Privacy Policy


Privacy Policy

This Privacy Policy describes how APTORIEL collects, uses and discloses information, and what choices you have with respect to the information. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.

This policy (together with our terms of service and any other documents referred to in it) sets out:

  • Application of this Privacy Policy
  • Data processed on behalf of our Customers
  • Information collected
  • Use of the Collected Information
  • Data retention
  • Protection of your information
  • Information sharing
  • Customers Consent
  • Children and Privacy
  • Tracking technologies
  • Data transferts
  • Your rights
  • Changes to this policy
  • Contact information

Application of this Privacy Policy
This Privacy Policy applies to APTORIEL (we, us, our) products, as APToken application and cloud platform, and support services (collectively, the Services), aptoriel.fr and other interactions (e.g., customer service inquiries, user communities, user conferences, demo, training etc.) you may have with us.
If you do not agree with the terms, do not access or use the Services, Websites or any other aspect of our business. By engaging in our site and Services, you acknowledge you have read and understood this privacy policy
This Privacy Policy does not apply to any third-party applications or software that integrate with the Services through our platforms (Third-Party Services*), or any other third-party products, services or businesses. In addition, a separate agreement governs delivery, access and use of the Services (the Customer Agreement or Contract), including the processing of any content submitted through Services accounts (collectively, Customer Data). The organization (e.g. your Services provider * or another entity or person) that entered into the Customer Contract (Customer) controls their instance of the Services and any associated Customer Data, which may be data of its own customers or users.
*includes Services Provider such as Account Servicing Payment Service Providers or Third Party Providers (TPP) which can be Account Information Service (AIS) or Payment Initiation Service (PIS)

Data processed on behalf of our Customers
APTORIEL may process personal data on behalf of its Customers. We are not the controllers of this data and act as data processors. We will process such data on behalf of the Customer as prescribed in the respective agreements between APTORIEL and the Customer. The Customer’s privacy policy or other agreement between the Customer and you (or your organization) will apply to such processing, and not this policy.

Information collected
We may collect and receive Customer Data and other information and data (Other Information) in a variety of ways:

  • Customer Data. Customers or individuals granted access to our Services by a Customer (Authorized Users) routinely submit Customer Data to us when using the Services.
  • Other Information. We also collect, generate and/or receive Other Information:
  • Account Information. To create, or update a Service or Customer account, you or your Customer supply us with name ,firstname, phone number, entity ( domain or organisation to which customer belongs)
  • Usage Information.
    • Services Metadata. When an Authorized User interacts with the Services, metadata may be generated that provides additional context about the way Authorized Users work.
    • Log data. As with technology services delivered over the Internet, our servers automatically collect information when you access or use our Services and record it in log files. This log data may include the Internet Protocol (IP) address, the date and time the Services were used.
    • Device information. We collect information about devices accessing the Services, including unique device identifiers. Whether we collect some or all of this Other Information often depends on the type of device used and its settings and the Services being used.
  • Additional Information Provided to Us. We receive Other Information when you request support, interact with our social media accounts or otherwise communicate with us.

Generally, no one is under a statutory or contractual obligation to provide any Customer Data or Other Information (collectively, Information). However, certain Information is collected automatically and, if some Information, such as account setup details, is not provided, we may be unable to provide the Services.

Use of the Collected Information
Customer Data will be used by us in accordance with Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. We are a processor of Customer Data and Customer is the controller. Customer may, for example, use the Services to grant and remove access to an account, assign roles and configure settings, access, modify, export, share and remove Customer Data and otherwise apply its policies to the Services.
We use Other Information in furtherance of our legitimate interests in operating our Services, Websites and business. More specifically, we use Other Information:

  • To provide, update, maintain and protect our Services, Websites and business. This includes use of Other Information to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues, analyze and monitor usage, trends and other activities or at an Authorized User’s request.
  • As required by applicable law, legal process or regulation.
  • To communicate with you by responding to your requests, comments and questions. If you contact us, we may use your Other Information to respond.
  • To develop and provide search, learning and productivity tools and additional features.
  • To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services, our Services offerings, and important Services-related notices, such as security notices. These communications are considered part of the Services and you may not opt out of them. In addition, we sometimes send emails about new product features, promotional communications or other news about our company. These are marketing messages, so you can control whether you receive them.
  • For billing, account management and other administrative matters. We may need to contact you for invoicing, account management and similar reasons and we use account data to administer accounts and keep track of billing and payments.
  • To investigate and help prevent security issues and abuse.

