Last updated on: 2022-05-05
Respecting the confidentiality and integrity of our customers’ data is a priority for Clever Cloud. That is why we take care to limit our processing of personal data to what is necessary for the provision of our services, and to fully respect your rights guaranteed by the European Regulation on the Protection of Personal Data (“GDPR”) of April 27, 2016.
In general and except for the specific needs detailed below, Clever Cloud does not access the data you choose to host on the platform. In any case, Clever Cloud never exploits the data of your own customers and users. This Privacy Policy details what data we process, why we process it, and what rights you have. It applies to our own customers’ personal data collected during your use of the Clever Cloud Platform, accessible on the Clever-Cloud.com domain. However, each Clever Cloud customer who uses our hosting services to run an application is solely responsible for the processing of his or her own users’ data, subject to the Data Processing Agreement that is part of the Contract between you and Clever Cloud.
Clever Cloud processes personal data for various purposes, in particular:
During your visit to the Platform, including the site accessible at www.clever-cloud.com, Clever Cloud collects data necessary to detect anomalies, to track visits to the various pages and components of the Platform, to verify the suitability of the content to the expectations of our visitors and users, and to optimize the performance of the website and the Platform.
These data strictly necessary for the proper administration of the Platform include:
They are kept and processed for 180 days within the Matomo Analytics tool hosted on its own servers by Clever Cloud, and are therefore not shared with third parties. If you do not wish to have your visits recorded, you can refer to the following instructions:
This processing is carried out on the basis of the legitimate interest of Clever Cloud to analyze the traffic of its website (Article 6.1.f of the GDPR).
In order to secure the Platform, in particular by detecting attempted intrusions, fraud, illicit copying of content or denial of service attacks, and to detect any anomalies in the operation of the Platform, Clever Cloud implements technical processes requiring the processing of personal data such as:
These processing operations are carried out on the basis of Clever Cloud’s legitimate interest in securing its services and the data of its Customers, and ensuring the proper functioning of the Platform (Article 6.1.f of the GDPR).
In addition, in order to comply with its legal obligations to retain connection data, Clever Cloud retains for 1 year the aforementioned data related to your content (source code) creation, modification or deletion operations. The Customer is reminded that it is up to him to collect and retain the connection data related to the contents of his own customers, in accordance with his own legal obligations.
When you register on the Platform and use it, you may provide Clever Cloud with data associated with your customer account such as:
This data is kept for the duration of the Contract between you and us (based on article 6.1.b of the GDPR) for the purpose of managing and securing your customer account, as well as for billing our services. They may also be kept beyond this date, until the expiry of the retention periods imposed by our legal and regulatory constraints (on the basis of article 6.1.c of the GDPR).
The password associated with your login is never stored in clear text by Clever Cloud and you will never be asked for it anywhere other than on the interface that allows you to login to the Platform, exclusively from the Clever Cloud website. You have the possibility to activate the two-factor authentication to reinforce the security of the access to your account. Clever Cloud encourages you to activate it to limit the risk that third parties fraudulently access your data.
The banking information you enter during a payment is processed exclusively by the Clever Cloud partner you choose at the time of payment:
In order to respond to requests for technical or commercial assistance from its Customers, Clever Cloud may process the following data on the basis of the performance of the contract between you and Clever Cloud (Article 6.1.b of the GDPR):
Clever Cloud shares this data with its partner Crisp, exclusively for the purpose of processing your support request, whose Privacy Policy is available at https://crisp.chat/fr/privacy/
In this context, Clever Cloud deploys a messaging tool integrated to the Platform, requiring the installation on your browser of Crisp cookies. These cookies are necessary to restore chat sessions with the technical support team and to maintain the continuity of exchanges during your navigation in our pages. These cookies are kept under the conditions explained in Crisp’s privacy policy.
If you call the hotline, your phone number is retained while we process your request. The data is shared with our voice server provider Twilio, whose privacy policy is available at https://www.twilio.com/legal/privacy
For its recruitment activities, on the basis of the need to process your applications (article 6.1.b of the GDPR) Clever Cloud must process the personal data that you provide in the process of your application, such as your full name, date of birth, addresses, telephone contact details, resumes, emails, dates and results of interviews, salary expectations,…
This data is kept for the time necessary to process your application and at the latest 12 months from the last contact, unless you authorize otherwise. It will not be passed on to third parties without your permission. If you apply from a third party service, you must read and agree to the service’s privacy policy.
Clever Cloud implements technical and organizational measures in order to secure the data you entrust to us as well as possible, for example by using encryption measures as systematically as possible, or by limiting access rights to data to employees and service providers who have a legitimate interest in accessing it within the framework of the missions entrusted to them.
Clever Cloud’s services creation processes incorporate stringent data security requirements from the outset, and are monitored throughout the development and subsequent upgrades, with continuous evaluation and improvement of security requirements.
Data is hosted exclusively on servers managed by Clever Cloud, in highly secure data centers of your choice. You can find more information on how we secure your data and the security certifications of our data centers on the following page: https://www.clever-cloud.com/security/
In accordance with the GDPR, you have the following rights to your personal data:
In accordance with Article 12 of the GDPR, each request to exercise rights must be accompanied by relevant information to demonstrate your identity. In case of reasonable doubt, Clever Cloud may request that additional information necessary to confirm the identity of the person requesting the exercise of his or her rights be provided. Personal data relating to the exercise of these rights will be kept for a period of 1 year from the date of the reply sent by Clever Cloud.
You also have the right to instruct us as to what to do with your data after your death and to choose whether or not we disclose your data to a third party that you have designated. In the event of your death and in the absence of instructions from you, we undertake to destroy your data, except where their retention is necessary for evidential purposes or to meet a legal obligation.
You can exercise these rights by writing to us at [email protected] or by sending a letter to the address indicated in our legal notice, for the attention of the Legal Department.
You may also file a complaint before a competent national Data Protection Authority, which list is accessible at: https://edpb.europa.eu/about-edpb/about-edpb/members_en
Date | Comments |
---|---|
2022/05/05 | In the introduction, reference added to Clever Cloud’s DPA |
We write about programming, security and Clever Cloud products