Privacy Policy

Entry into force on 18 March 2020

Our website and applications collect certain Personal Data from our Visitors and Users. To protect your personal data, Yousign has ensured that it is fully compliant with the European general data protection regulation (GDPR) which means that you can be sure that the collected data is processed in a responsible and secure manner.

Personal Data (privacy)

The information gathered via our website and applications undergoes computerised processing for the purpose of managing your requests for information concerning our products and to enable us to contact you.

The data recipients are Yousign and its partners.

Pursuant to the Informatique et Libertés law of 6 January 1978, modified, (the French data protection act) and regulation number 2016/679 otherwise known as the General Data Protection Regulation (GDPR), you have a right to access, rectify or delete information concerning you and a right to data portability. You may exercise your rights and obtain details of the information concerning you by e-mailing dpo@yousign.com. You also have a right to oppose the processing of the data concerning you on legitimate grounds.

Types of Data collected

The following are included among the types of Personal Data which our website and applications collect directly or via third parties: Cookies and Usage Data. Other personal data collected may be described in other parts of this privacy policy or may be the subject of dedicated contextual explanations associated with the Data collection operation.

The Personal Data may be supplied freely by the User or collected automatically when he uses this Application.

Unless mentioned otherwise, the use of Cookies or any other traceability solution by our website and applications, or by the owners of services proposed by third parties used by our website and applications, is intended to identify the User and to record his preferences for the sole purpose of providing the service requested by the latter.

Our website and applications may be unable to supply services if certain Personal Data is not supplied.

The User assumes liability for the Personal data of third parties obtained, published or shared via our website and applications, and confirms that he has obtained the said third parties’ consent to supply this Data to the Owner.

Which cookies are used on yousign.com?

Publisher Role Cookies Description Expiration
Yousign Save your choice regarding the use of cookies cookie_notice_accepted Save your choice regarding the use of cookies 3 months
Consent statistics Analyzes your choice regarding the use of cookies
Datadog Collects data to improve the performance of the site and aims to correct any site malfunctions _dd_s A cookie used to aggregate all events generated by a single user session across multiple pages. It contains the current session ID and the expiry date of the session. The cookie is extended for an additional 15 minutes each time the user interacts with the website, up to the maximum duration of the user session 4 hours
Intercom To provide an online communication service for the user of the site (chat bot) Intercom-id-[app_id] Cookie for anonymous identification of visitors. Cookie deposited when visiting the site 9 months
intercom-session-[app-id] This cookie is set to activate the conversational agent when the user visits the operator's site, and is refreshed each time the connection is successful, extending it for a week from that point. Thus the user can access and retain conversations with the conversational agent until the session is intentionally terminated, which usually occurs at logout 1 week
Google Analytics Analyzes site audiences developers.google.com _ga Distinguishes users 13 months
_gid Distinguishes users 24 hours
_gat Reduces the demand rate 1 minute
AMP_TOKEN Retrieve a Client ID from AMP Client ID service 30 seconds to 1 year
gac_UA-44935198-9 Contains information about user interactions with advertising campaigns 90 days
_gcl_au Stores data related to ads clicked through Google Adsense 3 months
Hubspot Collects your trial, contact or demo requests knowledge.hubspot.com hubspotutk Identifies a visitor when submitting a form and is used for contact deduplication 13 months
__hssc Follows up on sessions and determines if HubSpot should increment the session number and timestamps in the __hstc cookie 30 minutes
__hssrc Determines if the visitor has restarted their browser End of session (website closed).
__hstc Stores timestamp data 13 months
__cfduid Set by Cloudflare, HubSpot’s CDN provider, to enable it to detect malicious visitors to our website and minimizes blocking legitimate users 30 days
Hotjar Monitor user interactions with the site help.hotjar.com _hjAbsoluteSessionInProgress Detects the first pageview session of a user 30 minutes
_hjid Retains the Hotjar User ID 12 months
Linkedin Identifies users coming from Linkedin. linkedin.com lidc Optimizes data center selection 1 day
UserMatchHistory Synchronizes LinkedIn Ads ID 30 days
lissc Ensures there is correct SameSite attribute for all cookies in the browser 1 year
lang Remembers a user's language setting End of session (website closed)
Facebook Identifies users from Facebook. _fbp Identifies users 3 months
Appvizer Identifies users from Appvizer

Data-processing mode and location

Processing methods

The Data Manager processes the Users’ Data in an appropriate manner and takes all necessary security measures to prevent all unauthorised access to, divulgence of, modification of or destruction of the data. The Data Processing is performed with the aid of computers and IT resources and pursuant to procedures and organisational methods closely linked to the stated end purposes. In addition to that reserved for the Data Controller, in certain cases access may be granted to certain categories of persons handling website-related operations (administration, sales, marketing, legal department, systems admin) or external stakeholders (such as third-party suppliers of technical services, messaging services, hosting suppliers, IT companies, and communication agencies) designated where applicable as Data Processors by the Owner. The updated list of these stakeholders can be requested any time from the Data Controller, by e-mailing the address dpo@yousign.com.

Processing site

The Data is processed at the Data Controller’s registered office and any other location at which the parties responsible for processing are located. Please contact the Data Manager for further information.

Data retention periods

The Data is stored for the time required to supply the service requested by the User, or as stated in the objectives described in this document. The maximum retention period for the data collected via the audience measurement and analysis tools will be 13 months in compliance with the General Data Protection Regulation, unless the user has explicitly renewed his consent during this period.

The User may always request its suspension or deletion by contacting the Data Manager.

Use of the Data collected

Data concerning the User is collected to enable the Owner to supply its services.

Further information concerning Data processing and collection

Further information concerning the User’s Personal Data

In addition to the information contained in this privacy policy, our website and applications may provide the User with further details and contextual information concerning specific services or the collection and processing of Personal Data.

System logs and maintenance

For operational and maintenance purposes, our applications and any other third-party service may collect files which record interactions with applications (system logs) or use other Personal Data to this end, such as the IP address.

Information not included in this privacy policy

Further information concerning the collection or processing of Personal Data may be requested from the Data Manager at any time. Please see the contact details shown at the beginning of this document.

The User’s rights

At all times, the User has the right to know if his Personal Data is being stored and may contact the Data Manager to learn more about its content and origin, to check its accuracy or to request that it be added to, cancelled, updated or rectified. He may also request that it be converted into an anonymous format or that any data obtained in violation of the law be blocked, or oppose its processing on any legitimate grounds. The right to data portability enables him to recover the collected data in a machine-readable format for personal use or for transfer to a third-party organisation. Requests to this effect should be sent to the Data Manager at the address shown above.

Our website and applications do not process “Do Not Track” requests. Please refer to the privacy policies of the third-party services to determine whether or not they comply with the “Do Not Track” option.

Modifications to this privacy policy

The Data Manager reserves the right to modify this privacy policy at any time, by informing the User of this on this page. We recommend that you consult this page often by referring to the date of the last modification displayed at the bottom of the page. If a User opposes any modification made to this policy he must stop using our applications and request that the Data Manager delete his Personal Data. Unless stated otherwise, the privacy policy applicable at the time will apply to all Personal Data in the Data Manager’s possession concerning the User.

Information concerning this privacy policy

The Data Manager has responsibility for this privacy policy.