Discover Cosmian Covercrypt: The New Encryption Standard for Data Security in the Cloud Age

Learn more

logo-cosmian
logo-cosmian
Book a demo

Discover Cosmian Covercrypt: The New Encryption Standard for Data Security in the Cloud Age Learn more

logo-cosmian
logo-cosmian

Privacy Policy

Privacy Policy

Date of last update : May 31, 2022

Thank you for your visit and for your interest in Cosmian. The protection and respect of Data Subjects privacy are of utmost importance to us. This Privacy Policy aims to give information about how Personal Data is collected, used, and shared when using www.cosmian.com, including all its subdomains (the “Website”) and how Data Subjects can maintain control over it.

When using the Website, Cosmian Tech (hereinafter “Cosmian”), a French société par actions simplifiée (“simplified joint stock company”) registered in the Paris Trade and Companies Register under number 840 903 447, whose registered office is located at 53/55 rue de la Boétie, 75008 Paris, France, is responsible for the collection and processing of Personal Data as Data Controller.

For the purposes of this Privacy Policy, “GDPR” refers to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals regarding the processing of personal data and the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the terms used with capital letters, whether in plural or singular the terms “Data Controller”, “Data Processor”, “Personal Data” and “Data Subject” have the meaning given to them in the GDPR.

1. Use of the Website’s contact form

1.1 Personal data collected

When we are asked to enter into contact or are requested about additional information through the Website, we collect the following Personal Data from the contact form accessible at: https://cosmian.com/contact/:

  • first and last name;
  • professional email address;
  • phone number;
  • any other Personal Data that the Data Subject may provide in the text message you send to us.

1.2 Purpose and legal basis of the processing

Cosmian ensures that it only collects and processes Personal Data that is strictly necessary for the purpose at stake. Cosmian collects and processes the Personal Data of Data subjects to fulfill any request submitted through the Website’s contact form. The legal basis is article 6.1.f (legitimate interest of the Data Controller) of the GDPR. Our legitimate interest in the processing is to have quick communication and to respond to Data subject’s inquiries in a cost-effective and efficient manner. Data subjects can protect their interest in data protection by sharing their data sparingly (e.g. using a pseudonym).

1.3 Retention period of the Personal Data

Personal Data processed in relation to the use of the contact form is only retained for the time necessary to process the Data Subject’s request. The retention period applied to the Personal Data is proportionate to the purpose for which they were collected.

Personal Data may be archived for the purposes of justification or proof.

2. Web analytics and cookies

Cosmian uses cookies (small data files transferred onto computers or devices by sites) for record-keeping purposes and to enhance functionality on our site. Visitors of the Website may deactivate or restrict the transmission of cookies by changing the settings of their web browser. Cookies that are already stored may be deleted at any time.

The Website is configured to use Matomo, an open source software for audience measurement (number of visits, pages consulted). It is configured to respect the conditions of exemption of the consent of the Internet user, in application of the recommendations of the Commission Nationale de l’Informatique et des Libertés (CNIL).

The collection of Matomo cookies and the use of this analysis tool are based on article 6.1.f of the GDPR (legitimate interest of the Data Controller), which states that the publisher of the website has a legitimate interest in analyzing the behavior of users in an anonymous way, in order to improve its website and thus obtain anonymous statistics.

Cookies used by the Website enable the Cosmian to collect the following information about visitors that is used to prepare aggregated, anonymous statistics reports of visitors’ activity
internet protocol (IP) address (anonymised),
location: country, region, city, approximate latitude and longitude (geolocation),
date and time of the request (visit to the site),
title of the page being viewed (page title),
URL of the page being viewed (page URL),
URL of the page that was viewed prior to the current page (referrer URL),
screen resolution of the user’s device,
local time in visitor’s time zone,
files that were clicked and downloaded (download),
links to an outside domain that were clicked (outlink),
page generation time: the time it takes for webpages to be generated by the webserver and then downloaded by the visitor (page speed),
main language of the browser being used (accept language header),
browser version, browser plugins (PDF, Flash, Java) operating system version, device identifier (user agent header),
language of the visited page.

The data collected contains no personal information and cannot be used to identify a particular visitor. Data will not be shared with any other organisations for marketing, market research or commercial purposes.

Cosmian via Matomo uses an IP de-identification mechanism that automatically masks a portion of each visitor’s IP address, effectively making it impossible to identify a particular visitor via the IP address.

Note that for statistical purposes the city and country of origin are determined from the full IP address, then stored and aggregated before the anonymisation mask is applied.

