Data privacy

Privacy Policy
GDPR
Cookies Policy

Sellsy Privacy Policy

In force as from 28/02/2024

Download in PDF

The Privacy Policy hereof aims to provide you with information on Sellsy’s procedures as regards the collection and processing of your Personal Data. 

This Privacy Policy is part of the General Conditions of Sales (GCS) (when applicable to you) and the Software’s Terms and Conditions of Use (TCU). All terms defined in these documents will have the same meaning in the Privacy Policy. 

By accessing and using our websites and/or the software Sellsy, you undertake to read this Privacy Policy which may be modified or updated at any time without prior notice. 

All updated versions of the Policy will be posted on the Site. As such, we advise that you read it regularly. 

1. Processing purposes and nature of Personal Data processed

1.1. We collect and process Personal Data which you provide to us voluntarily to access and use the Software, to file requests to our teams (demos, free trials, partnership requests, mentorship and others) or to access our online resources. 

We further collect and process data about users’ preferences and traffic on our sites (such as IP addresses of visitors on our Site) 

Ultimately, we also receive your data from our partners who retrieve them from you directly or from public sources, as well as from our Clients who want to mentor your subscription to a Plan.  

More specifically, we process your Data to: 

  • create accounts on our websites (Sellsy Account, Trial Account, Sellsy Academy) to access our Software and use our services; 
  • provision our various websites (the Site, Sellsy Academy), and their multiple features;
  • manage our marketing operations (contests, event organisation, etc,);
  • manage mentorships;
  • upload our resources online; 
  • manage and monitor sales relations (subscriptions, orders, payments, claims and User support);
  • Improve our sales services. In this respect, we may need to record your telephone communications with our sales teams; 
  • monitor customer satisfaction (surveys, monitoring customer reviews); 
  • manage technological and business partnerships; 
  • manage customer prospecting and requests for information (sending sales and marketing offers, newsletters, white papers, requests for online demonstrations, request for quotations, etc.) and tracking the effectiveness of prospecting campaigns through email open tracking; 
  • improve our services, by placing cookies on users' devices; 
  • manage the security of our sites and that of the Software, as well as their enhancements, by means of tests; 
  • manage requests from Users to exercise the various rights concerning their Personal Data: rights of access, rectify, delete, , oppose,  limit the processing of data and right to data portability; 
  • manage litigations and disputes.

To open an Account, you must provide us with at least the following Personal Data, to be able to use the Software: 

- Your name 

- Your email address 

- Your telephone number 

You may complete your profile with other personal information (home address, other telephone number, date of birth, photo, name of your customers or prospects, etc.). 

We will never collect or process Sensitive Personal Data, as understood by the law, for example, relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or health, etc. 

1.2. We collect information on the basis of the contractual relationship binding you and our company: history, subscriptions, billing and payment information, requests and incidents reported to the support service… 

1.3. We further collect your personal data during telephone communications which may be recorded for purposes of improving our service. 

1.4. We collect Personal Data during your visits on our Site (go.sellsy.com) or during utilisation of our Software. Such data include the date, time and duration of your visit on the Site, your navigation path, your operating system, etc. This information is collected via (or through) some cookies automatically placed on your device, or other cookies, after obtaining prior authorisation from you. 

A cookie is a short text file sent by the website which the User consults in their browser or on their device. Cookies are destined to enable the Site function properly, to facilitate navigation (save technical preferences, past activity), to improve the use of the site and the service, as well as for better understanding of Users’ experience. 

Cookies have a maximum lifespan of 13 months. 

You can consult our Cookie Policy here

II. Lawfulness of processing 

We use your Personal Data exclusively in the circumstances provided for by the regulations in force. Such circumstances include: 

  • the performance of contractual services relating to your use of the Software Sellsy, or other pre-contractual operations; 
  • compliance with a legal obligation; 
  • your authorisation as regards the processing of your data (for cookies): You have the right to withdraw your consent without prejudice to the lawfulness of the initial processing of your data which was based on the consent given prior to said withdrawal; 
  • Our legitimate interest in conducting customer prospecting or promotional activities for us or our subsidiaries (information on our products and services, promotions or events organised within SELLSY group). 

