IDEMIA understands the importance of, and is committed to, protecting data subjects' personal data. IDEMIA herein after “IDEMIA” is part of the IDEMIA Group of Companies ("IDEMIA Group") which is a global organization.
This policy sets out how IDEMIA aims to protect the privacy of personal data, users’ rights in relation to their personal data handled by IDEMIA and the way IDEMIA collects, holds, uses and share personal data. This policy explains how IDEMIA use the personal data we collect about user when accessing our website. This policy may be updated from time to time.
The processing of data collected via our Site is carried out with your consent and/or in accordance with our legitimate interest.
Purposes for which IDEMIA collects Personal data
The Site is offered by IDEMIA and provides documentation, demos, SDKs and APIs. IDEMIA collects personal data for the sole purpose of:
- providing access to the Portal and its content in a secure way
- satisfying the functions of e-mail programs or notify visitors of new features, including new services, of the Site, registration and this only if visitors expressly give us permission
- responding to requests from visitors to the Site
- verifying identity of end users when opening an account
- enhancing or improving user experience
- maintaining and improving the quality of the service IDEMIA provides
- responding to inquiries and resolve complaints and disputes
The types of personal data that IDEMIA may collect and hold
User shall ensure that provided personal data are accurate, complete.
Personal data directly collected from you
Some of the personal data stored on our Server are those that you voluntarily provide us when you complete online forms:
- Name, First Name
- Email address
- Phone number
- Role / position
Personal data automatically collected
In addition, in order to improve navigation on the Site, IDEMIA collects data during your visit via the deposit and reading of tracers. These data are as follows:
- Your IP address: an IP address is assigned to your computer by your Internet Service Provider to enable you to access the Internet; the IP identifier changes with each connection and so cannot be identified automatically.
- Your login if you navigate on restricted parts of the Site.
- The date and time of your visit to the Site, and the pages you have consulted.
- Your operating system of your computer and the browser software.
- The sites you visited and the duration of your connection.
- Our Site uses Google analytics and do not use persistent cookies on your hard drive.
- Personal data directly collected from you
Disclosure of personal data by IDEMIA
IDEMIA will use the following subprocessors: Amazon Web Service, hosting the Site and data.
IDEMIA ensures that all personal data is handled by IDEMIA in accordance with the EU General Regulation on Data Protection and that appropriate security measures are put into place. Where possible the personal data used for the abovementioned purposes will be pseudonymized, de-identified or anonymized.
IDEMIA will not sell, rent or otherwise disclose your personal data to third parties.
Overseas disclosure by IDEMIA
IDEMIA may share your personal data with other affiliates of the IDEMIA Group in order to carry out the activities specified in this Policy. This includes any IDEMIA Group entity for which your IDEMIA contact person is working and has a need to access to the personal data for the Portal registration process. Using the Portal you hereby give your consent for the use of your personal data by the above mentioned contact person outside of your country of residence as the case maybe. Your personal data may therefore be subject to different privacy laws than in your country of residence.
IDEMIA may use your personal data for marketing communication purposes if you additionally gave your consent.
IDEMIA will neither use nor sell or rent end user personal data to any third party for marketing purposes.
Security of Users’ personal data
IDEMIA ensures that your personal data is processed in complete security and confidentiality. To this end, IDEMIA has implemented appropriate technical and organizational measures to prevent the loss, hacking, alteration and deletion of your data, to reduce the risks from misuse, interference and from unauthorized access, modification or disclosure. In particular, our data storage systems are only accessible by a limited number of authorized persons. This includes as a minimum:
- limiting physical access to our premises
- limiting access to the information IDEMIA collect about you
- limiting which personnel are authorised to access your data on a need-to-know basis
- firewalls filter, data encryption
- putting in place physical, electronic, and procedural safeguards in line with current relevant industry standards
In the event of a Data Breach, IDEMIA will notify you without undue delay after becoming aware of a Data Breach and will put in place all necessary mitigating measures.
IDEMIA ensures that its subprocessors have proper security measures in place.
IDEMIA keeps the personal data collected via the Site for the time necessary for the purposes set out in this policy (i.e. the granted access to the Site and its content) in accordance with the legal and regulatory requirements applicable to retention and limitation periods.
How you can access and manage your data?
In compliance with GDPR User has the right to access, rectify, delete, limit the processing and the portability of your data. Your requests to exercise your rights should be address to our Data Protection Officer. User can delete its data by deleting its account. To exercise your right you can send an email to:
IDEMIA Data Protection Officer (DPO)
2 Place Samuel de Champlain
92400 COURBEVOIE and/or
If you are not satisfy of the way we are handling the request, you can complaint to the CNIL or to the Supervisory of your residence country.
Where processing is based on consent, you can withdraw your consent at any time.
Changes or updates of our Confidentiality Policy
Latest update: Version 1, 02.07.2020