Privacy Policy

Entry into force on 18 March 2020

Our website and applications collect certain Personal Data from our Visitors and Users. To protect your personal data, Yousign has ensured that it is fully compliant with the European general data protection regulation (GDPR) which means that you can be sure that the collected data is processed in a responsible and secure manner.

Personal Data (privacy)

The information gathered via our website and applications undergoes computerised processing for the purpose of managing your requests for information concerning our products and to enable us to contact you.

The data recipients are Yousign and its partners.

Pursuant to the Informatique et Libertés law of 6 January 1978, modified, (the French data protection act) and regulation number 2016/679 otherwise known as the General Data Protection Regulation (GDPR), you have a right to access, rectify or delete information concerning you and a right to data portability. You may exercise your rights and obtain details of the information concerning you by e-mailing dpo@yousign.com. You also have a right to oppose the processing of the data concerning you on legitimate grounds.

Types of Data collected

The following are included among the types of Personal Data which our website and applications collect directly or via third parties: Cookies and Usage Data. Other personal data collected may be described in other parts of this privacy policy or may be the subject of dedicated contextual explanations associated with the Data collection operation.

The Personal Data may be supplied freely by the User or collected automatically when he uses this Application.

Unless mentioned otherwise, the use of Cookies or any other traceability solution by our website and applications, or by the owners of services proposed by third parties used by our website and applications, is intended to identify the User and to record his preferences for the sole purpose of providing the service requested by the latter.

Our website and applications may be unable to supply services if certain Personal Data is not supplied.

The User assumes liability for the Personal data of third parties obtained, published or shared via our website and applications, and confirms that he has obtained the said third parties’ consent to supply this Data to the Owner.

What is a cookie?

A “cookie” is a small file generally comprised of letters and numbers sent by the web server to the cookie file of the browser or browsers used by you to surf the Internet.

Types of cookie

Yousign.com uses different kinds of cookies:

Session cookies

These cookies enable the website to operate in an optimal manner. You may choose to delete them from your browser although this risks impairing your user experience when surfing on our website.

Audience measurement and analysis cookies

To improve your user experience and to adapt the website to visitors’ requirements, we use tracking cookies, including those from Google Analytics. These cookies measure the number of visits, the number of pages viewed, the users’ activity on the website and their return frequency.
These cookies also collect your IP address to determine the town or city from which you are connecting. This data is anonymous and cannot be used to identify the user.

Social networking cookies

The social network sharing plug-ins use cookies which make it possible to track surfers’ browsing history and to propose advertising to users of these networks linked to their interests.

Which cookies are used on yousign.com?

Publisher Role Cookies Description Expiration
Yousign Save your choice regarding the use of cookies cookie_notice_accepted Save your choice regarding the use of cookies 3 months
Consent statistics Analyzes your choice regarding the use of cookies
Datadog Collects data to improve the performance of the site and aims to correct any site malfunctions _dd_s A cookie used to aggregate all events generated by a single user session across multiple pages. It contains the current session ID and the expiry date of the session. The cookie is extended for an additional 15 minutes each time the user interacts with the website, up to the maximum duration of the user session 4 hours
Intercom To provide an online communication service for the user of the site (chat bot) Intercom-id-[app_id] Cookie for anonymous identification of visitors. Cookie deposited when visiting the site 9 months
intercom-session-[app-id] This cookie is set to activate the conversational agent when the user visits the operator's site, and is refreshed each time the connection is successful, extending it for a week from that point. Thus the user can access and retain conversations with the conversational agent until the session is intentionally terminated, which usually occurs at logout 1 week
Google Analytics Analyzes site audiences developers.google.com _ga Distinguishes users 13 months
_gid Distinguishes users 24 hours
_gat Reduces the demand rate 1 minute
AMP_TOKEN Retrieve a Client ID from AMP Client ID service 30 seconds to 1 year
gac_UA-44935198-9 Contains information about user interactions with advertising campaigns 90 days
_gcl_au Stores data related to ads clicked through Google Adsense 3 months
Hubspot Collects your trial, contact or demo requests knowledge.hubspot.com hubspotutk Identifies a visitor when submitting a form and is used for contact deduplication 13 months
__hssc Follows up on sessions and determines if HubSpot should increment the session number and timestamps in the __hstc cookie 30 minutes
__hssrc Determines if the visitor has restarted their browser End of session (website closed).
__hstc Stores timestamp data 13 months
__cfduid Set by Cloudflare, HubSpot’s CDN provider, to enable it to detect malicious visitors to our website and minimizes blocking legitimate users 30 days
Hotjar Monitor user interactions with the site help.hotjar.com _hjAbsoluteSessionInProgress Detects the first pageview session of a user 30 minutes
_hjid Retains the Hotjar User ID 12 months
Linkedin Identifies users coming from Linkedin. linkedin.com lidc Optimizes data center selection 1 day
UserMatchHistory Synchronizes LinkedIn Ads ID 30 days
lissc Ensures there is correct SameSite attribute for all cookies in the browser 1 year
lang Remembers a user's language setting End of session (website closed)
Facebook Identifies users from Facebook. _fbp Identifies users 3 months
Appvizer Identifies users from Appvizer