III. Personal Data Processing 

SELLSY collects and processes your Personal Data fairly and lawfully, in compliance with the principles of the European Regulation 2016/679 of 27 April 2016 (GDPR). 

This Privacy Policy sets out SELLSY’s obligations as controller of your Personal Data, as defined by the GDPR. 

SELLSY has appointed a Data Protection Officer (DPO or Data Protection Delegate) responsible for the continuous monitoring of SELLSY's compliance with rules and principles of the GDPR. The DPO can be reached at dpo@sellsy.com. 

The DPO is tasked with the following: 

  • provide information and advise the Data Controller with regard to implementation of the GDPR in the company; 
  • raise awareness of SELLSY employees on Users' Personal Data protection; 
  • provide assistance to them during the execution of data processing; 
  • reply to requests relating to the exercise of your rights, in accordance with Article VIII. 

IV. Storage of your Personal Data 

4.1. Security 

SELLSY deploys its best efforts to avoid loss, misappropriation, intrusion, unauthorised disclosure, alteration or destruction of the Personal Data that you communicate to us. 

Therefore: 

  • Data are stored on our servers, hosted in the infrastructure of CLARANET France. The security control or our servers and the updating of our Operating Software are carried out in real-time. 
  • All your information shared with us are encrypted [TLS protocol V1.3]. 
  • SELLSY employees are bound by an obligation of confidentiality and non-disclosure. All our staff have signed a specific undertaking relating to the protection of Personal Data. 
  • Access to your Data is regulated by a stringent access control policy restricted to personnel with necessary security clearance, under conditions set out herein. 
  •  Whenever we use service providers to process Personal Data, we undertake prior verifications to ensure that these service providers ascertain an equivalent level of security protection. 

For more information, see our Security FAQ, available here

4.2. Duration 

SELLSY stores your Personal Data in compliance with the legal and regulatory provisions below: 

  • we store information relating to Customer account management, orders, invoicing, payments for a duration of 10 years after termination of the contract or the last contact initiated by the inactive Customer. 
  • we store information relating to the constitution and management of customer prospecting files for a duration of 3 years following the last contact initiated by the prospect. 
  • we store inactive Customers’ Data for purpose of sending sales and marketing offers, for a duration of 3 years after expiration of the business relationship. 
  • we store recordings of telephone communications between you and our sales teams for a period of six (6) months.
  • For a duration of one (1) year, we are held to store your Personal Data below resulting from the creation, modification or deletion of User Content: 
  • login credentials; 
  • Credentials attributed by the Device; 
  • Protocol types; 
  • Type of transaction 
  • Date and time of transaction 
  • Credentials used by the author of the transaction. 

We will delete your Personal Data in a safe manner, as soon as their retention is no longer justified for purposes of Customer account management, legal obligation, business requirements, assertion, exercise or defence of our legal rights, or upon request from you, by virtue of exercising one of your rights (Article VIII)

4.3. Account deletion 

You may further request the deletion of your account in pursuance of the GCS. Your Personal Data will then be deleted under the conditions stipulated in Article 4.2. above. 

V. Recipients of your Personal Data 

5.1. Access to your Personal Data by SELLSY group staff 

Subject to the purposes listed out in Article I, SELLSY group’s customer support, administrative, accounting, legal, technical, marketing & sales teams may access your Personal Data. 

Access to your data is restricted by individual security clearance authorisations, as specified in Article 4.1. 

5.2. Data communication to third parties

SELLSY may subcontract the following services in particular: 

  • Hosting 
  • Sending of post mails or emails 
  • Customer relations management 
  • Maintenance 
  • Technical developments 

In accordance with Article 28 of the GDPR, access to your Personal Data by our subcontractors is provided for and regulated by a contract. This contract binding us to our subcontractors outlines the various regulatory obligations of Personal Data Protection binding on them. 

In addition, SELLSY may communicate Personal Data to third parties (for example to business partners), in compliance with its regulatory obligations. 