Cosmian automatically deletes the anonymous unaggregated data after 13 months.

With this configuration, prior consent to the deposit of Matomo Analytics cookies is not required. If the visitor of the Website does not wish to be tracked by Matomo, it can use the function below, which will set an opt-out cookie on its browser for a limited time and prevent the Matomo software from saving usage data. If the visitor of the Website deletes cookies, the Matomo Opt-Out cookie will also be deleted. The Opt-Out cookie must then be reactivated on the next visit to the Website.

3. General

3.1 Rights of the Data Subjects

In accordance with the applicable regulations, Data Subjects have the following rights regarding the Personal Data that we collect as a Data Controller:

  • the right of access: Data Subjects have the right at any time to know whether we hold Personal Data about them and, if so, to request access to it;
  • the right to rectification: Data Subjects have the right at any time to rectify or request the rectification of any of their Personal Data that is inaccurate or incomplete;
  • the right to erasure: Data Subjects can ask us to delete their Personal Data in certain circumstances (please note that legal or regulatory provisions or legitimate reasons may require us to retain Data Subjects’ Personal Data);
  • the right to restriction: Data Subjects can ask us to restrict the processing of their Personal Data, in certain circumstances (please note that we may continue to process Data Subjects’ Personal Data if we have a legitimate reason to do so);
  • the right to object: Data Subjects can object to the processing of their Personal Data, in certain circumstances (please note that we may continue to process Data Subjects’ Personal Data if we have a legitimate reason to do so);
  • the right to post-mortem instructions: Data Subjects can set out instructions regarding the fate of their Personal Data after their passing.

Our DPO is Harlay Avocats.

Data Subjects can exercise their rights by contacting us:

  • To the following postal address: Cosmian Tech SAS

55 rue la Boétie

75008, Paris, France

For any request to exercise their rights, Data Subjects can prove their identity by any means. If we have reasonable doubts as to a particular Data Subject’s identity, we may ask to provide additional information that may appear necessary, including a copy of the Data Subject’s official identity document in order to check that it is indeed the Data Subject of the Personal Data that is the subject of the request.

If, despite all the care we take to protect Personal Data, there are reasons to believe that Data Subjects’ rights have not been properly protected, Data Subjects may lodge a complaint with the competent supervisory authority. In France, the CNIL is the competent authority and its contact details are as follows: 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, phone number: 01 53 73 22 22.

3.2 Sharing of the Personal Data

Personal Data is stored carefully and is only made available under strict conditions to the following people:
– members of our staff, in accordance with an internal clearance policy and insofar as they need to access it;
– the staff members of our service providers.

We may share Personal Data to comply with applicable laws and regulations or other lawful requests for information we receive or to protect our rights.

3.3 Data security

Cosmian ensures the security of Personal Data by taking all physical, technical and organizational measures to guarantee the confidentiality, integrity and availability of Personal Data, including encryption and anonymisation. We also require all of our employees and partners at Cosmian to adhere to strict standards of Personal Data security.

3.4 Crossborder Personal Data transfers

Personal Data is stored and processed within the European Union. The processing operations do not involve transfers of data outside the European Economic Area (EEA).

However, should this happen, we will put in place contractual mechanisms and binding legal processes to legally transfer Personal Data outside the EEA such as the implementation of appropriate safeguards as provided for by the GDPR (e.g., BCRs for Data Processors, standard contractual clauses adopted by the European Commission, approved codes of conduct or certification schemes).

3.5 Changes

We may update this Privacy Policy from time to time in order to reflect, for example, changes
to our practices or for other operational, legal or regulatory reasons. Any changes will be posted on this page with an updated revision date.

3.6 Contact us

For more information about our privacy practices, for additional questions, or to make a complaint, please contact us by e-mail at [email protected] or by mail using the details provided below:
Cosmian Tech SAS
55 rue la Boétie
75008, Paris, France

Cosmian makes no tracking for advertising and does not collect any personal data. Cookies are used for statistical or operational purposes, as well as for analysis, allowing for continuous improvement of the website. Cosmian uses the Matomo Analytics tool, an audience measurement solution that uses cookies with a configuration that complies with the data protection legislation and the recommendations of the CNIL (Commission Nationale de l'Informatique et des Libertés). This configuration allows to anonymise visitor's data and to limit the storage period of this data to a maximum of 13 months. With this configuration, the prior consent to the deposit of Matomo Analytics cookies is not required. However, you can still choose not to allow these cookies (by clicking here ) or at any time by consulting our Privacy Policy.

For more information please consult our Privacy Policy