did not give, at anytime, their explicit consent in being tracked.

Testimonals

Sigilium publishes a list of Clients and Testimonials on its site with information on our customers’ names and job titles. Sigilium undertakes to obtain the authorisation of every customer before publishing any testimonial on its website. If at a later date, you finally want this testimony to be removed, you can send us an email to privacy@sigilium.com and we will delete your information in the next 24 hours. Still in order to protect personnal data of its users, email signature examples diplayed on Sigilium's website present anonymous contact details.

Third party disclosures

Personal data relating to you collected on our website are destined for Sigilium’s own use. They cannot or only very partialy be transmited to Sigilium’s partner companies so that we may obtain assistance and support in the context of carrying out our services. Sigilium ensures that it has in place clear data protection requirements for all of its third party providers.

Sigilium will not sell nor rent your personal data to a third party, for marketing purposes, in any case.

Further more, Sigilium does not disclose your personal data to third parties, except if: (1) you (or your account administrator acting on your behalf) requests or authorises disclosure thereof; (2) the disclosure is required to process transactions or supply services which you have requested (i.e. to check you are employing best practice in your mailings or for the purposes of processing an acquisition card with credit-card issuing companies); (3) Sigilium is compelled to do so by a government authority or a regulatory body, in the case of a court order, a summons to appear in court or any other similar requisition from a government or the judiciary, or to establish or defend a legal application; or, (4) the third party is a subcontractor or sub-processor of Sigilium in the carrying out of services (for example in data hosting).

Here is a list of our suppliers

  • AWS : hosting services
  • HoneyBadger : Monitoring Sigilium's server
  • Microsoft Azure : If you're using Office 365, to update your email signature
  • Google : If you're using GSuite, to update your email signature

Use of Google API

If you did provide us the rights to use Google's API, we will only use it to :

  • Check your email signature
    • https://www.googleapis.com/auth/gmail.settings.sharing
    • https://www.googleapis.com/auth/gmail.settings.basic
  • Update your email signature
    • https://www.googleapis.com/auth/gmail.settings.sharing
    • https://www.googleapis.com/auth/gmail.settings.basic
  • Optionnaly, list the users of your organisation to update their email signatures contact details based on your Active Directory data, if you provided us the authorization
    • https://www.googleapis.com/auth/admin.directory.user
Apart for hosting purposes, none of these data is shared with any third party provider

Your data protection rights

According to French Data Protection Laws and the European General Data Protection Regulation 2016/679 (GDPR) you have a right of access, correct and remove your personal data, which you may exercise by sending us a support ticket at https://help.sigilium.com. Requests will be processed within 30 days. We may require that your request be accompanied by a photocopy of proof of identity or authority.

As user of Sigilium's service, You are also able at any time to modify personal data by logging into your account and clicking on “edit my contact details”.

Cookies/Tracking

As a general rule, Sigilium uses cookies and tracking to improve and personalise its Website and/or measure its audience. Cookies are files saved on your computer’s hard drive when browsing on the Internet and in particular on our site. A cookie is not used to gather your personal data without your knowledge but instead to record information on site browsing which can be read directly by Sigilium on your subsequent visits and searches on the site.

You can choose to decline acceptance of all cookies, but your ability to browse certain pages of the site may be reduced. The cookies used by Sigilium are intended to enable or facilitate communication, to enable the services requested by users to be supplied, to recognise users when they re-visit the site, to secure payments which users may make, to register the language spoken by users or other preferences necessary for the service requested to be supplied. Sigilium also uses analytics and tracking tools to measure website and digital data to gain customer insights, to carry out analyses on browsing experience so as to improve content, and to send targeted advertisements.

By default, cookies are not installed automatically (with the exception of those cookies needed to run the site and Sigilium’s services, and you are informed of their installation by a banner). In accordance with the regulations that apply, Sigilium will require your authorisation before implanting any other kind of cookie on your hard drive. To avoid being bothered by these routine requests for authorisation and to enjoy uninterrupted browsing, you can configure your computer to accept Sigilium cookies or we are able to remember your refusal or acceptance of certain cookies. By default, browsers accept all cookies.

When you access third party sites directing you to our website, or when you are reading integration or social media links, cookies can be created by the companies disseminating these links. These third parties may be able to use cookies in the context of Sigilium’s services (partners or other third parties supplying content or services available on the Sigilium site) and are responsible for the cookies they install and it is their conditions on cookies which apply. Sigilium assumes no liability in regard to the possible use of cookies by third parties. For more information, you are advised to check the cookie policy directly on these third party sites with regard to their use of cookies.