5.3. Restrictions on the use of your Data for Gmail account holders 

You may synchronise your Gmail account with Sellsy Software using a login application. For purposes of enhancing the security and privacy of Gmail account holders’ personal data, and without prejudice to any other provision under this Privacy Policy, the use of your data by the login application will be subject to the following restrictions: 

  • The login application accesses your Gmail User data to perform the following actions only: read, write, modify, or control Gmail messages content (including attachments) and metadata, in order to provide a mail client allowing users to write, send, read, and process emails; 
  •  The login application never communicates these Gmail data to third parties unless such communication is required to provision and improve the features of the login application, to comply with applicable laws, or as part of a merger, acquisition, or sale of assets; 
  • The login application does not use this Gmail data to serve advertisements;
  •  The application does not permit any human to read this data, unless you expressly grant us such authorisation for certain specific emails, for security reasons (investigations into misuse), to comply with applicable regulations, or for an internal intervention on the application provided data has been previously aggregated and made anonymous. 

Sellsy's use and communication of information received from Google accounts to any other application is done in accordance with Google's API Services User Data Policy, including Limited Use requirements.

VI. Transfer of Personal Data outside the European Union

We host your Personal Data in the European Union (Article 4.1). 

However, we are required to transfer some Personal Data to our subcontractors located outside the European Union. In this case, we start by ensuring that appropriate securities are ascertained to frame any transfer of Personal Data (such as the Standard Contractual Clauses of the European Commission with additional security guarantees), in accordance with the GDPR and recommendations of the European Data Protection Supervisor. 

We may be compelled to disclose your Personal Data to a third party if required by law, a regulation, or court order, or if such disclosure is necessary for the purposes of an investigation, an injunction or legal proceedings started by a national authority within the country or abroad.

VII. Communications from SELLSY 

7.1. We may send you emails at the email address linked to your Account for purposes of business relationship, including, technical or security reasons, administrative motives relating to your Subscription in the Software, your participation in events, or to keep you posted on updates in the services we offer. 

7.2. We may also send you SMS or emails with promotional and marketing offers. You have the possibility to unsubscribe to these emails and SMS, as provided for in the conditions stipulated in Article VIII. Should you unsubscribe from these communications, you will nevertheless continue to receive the communications listed in section 7.1. 

7.3. The prospecting emails we send to you contain trackers allowing us to verify their proper reception, opening, clicks you may make on these emails, etc. You can at any time oppose the reception of these emails under the conditions mentioned in Article VIII.

VIII. Exercise of User’s rights 

In accordance with the French law "Informatique et Libertés" and the European Regulation 2016/679 of 27 April 2016 (RGPD), in force on 25 May 2018, you are entitled to the following rights on Personal Data processing: 

  • Rights of access and rectification 
  • Right to object 
  • Right to deletion 
  •  The right to portability 
  •  Right to restriction of processing 

You can: 

  • modify your Personal Data directly from your SELLSY Account, if you have one, 
  • manage receipt of promotional communications (unrelated to a transaction) simply by clicking on the “unsubscribe” link at the bottom of emails sent by SELLSY or by sending an email to: dpo@sellsy.com
  • manage receipt of SMS by sending a “STOP” text message or via the unsubscribe link provided for this purpose if applicable
  • Object the recording of our telephone communications by indicating this to our agent or by asking us to delete the recording, by email sent to the address: dpo@sellsy.com. 

You may exercise your rights by emailing us via the following email address: SELLSY – 50 avenue du Lazaret 17000 LA ROCHELLE, or by writing directly to our DPO at dpo@sellsy.com

All requests must be motivated and accompanied by a copy of a valid identity document. 

You have the possibility to file a complaint to your Supervisory Authority, which is in France: the French Supervisory Authority (Commission Nationale de l'Informatique et des Libertés- CNIL), at the following address: 

CNIL – Services des plaintes, 3 Place de Fontenoy – TSA 80715 – 75334 Paris Cedex 07 - telephone : 01 53 73 22 22. 

Download in PDF

General Data Protection Regulation

Why?

The European Regulation of 27 April 2016 on personal data came into force on 25 May 2018.

Its objective is to strengthen the protection of individuals in the European Union. It defines and specifies a certain number of rights recognized to individuals whose personal data is processed. It also provides for a certain number of obligations on the part of companies.


1. An extended scope of application

Since May 25, 2018, any company, as soon as it offers goods or services to the persons concerned by the processing on the whole territory of the European Union, must apply the GDPR.