Data-processing mode and location

Processing methods

The Data Manager processes the Users’ Data in an appropriate manner and takes all necessary security measures to prevent all unauthorised access to, divulgence of, modification of or destruction of the data. The Data Processing is performed with the aid of computers and IT resources and pursuant to procedures and organisational methods closely linked to the stated end purposes. In addition to that reserved for the Data Controller, in certain cases access may be granted to certain categories of persons handling website-related operations (administration, sales, marketing, legal department, systems admin) or external stakeholders (such as third-party suppliers of technical services, messaging services, hosting suppliers, IT companies, and communication agencies) designated where applicable as Data Processors by the Owner. The updated list of these stakeholders can be requested any time from the Data Controller, by e-mailing the address dpo@yousign.com.

Processing site

The Data is processed at the Data Controller’s registered office and any other location at which the parties responsible for processing are located. Please contact the Data Manager for further information.

Data retention periods

The Data is stored for the time required to supply the service requested by the User, or as stated in the objectives described in this document. The maximum retention period for the data collected via the audience measurement and analysis tools will be 13 months in compliance with the General Data Protection Regulation, unless the user has explicitly renewed his consent during this period.

The User may always request its suspension or deletion by contacting the Data Manager.

Use of the Data collected

Data concerning the User is collected to enable the Owner to supply its services.

Further information concerning Data processing and collection

Legal proceedings

The User’s Personal Data may be used for legal purposes by the Data Manager before the courts or in any proceedings leading to legal action resulting from the inappropriate use of this Application or of the related services.

The User is aware that the public authorities may require the Data Manager to divulge the Personal Data.

Further information concerning the User’s Personal Data

In addition to the information contained in this privacy policy, our website and applications may provide the User with further details and contextual information concerning specific services or the collection and processing of Personal Data.

System logs and maintenance

For operational and maintenance purposes, our applications and any other third-party service may collect files which record interactions with applications (system logs) or use other Personal Data to this end, such as the IP address.

Information not included in this privacy policy

Further information concerning the collection or processing of Personal Data may be requested from the Data Manager at any time. Please see the contact details shown at the beginning of this document.

The User’s rights

At all times, the User has the right to know if his Personal Data is being stored and may contact the Data Manager to learn more about its content and origin, to check its accuracy or to request that it be added to, cancelled, updated or rectified. He may also request that it be converted into an anonymous format or that any data obtained in violation of the law be blocked, or oppose its processing on any legitimate grounds. The right to data portability enables him to recover the collected data in a machine-readable format for personal use or for transfer to a third-party organisation. Requests to this effect should be sent to the Data Manager at the address shown above.

Our website and applications do not process “Do Not Track” requests. Please refer to the privacy policies of the third-party services to determine whether or not they comply with the “Do Not Track” option.

Modifications to this privacy policy

The Data Manager reserves the right to modify this privacy policy at any time, by informing the User of this on this page. We recommend that you consult this page often by referring to the date of the last modification displayed at the bottom of the page. If a User opposes any modification made to this policy he must stop using our applications and request that the Data Manager delete his Personal Data. Unless stated otherwise, the privacy policy applicable at the time will apply to all Personal Data in the Data Manager’s possession concerning the User.

Information concerning this privacy policy

The Data Manager has responsibility for this privacy policy.

Definitions and legal references

Personal Data (or Data)

Any information concerning a natural or artificial person, an institution or an association which is or which could be identified, even directly, with reference to any other information including a personal identification number.

Usage data

The information collected automatically by our website and applications (or by third party services used on our website or applications), which may include the IP addresses or domain names of the computers used by the User using our website and applications, URI addresses (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numeric code indicating the status of the reply from the server (favourable result, error, etc.), the country of origin, the characteristics of the browser and operating system used by the User, various details concerning visit times (for example the time spent on each page on our website and applications) and details concerning the navigation path through our website and applications with special reference to the sequence the pages visited and other parameters concerning the User’s operating system or IT environment.

The person using our website and applications, who must be the Data Subject or be authorised by the latter, to whom the Personal Data refers.

The Data Subject

The natural or artificial person to whom the Personal Data refers.

Department with responsibility for data processing (or Data Controller)

A natural or artificial person, public authority or any other entity, association or organisation authorised by the Data Manager to process the Personal Data in compliance with this privacy policy.

Data Manager (or Owner)

The natural or artificial person, public authority or any other entity, association or organisation authorised, even jointly with another Data Manager, to take decisions concerning the Personal Data processing objectives and methods, including security measures relating to the operation and use of this Application. Unless stated otherwise, the Data Manager is the Owner of our website and applications.

Legal information

Information for European Users: this privacy policy has been prepared in application of the obligations stated in article 10 of European directive number 95/46/EC and in compliance with the provisions of directive 2002/58/EC, as revised by directive 2009/136/EC concerning cookies and the General Data Protection Regulation (GDPR). This privacy policy applies exclusively to our website and applications.