If Information is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person, we may use it for any business purpose. To the extent Information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as Personal Data. Contact the Customer if you wish to request the removal of Personal Data under their control.

Data Retention
We will retain Customer Data in accordance with a Customer’s instructions, including any applicable terms in the Customer Agreement and Customer’s use of Services functionality, and as required by applicable law. We may retain Other Information pertaining to you for as long as necessary for the purposes described in this Privacy Policy. This may include keeping your Other Information after you have deactivated your account for the period of time needed for us to pursue legitimate business interests, conduct audits, comply with (and demonstrate compliance with) legal obligations, resolve disputes and enforce our agreements.

Protection of your information
We follow industry standards and implement proven security technology to protect our Customer Data, and access to Customer information is restricted to authorized personnel only. We are very sensitive to the privacy concerns of our Customers and visitors to our Website.
Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Service; any transmission is at your own risk given the transmission of information via the internet can’t be not completely secure.

Information sharing
We do not sell your information to third parties.
We may share the information you provide with our technical partners acting on our behalf to support our processing of personal data under this policy.
We will disclose your personal information to third parties in the event that APTORIEL or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of service, terms of use, and other agreements with you; or to protect the rights, property, or safety of APTORIEL, our customers, or others.

Customers Consent
Please note that we do not allow our Customers to opt out of contact that is required for the functionality of our Services or to maintain Customer accounts.

Children and Privacy
We do not knowingly target or solicit personal information from children or send them requests for personal information. If you are under the age of 18, you confirm you have received permission from your parent or guardian before using our Services or sending us personal information.

Tracking Technology
Our Services do not use cookies or other similar technologies.

Data Transfers
We may transfer your Personal Data to countries other than the one in which you live.
We do not transfer your Personal Data to countries that are not under the European General Data Protection Regulation.

Your Rights
Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their personal data. Subject to any exemptions provided by law, you may have the right to request access to Information, as well as to seek to update, delete or correct this Information.
To the extent that our processing of your Personal Data is subject to the General Data Protection Regulation, we rely on our legitimate interests, described above, to process your data.
EU Citizen rights under GDPR, you have the right under certain circumstances:

  • to be provided with a copy of your personal data held by us;
  • to request the rectification or erasure of your personal data held by us;
  • to request that we restrict the processing of your personal data (while we verify or investigate your concerns with this information, for example);
  • to object to the further processing of your personal data, including the right to object to marketing;
  • to request that your provided personal data be moved to a third party.

Your right to withdraw consent: Where the processing of your personal information by us is based on consent, you have the right to withdraw that consent without detriment at any time. You can exercise the rights listed above at any time by contacting us at dpo@aptoriel.fr.
Please contact us at dpo@aptoriel.fr for any GDPR issues you may have. You do, however, have the right to approach your local data protection authority, (see http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.html for data protection authorities in the EU).

Changes to this Privacy Policy
We may amend this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. If we make any substantial changes in the way we use your personal information, we will make that information available by posting a notice on this page. Any substantive changes will be notified to the Customer by e-mail.
This policy was last updated on January 20, 2021.

Contact information
Please also feel free to contact us if you have any questions about this Privacy Policy or our practices, or for the purposes of Applicable Data Protection Laws including the European Economic Area data protection law, (the “Data Protection Law”) if you are seeking to exercise any of your statutory rights.
You may email us at dpo@aptoriel.fr or use our mailing address:
APTORIEL
117 rue de Charenton
75012 PARIS
FRANCE