2. The accountability principle and the end of reporting obligations

The accountability principle is one of the fundamental principles of the GDPR. It refers to the obligation for companies to implement internal mechanisms and procedures to demonstrate compliance with data protection rules.

This principle requires companies to provide the supervisory authorities (in France, the Commission Nationale Informatique et Libertés) with documentation establishing compliance with the Regulation.

Routine processing operations must now be listed in a register and no longer have to be declared to the CNIL.


3. Increased penalties

Failure to comply with the obligations of the Regulation is sanctioned by administrative fines issued by the Commission Nationale Informatique et Libertés. These fines have been considerably increased and can amount to up to 20 million euros or 4% of worldwide turnover (whichever is higher).

The CNIL monitors the application of the GDPR and imposes penalties of several million euros. 


4. Strengthening the rights of data subjects

New rights are recognized for the persons concerned by the processing.

These include the right to portability, the right to be forgotten and the right to limitation. In the event of a data breach, procedures must also be defined to notify the CNIL and the persons concerned. 


5. A new actor: the Data Protection Officer (DPO)

The DPO guarantees the compliance of his organization with the Data Protection Act. 

His appointment, mandatory in certain cases (*), is one of the major measures of the Regulation. He takes over from the Data Protection Correspondent but his responsibilities are broader.

Companies wishing to commit themselves to the respect of the privacy of individuals can also proceed to the optional appointment of a DPO.

The DPO continuously monitors the compliance of his organization. His appointment must meet conditions of integrity and professional ethics, Sellsy appointed a DPO on May 25, 2018, he can be contacted at dpo@sellsy.com

(*) For public authorities or organizations, organizations whose basic activities lead them to carry out regular and systematic monitoring of individuals on a large scale, organizations whose basic activities lead them to process on a large scale so-called "sensitive" data or data relating to criminal convictions and offences. 


6. New obligations for data processors

Until May 25, 2018, only the controller - who decides on the purposes and means of the processing - was responsible.

The GDPR provides that a processor is responsible in principle and subjects it to specific security, confidentiality and accountability obligations. 

There is a relative obligation to advise on certain points of the regulation (breaches, security, data destruction, contribution to audits).

Sellsy Cookie Policy

Updated on 31/08/2023

Download in PDF

This Cookie Policy aims to inform users of the website Sellsy (go.sellsy.com) (“the Site”) about the types and use of cookies, as well as the tools used for their setting. We recommend that you visit this page regularly to check for updates to this Policy.

During your visits on the Site, cookie placement on your device (the “Device”) shall be subject to your authorisation, so long as the cookies are not strictly necessary for the operation of the Site. 

I. What is a cookie? 

Cookies are small files identified by specific names, which can be deposited by the websites you visit. Your browser keeps cookies for a specific period of time (article V.Cookie retention period) and returns it to the server each time you connect to the site. 

Cookies are used to operate a site, to facilitate your browsing experience, as well as to offer you relevant offers and services. 

Whenever you visit our Site, some cookies essential to the operation of the Site are automatically placed on your Device. Other cookies are subject to your express consent (Article IV. Cookie authorisation). 

II. Information collected by cookies 

Site cookies may collect data about a device or a given behaviour at a specific time. This includes: 

  • The IP address of the logged device 
  • The date, time and duration of visit on a page or on the entire site
  • Number of web pages viewed 
  • Navigation path 
  • The Operating System 
  • The type and version of browser used 
  • The brand and model of the mobile device or tablet 
  • The device language 

III. Types and purposes of cookies

A. Types of cookies

1. First-party cookies

First-party cookies are generated and stored locally by Sellsy: no third party can access data collected by such cookies. They are to be differentiated from “third party” cookies generated by our suppliers or by social networks. 

2. Third-party Cookies

A third-party cookie is a cookie placed on your device by a server hosting a different domain from that of the Site. Third-party cookies are generally used by web analysis services, various marketing tools, social networks, or different advertising platforms (retargeting). 

B. Purpose of cookies 

Necessary cookies for the Site’s operation

These cookies are essential to ensure the operation and enhancement of the Site. They allow you to use main features of the Site and secure your connection.

The Site uses: 

  • gtm_auth / gtm_debug / gtm_preview: to allow you accept/reject cookies 
  • Intercom: to chat with us
  • Kiflo: to manage our partnerships.

