How does Closd process personal data and for what purpose?

Closd collects and processes users’ data only to provide total legal certainty for signed documents and for all legal transactions that are carried out on the platform.

The processing carried out by Closd for this purpose is listed below. Users must expressly accept it upon registration, and it is recorded in a data register:

  • Sending users invitations to projects;
  • Sharing documents and information between users during a project;
  • Verifying the identity of users who use electronic signatures;
  • Using electronic signature;
  • Sharing signatories’ authentication data with certain users for probative purposes;
  • Occasionally sending users information and updates about services offered by Closd;
  • Analyzing website traffic.

Users’ personal data are not transferred to any third party except the following, for the sole purpose of providing total legal certainty for signed documents: OVHcloud for data storage (fully encrypted); DocuSign and Certeurope for electronic signatures; Arkhineo for long-term archiving; and AriadNext for automated ID checks.

Are the personal data collected adequate and relevant for the purposes of the processing?

Closd only collects data strictly necessary to carry out legal transactions in complete legal and technical security. No other personal data is collected by Closd, for any purpose whatsoever.

How long is the personal data stored by Closd?

Users’ personal data is deleted upon request or when the personal account is deleted.

Data allowing precise identification of signatories is stored by Closd during the entire period during which the validity and probative value of the documents can be questioned by a party or a third party, in order to ensure, if needed, the exercise or defense of users’ legal claims.

How does Closd ensure the security and confidentiality of this data?

Closd’s software infrastructure was built from the outset to adhere to a privacy-by-design approach to protect user data (secure passwords, data partitioning, full data encryption, etc.).

  • Data encryption: the database and all the files uploaded and/or signed on Closd are encrypted using the AES-256 algorithm. Data passing between Closd’s servers and users’ workstations are secured by TLS protocol.
  • Data location: all collected data is stored on servers located in the EU (via the European cloud leader OVHcloud).
  • Security audits: Closd has security audits regularly performed by State-certified providers.
  • Data access: only authorized employees within Closd can access users’ personal data in order to provide support.
  • Confidentiality undertaking: all of Closd’s employees have signed a very strict confidentiality undertaking with respect to users’ data (personal and non-personal) to which they may have access.

What are the rights of users regarding their personal data?

When activating their account, each user must expressly accept Closd’s privacy policy, which is made readily available to them. Given that this data is essential for the operations carried out on Closd, it is impossible to use the platform without accepting the collection and processing of data.

Users can access, rectify or delete these rights at any time and by any user, by sending an email to: privacy@closd.com.

Contact

+33 (0)1.88.32.12.69
contact@closd.com

Copyright © 2020