European Regulation 2016/679 of 27 April 2016 (GDPR), which comes into force on 25 May 2018, provides for a new system for the protection of Personal Data. This Privacy Policy has been revised in application of this new regulation.

The purpose of the SELLSY Privacy Policy is to provide all information about the terms under which SELLSY collects and processes the Personal Information of Users. The Privacy Policy is part of the GTCU and each term defined in the GTCU has the same meaning in the Privacy Policy.

By accessing and using SELLSY, Users undertake to respect and be bound by this Privacy Policy, which can be changed or updated at any time without notice. Any modification will be posted on the Site.

I. Nature of Data Collected by SELLSY

1.1. SELLSY collects and processes data that Users voluntarily provide to access or use SELLSY as well as data concerning the preferences of Users and traffic (such as IP addresses).

The purposes of this Data Processing are to enable Users to create an Account to access SELLSY, to use the Services, to improve Services in placing cookies on Users’ terminals and sending them commercial offers and marketing.

To open an Account, Users must provide SELLSY with at least the following personal identification information to use the Solution:

  • Name
  • Email
  • Company name
  • Telephone number

Users can complete their profile with other Personal Data (their address, telephone number, date of birth, the name of their customers or prospects, etc.).

SELLSY will never collect or process sensitive Personal Data within the meaning of the regulations, for example regarding racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, health, etc.

1.2. SELLSY also collects Data relating to the commercial relationship with its Users: history, subscribed modules, billing and payment, participation in promotional offers, requests and incidents reported to the support service, etc.

1.3. SELLSY automatically collects certain data during visits to the website http//www.sellsy.com: for example, information about the origin of the connection, the type and version of the user’s Internet browser, the duration of connection, etc.
SELLSY uses cookies for the Site and the Customer Relationship Management Platform called SELLSY. A cookie is a small text file sent by the website consulted by the User in their Internet browser or on the device used. It does not personally identify the User, but has the function of facilitating navigation (memorising technical choices, past activity) and proposing relevant offers and services. Their maximum life is 13 months.
The goal is to facilitate navigation, improve use, benefits and better understand the customer experience.

The SELLSY Cookies Policy is available here.

II. Use of Personal Data of Users

SELLSY uses Personal Data only in the cases provided for by the regulations in force, which are:

  • the execution of the service provision contract relating to the use of the SELLSY Solution and/or;
  • compliance with a legal obligation and/or;
  • the existence of a legitimate interest in using the data: thus, SELLSY processes the personal data of the recipients of marketing information and commercial offers, on the basis of their legitimate commercial interest. Of course, SELLSY never uses personal data for marketing and commercial purposes without respecting the wishes of the data subjects who can always unsubscribe from these communications.

III. Processing of Personal Data

SELLSY collects and processes Users’ Personal Data in a fair and lawful manner and in compliance with the principles of European Regulation 2016/679 of 27 April 2016 (GDPR).

SELLSY is responsible for the processing of Personal Data of Users within the meaning of the GDPR.

SELLSY has appointed a Data Protection Officer (DPO) who continuously monitors SELLSY’s compliance with GDPR principles and rules. Its mission is notably:

to make SELLSY employees aware of the protection of Personal Data;
to support the teams during the implementation of processing;
to respond to requests related to the exercise of Users’ rights in accordance with Article VIII.

IV. Retention of Personal Data of Users

4.1 Security

SELLSY makes every effort to prevent the loss, misappropriation, intrusion, unauthorised disclosure, alteration or destruction of Personal Data disclosed by Users.

Therefore:

  • The data is stored on SELLSY’s own servers, hosted within the infrastructure of CLARANET France. The server security check and the update of operating software is carried out in real time.
  • All information sent to SELLSY is encrypted [256-bit TLS protocol].
  • SELLSY employees are subject to an obligation of confidentiality and non-disclosure and have all signed a specific commitment to the protection of Personal Data.
  • Access to Data is governed by a strict access control policy, reserved to authorised persons, under defined conditions.
    When SELLSY uses subprocessors to process Personal Data, SELLSY ensures that these subprocessors guarantee an equivalent level of security protection.

4. 2. Term

SELLSY retains Personal Data in accordance with legal provisions:

SELLSY keeps the information relating to the management of the Customer Account, orders, billing, payments 10 years after the end of the contract or the last contact from the Inactive Customer;

SELLSY keeps the information related to the creation and management of prospecting files 3 years from the collection of data or the last contact from the prospect;

SELLSY keeps inactive Customer Data for the purpose of sending information about the commercial and marketing offers, within 3 years after the end of the business relationship.

SELLSY has the obligation to keep, for one year, the Personal Data following the creation, modification, or removal of User Content:

  • Login identification;
  • The identification given by the terminal;
  • Types of protocols;
  • Nature of the operation;
  • Date and time of the operation;
  • Identification used by the author of the operation.

When the retention of the Data is no longer justified by the management of a Customer Account, a legal obligation or commercial requirements, and notwithstanding the exercise of the rights of deletion or modification, SELLSY will delete the Data in a secure fashion.

4.3. Account Cancellation

Users may also request that their Account be deleted in accordance with the Terms. Their data will be deleted by SELLSY without prejudice to Article 4.2 above.

V. Access to the Personal Data of Users

5.1. Access to Data by SELLSY Employees

The customer service, support, administrative, accounting, technical, marketing and sales departments are likely to have access to Personal Data.
Access to your data is based on individual access permissions as specified in Article 4.1.

5.2. Data Transmission

SELLSY can outsource the following services:

  • Hosting
  • Providers sending postal or digital mail
  • Maintenance and technical development providers

Pursuant to Article 28 of the GDPR, SELLSY’s subcontractors’ access to the Data is provided for by a contract signed between SELLSY and the subprocessor, which sets out its obligations with respect to the protection of Personal Data that are available to SELLSY.

VI. Transfer of Personal Data

SELLSY retains Personal Data in the European Union.

If the Data collected by SELLSY in connection with the Services were to be transferred, in a very marginal way, to subcontractors located in other countries, SELLSY shall ensure that appropriate safeguards are provided to control any transfer of Personal Data.

SELLSY may provide Users’ Personal Data only if it is required by law or ordered by a French court.

VII. Communication from SELLSY

SELLSY can send emails to Users at the email address associated with their account for technical or administrative reasons or to inform the Users of the change of the Services.

SELLSY can also send Users emails containing commercial and marketing offers. A deactivation link allows Users to unsubscribe at any time.

VIII. Exercise of User Rights

In accordance with the French Data Protection Act and the European Regulation 2016/679 of 27 April 2016 (GDPR), in force on 25 May 2018, Users have the following rights concerning the processing:

  • right of access
  • right to rectification
  • right to object
  • right to erasure
  • right to data portability
  • right to restriction of processing

Users may exercise these rights by writing to SELLSY at their postal address: 50 avenue du Lazaret 17000 LA ROCHELLE or contact the DPO directly at dpo@sellsy.com
All requests must be justified and accompanied by a copy of a valid ID.

Users may also modify their Personal Data directly from their Account.


Try the most complete solution for your commercial management  

Start your trial
Try for free

Essai gratuit 7 jours – Sans engagement