These cookies are essential for operation and browsing on the Site, as well as for the use of a service at request. These cookies can not be rejected via the cookie banner of Sellsy’s website. 

Hence, our partner Intercom places cookies to enable you to use the online chat tool: this cookie is essential to the functioning of the service and is placed only if you want to benefit from it. 

Our partner Kiflo places cookies to enable us manage our partnerships. 

You can also object these and delete them using your browser settings (Article VI. Cookie management), which may affect your user experience. 

Cookies for tracking visits from the platform and for assessing effectiveness of advertising campaigns 

These cookies allow to measure the performance of our marketing operations, to offer you content increasingly relevant and adapted to your expectations. 

The Site uses: 

  • Appvizer 
  • Bing Ads 
  • Capterra (Gartner Digital Partners) 
  • Conversion Linker 
  • Facebook 
  • Google Ads 
  • LinkedIn 
  • Microsoft Ads 
  • ZBO Media 

You can reject these cookies at any time using our cookies banner (Article VI. Cookie management). If you accept cookies, information collected through these will be stored for a maximum duration of 13 months. 

Audience and interaction measurement cookies on our site 

These cookies make it possible to track the audiences of the Site in order to generate statistical data on the Sites’ utilisation. They allow us to improve the Site’s performance and offer you customised content. 

The Site uses: 

  • Clearbit 
  • Google Analytics 
  • Google Optimize 
  • Hotjar 
  • Plezi 
  • Salesloft 
  • Wisepops 

You can reject these cookies at any time using our cookies banner (Article VI. Cookie management). 

If you accept cookies, information collected through these will be stored for a maximum duration of 13 months. 

IV. Cookie authorisation 

The first time you visit the Site, you will see a cookie-dedicated banner offering you possibilities to: 

  • Accept or reject all cookies 
  • Make customised choices, cookie per cookie 

You may go back to your choices at any time and reset them, by accessing the cookie management interface at the bottom of our Site in the “Manage my consents” tab. 

The technical cookie storing your preference is placed on your device for a period of 6 months: eventually, we will ask you to accept, set or refuse the cookies again.

V. Cookie retention period 

Session cookies disappear as soon as you leave the Site, while persistent cookies remain on your device until expiry of their lifespan (13 months maximum) or until you delete them using your your browser settings (ArticleVI. Cookie management). 

VI. Cookie management 

1. Sellsy Consent Management Platform 

The interface can be accessed directly at your first visit. It allows you to set the cookies placed on your device. You may go back to your choices and reset them, by accessing the cookie management interface at the bottom of our Site in the “Manage my consents” tab. 

This interface is offered by our partner Didomi. It allows us to configure cookies and collect user consent in compliance with CNIL recommendations. 

2. Web browser configuration 

You can configure your web browser at any time, free of charge, if you want cookies to be saved on your device or rejected, either systematically or depending on their source. However, complete rejection of cookies may lead to lower website browsing experience. 

To manage cookies and preferences, each browser configuration is different. Your browser help menu will describe how to change your options with respect to cookies. 

For example, here are links to steps for configuring preferences from your browser options:

For more information on cookie configuration, you can visit the CNIL’s website

VII. Guarantees from our partners 

The Site relies on some services offered by third party websites. These features use third-party cookies which have been directly deposited by these services. At your first visit on this Site, a banner informs you of the presence of these cookies and requests you to set your preferences. They are placed only if you accept them. 

For your information, here are the links to our partners' privacy policies:

VIII. Additional information 

You can consult our Privacy Policy at any time if you would like to know more about how we handle your Personal Data. 

For any other information, you can contact us by email at dpo@sellsy.com

Download in PDF
Logo Sellsy
Language
FrançaisEnglish
Good to know
What is a CRM?
Solutions
By department
MarketingCommercialAdministrative Service
By sector
StartupsSMEAgenciesSoftware publisherE-commerce
Partners
Referral ProgramSellsy PartnersAccountants
Sellsy tools
MarketplaceAPIGoogle Workspace
About us
Contact usWho are we?La RSE chez Sellsy
Manage my consents
General Terms & ConditionsLegal NoticeData privacyVulnerability Disclosure Policy
Data security
Sellsy © 2024. All rights reserved.