Sigilium also uses analytics tools, to measure, analyse and improve user experience in it's website. Sigilium doesn't reuse this data for ad.

Only following cookies collect data for a third party use :

  • Google Analytics : website audience analyse
  • Olark : possibility to chat directly with visitor on our website
  • HelpScout : access to our help section with a search tool

THIRD PARTY DATA

In the context of using our services, namely centrally manage email signature, Sigilium has access to the information contained in the email signature announcements you create for your account.

This data is stored on secure servers and only a limited number of people are authorised to access your campains, in particular for the purpose of providing support services.

You may modify and or delete contacts at any time from your account.

In no case does Sigilium sell, share or rent out your contact lists to third parties, nor does it use them for any purposes other than those set forth in this policy. We will use the information from your contact lists only for legal requirements, to invoice and collect summaries for our own statistics and for the purposes of providing you with customer support services.

As admin of the contact lists and associated email signature campaigns, you are considered the data controller within the meaning of the GDPR, and Sigilium is acting only as a data processor. In this capacity, you are responsible in particular for:

  • complying with all current regulations in force, including the data protection laws
  • ensuring your authority to use the personal data collected in accordance with the defined end purposes and refraining from any unauthorised use.

DATA RETENTION PERIODS

Sigilium collects your personal data for the requirements of carrying out its contractual obligations and not more than three months after closure of your account (unless laws require a different period). You will be able to access your personnal data, during all the defined period of the contact between you and Sigilium is active. As well as information about how and when you use our services and we retain this data in active databases, log files or other types of files so long as you use our services.

LOCATION OF DATA STORAGE AND TRANSFERS

The host servers on which Sigilium processes and stores its databases are located exclusively within the European Union.

Sigilium will inform you immediately, to the extent we are legally authorised to do so, in case of any application or order originating from an administrative or judicial authority relating to your personal data.

SECURITY

Within the framework of its services, Sigilium attributes the very highest importance to the security and integrity of its customers’ personal data.

Thus and in accordance with the GDPR, Sigilium undertakes to take all pertinent precautions in order to preserve the security of the data and, in particular, to protect them against any accidental or unlawful destruction, accidental loss, corruption, unauthorised circulation or access, as well as against any other form of unlawful processing or disclosure to unauthorised persons.

To this end, Sigilium implements industry standard security measures to protect personal data from unauthorised disclosure. In using industry recommended methods of encoding, Sigilium takes the measures necessary to protect information connected with payments and credit cards.

Moreover, in order to avoid in particular all unauthorised access, to guarantee accuracy and the proper use of the data, Sigilium has put the appropriate electronic, physical and managerial procedures in place with a view to safeguarding and preserving the data gathered through its services.

Nothwithstanding this, there is no absolute safety from piracy or hackers. That is why in the event a breach of security were to affect you, Sigilium undertakes to inform you thereof without undue delay and to use its best efforts to take all possible measures to neutralise the intrusion and minimise the impacts. Should you suffer any loss by reason of the exploitation by a third party of a security breach, Sigilium undertakes to provide you with every assistance necessary so you are able to assert your rights. Moreover if, by some exceptional case, the direct loss incurred arose due to fault or gross negligence by Sigilium, you will be able to seek compensation within the limit of liability referred to in our Terms of Use.

You should keep in mind that any user, customer or hacker who discovers and takes advantage of a breach in security renders him or herself liable to criminal prosecution and that Sigilium will take all measures, including filing a complaint and/or bringing court action, to preserve the data and the rights of its users and of itself and to limit the impacts.

Account Passwords. In adopting the CNIL recommendations on the level of security of passwords, your account password must contain at least 8 characters, 1 letter, 1 number and 1 special character.

PRIVACY POLICY CHANGES

Sigilium reserves the right to update this Privacy Policy at any time, in particular pursuant to any changes made to the laws and regulations in force. Any modifications made will be notified to you via our Website or by email, to the extent possible, thirty (30) days at least before any changes come into force. We would recommend that you check these rules from time to time to stay informed of our procedures and rules relating to your personal information.

Contact us

For any question, please find a contact link at the bottom of all Sigilium's website page. Or contact directly Sigilium’s Data Protection Officer, Thomas Darde, by email at: privacy@sigilium.com or by mail to: Sigilium SARL, Attn: Data Protection Officer / 11 rue René Weill - 92210 Saint-Cloud - France.