top of page

Privacy Policy

At DIEU, we believe trust is essential. To maintain it, we believe it's important to help you understand our personal data protection practices. As part of your use of our Site, your access to our Platform, and your use of our Services, we collect your Personal Data as Data Controller. In this context, we are committed to complying with European regulations on the protection of Personal Data, in particular the GDPR. We have a dedicated team for this purpose, consisting of a Data Protection Officer, a legal team, and a security team. Please note: all capitalized terms not defined in this Privacy Policy will have the meaning given to them here.

1. Who is the Data Controller? DIEU 12 avenue des Prés 78180 Montigny-le-Bretonneux.

2. What Personal Data do we collect? By using our Site and our Platform, you are required to transmit to us, directly or indirectly, information, some of which is likely to identify you directly or indirectly and therefore constitutes Personal Data.

This information may contain data from the following categories: Identification and/or contact data such as your first and last name(s), postal address, email, telephone number, your Platform Username, the technical identifiers assigned to you, your voice and your image when a telephone or video recording is made; Identity data such as videos and/or images of your identity document and your face (for example, if you are a signatory for the Advanced or Qualified Electronic Signature) or a scanned copy of your identity document (for example, if you are a legal representative carrying out an Advanced Electronic Seal); Data extracted from the identity document such as your first name, last name, date of birth, place of birth, nationality, validity of your identity document and other information related to your identity extracted from your identity document, including the digital ID of the document, type of document, expiry date, MRZ, country of issue, validity status of the identity document (for example, whether you are a signatory for the Advanced or Qualified Electronic Signature);

  • Data relating to your professional activity such as your job title, your sector of activity, the name of your company and its size, your intention to use our Services;

  • Transaction data such as your credit card number and bank account details, which are used to process payment for your subscriptions;

  • Connection and usage data such as your IP address, browser type and version, operating system used, pages visited and time spent, actions performed and configurations selected, API tokens and keys, as well as the timestamp of actions.

  • Signature data such as the digital ID of signed documents, signature requests, data contained in certificates and hashes and all associated metadata.

When your Personal Data is collected directly, you will be informed whether certain data must be provided or whether it is optional. Failure to provide this mandatory information may make it impossible to fulfill your request.

3. How do we collect your Personal Data? The Personal Data process by DIEU 

  • Personal Data transmitted directly by you. DIEU may process the Personal Data that you provide to us directly when creating your Organization/User Account or using the Services, via contact forms or any other document available online on the Site or provided during external events, during your telephone conversations with DIEU.

  • Personal Data collected from public sources. DIEU may use publicly available Personal Data.

  • Personal Data collected from third parties. DIEU may use the services of specialized service providers to access up-to-date databases.

  • Personal Data collected automatically during your use of the Site and/or the Platform. DIEU

  • may collect your Personal Data in order to establish statistics on the number of visitors to our Site and/or our Platform, and to carry out targeted advertising campaigns.

4. On what legal bases, for what purposes, and for how long do we retain your Personal Data? We collect and process your Personal Data in compliance with the GDPR and only within the following legal bases:

  • Consent: you have expressly consented to the processing of your Personal Data;

  • The contract: the processing is necessary for the performance of, or preparation for, a contract;

  • Legal obligation: the processing is imposed by legal texts;

  • Legitimate interest: processing is necessary for the pursuit of our legitimate interests while strictly respecting your rights.

We store your Personal Data for a period limited to 12 months and necessary for the purpose of the processing pursued.

5. Who are the recipients of your Personal Data? The Personal Data of our Visitors and Users/Subscribers is strictly confidential. It may be processed by employees of DIEU and its subsidiaries, within the limits of their respective responsibilities and exclusively for the purposes of this Policy. Unless required by law, accounting, or judicial authorities, we do not share your Personal Data with third parties other than:

  • Our hosting providers for the purpose of performing database maintenance and hosting services;

  • Our service providers, subcontractors (such as CRM tool providers, email sending service providers) and partners, for the purposes of accessing the requested services, carrying out a transaction or responding to your requests for assistance and information.

6. Is your data likely to be transferred outside the European Union? The infrastructure supporting the DIEU Platform is located in France. However, when necessary, we may transfer your Personal Data to service providers operating outside the European Union. The transfer of your data in this context is secured using the following tools:

  • The data is transferred to a country that has been deemed to provide an adequate level of protection by a decision of the European Commission;

  • We have concluded a specific contract with our Subcontractors governing the transfers of your data outside the European Union, on the basis of the Standard Contractual Clauses approved by the European Commission;

  • We use the appropriate guarantees provided for by applicable regulations.

7. What measures are in place to protect your Personal Data? The choice of measures is based on a risk-based approach, focused on preserving the confidentiality, integrity, and availability of your Personal Data. The security measures implemented may be organizational or technical and are described on the Security page. If we use a service provider acting on our behalf as a subcontractor, we also adopt a risk-based approach to strive for alignment of the security objectives of DIEU and the service provider, prior to any disclosure of your Personal Data.

8. What are your rights regarding your Personal Data? DIEU guarantees the effective exercise of all the rights granted to you by the regulations. You can therefore:

  • Have access to your Personal Data;

  • Rectify inaccurate Personal Data about you;

  • Obtain the erasure of your Personal Data;

  • Restrict our Processing of your Personal Data;

  • Withdraw your consent to the Processing of your Personal Data;

  • Object to the processing of your Personal Data;

  • Obtain a copy of your Personal Data (right to data portability);

  • Define guidelines relating to the retention, deletion and communication of your Personal Data after your death.

DIEU informs you that certain exceptions to rights may exist, in particular:

  • The rectification or deletion of evidence files and results of remote identity verification, as well as all information necessary to compile the result.

  • Access to data that has been subject to automated or manual processing, the communication of which is likely to provide information on the nature of the checks carried out by the service and relating to the detection of identity theft.

You can exercise these rights by completing the form available here. We may ask you to provide us with additional information or documents to prove your identity. You can also access your Personal Data at any time by logging into your User Account, and modify it by going to your profile settings. If you are not satisfied with the response, you may file a complaint regarding the collection and use of your Personal Data with the competent national authority. In France, you can contact the French Data Protection Authority (CNIL) via its website at the following address: https://www.cnil.fr/fr. 9. Changes to this Privacy Policy We may modify this Policy at any time to incorporate regulatory, jurisprudential, or technical developments that improve the level of protection of your Personal Data.

In the event of minor changes, we will change the "Updated" date at the top of the page to indicate the date the changes were made. However, in the event of substantial changes to this Policy (relating to the purposes of processing, the Personal Data collected, the exercise of rights, or the transfer of Personal Data), we will notify you, by any means, including by email, at least thirty (30) days before the effective date. Any access to and use of the Site and Services after this period will be subject to the terms of the new Policy. We encourage you to regularly review this page to learn about any changes or updates to our Privacy Policy. 10. Children's Privacy Our Services are not designed for or offered to persons under the age of 18 or any other age designated by applicable law ("minors"). We do not knowingly collect or request personal data from minors, and we do not allow minors to use our Services. If you are a minor, please do not use our Services or send us your personal data.

11. Contact Us For any questions regarding this Policy or any requests regarding your Personal Data, you can consult our GDPR page or our Help Center.

bottom of page