Privacy policy
Last updated November 4th, 2019
The objective of this policy (hereafter "the Policy") is to inform users (hereafter " the User") of the authentik.com website and mobile site (hereafter "the Website") about the methods used for:
- collecting and processing personal data in compliance with Regulation 2016/679, known as the General Data Protection Regulation (GDPR).
- consulting, processing and storing information relating to the browsing activities of the User on the Website in “cookie” files (hereafter "Cookies").
Authentik is responsible for personal data collection on the Website.
Authentik reserves the right to modify the Policy at any time, notably to ensure compliance with any regulatory, jurisprudential, editorial or technical changes. Before using the Website, the User should refer to the latest version of the Policy.
The Policy is an integral part of the Terms of Use of the Website. Authentik is the controller for most of the data processing carried out on the Website as specified below.
I. DATA PROTECTION
A. Processing for which Authentik is responsible
During the User’s visit and use of the Website, data may be collected directly or indirectly by or for Authentik and processed to allow access to the services offered by the Website (hereafter "the Services") for administrative and commercial management purposes.
When data is collected, the User is informed as to whether the Data requested is required or optional. Data identified with an asterisk on a form is required. If Users choose not to provide required data, they will not be able to access and use the Services.
1) What types of data are collected?
The type of data collected by Authentik depends on the Services used by the User. Such data includes data submitted directly by the User in addition to data collected indirectly when you visit the Website, including via Cookies.
In general, the data collected is personal data about the User and/or Data relating to the User’s use of the Services. All the data detailed below will be collectively referred to as “the Data”.
• User account data: refers to data entered by the User in the registration form during the creation of an account.
• Data made public by the User: refers to all information published voluntarily by the User on public areas of the web site, such as comments, photos and account profile. Only Data specifically declared to be public by the User will be published in this way (hereafter " Public Data").
• Data related to browsing: Data collected directly or indirectly by Authentik when the User visits the Website.
2) Why does Authentik collect Data about the User?
Data is collected and processed when the User visits the Website for the following purposes:
- To manage the access and use of certain Services;
- To send newsletters, advertising and promotional messages, provided that the User accepted to receive them by checking the box provided for that purpose when registering for the Services;
- To generate statistics on the use of the Services;
- To manage User reviews of the Website’s products and Services;
- The development of personalized and targeted promotional campaigns on social media channels;
By agreeing to the use of Cookies when connecting to the Website, the User accepts that Data obtained from Cookies may be used for the purpose of (i) improving the user experience, (ii) offering appropriate content to the User based on browsing history.
Data may be collected for other purposes relating to specific or temporary services. Where applicable, information on said collection and processing will be specified at the time this Data is collected.
3) Recipients of the Data collected
The database that consists of the personal data collected through registration for Services is strictly confidential. Access to this database is restricted to authorized Authentik personnel.
Authentik undertakes to implement appropriate organizational and technical measures to safeguard the security, integrity and confidentiality of the Data and protect it from alteration, damage or disclosure to unauthorized third parties.
• Disclosure to public authorities and/or bodies:
Pursuant to regulations in force, the Data may be disclosed in response to lawful requests by competent authorities and/or public bodies for the exercise of their official mission, court officials, judicial officers and debt collection agencies, or in the framework of an inquiry into offences committed on the Internet.
• Data shared with third parties:
Data collected may be shared to third-party entities, given that the user agrees to this charter and solely to comply to the purposes defined above.
4) The rights of the User
In accordance with the General Data Protection Regulation, the User has the right to access, rectification, erasure, limitation, and portability of all personal Data, and to request the erasure of any Data collected when the User was a minor.
Where the collection and processing of Data is carried out on a consensual basis, the User may withdraw this consent at any time.
Finally, the User may set out instructions for the retention, deletion and communication of his/her Personal Data after his/her death.
These rights may be exercised at any time:
-
By post: Authentik, 7680 rue Saint Hubert, Montréal (QC) H2R 2N6, Canada
-
By e-mail: info@authentik.com
-
By completing the appropriate form on the “Right to be forgotten” or “Change my personal data” pages on the Website.
Any personal data transmitted by the User in exercising his/her right to access will be treated as personal and confidential. In this regard, the User’s request must be accompanied by proof of identity, namely a written statement testifying that the User owns the personal data in question and a photocopy of an ID document with signature.
In the event of a dispute, you have the right to contact your country’s data protection authority.
5) Storage period and archiving of Data
User Data will not be stored beyond the period strictly necessary for the purposes identified herein, in accordance with the General Data Protection Regulation.
In this regard, Data used for direct marketing purposes may be stored for a maximum of 3 years from the closure of the User’s account or the last contact between the User and Authentik.
At the end of this storage period, the User Data is erased.
Notwithstanding the above, the Data may be archived beyond the prescribed period for the sole purpose of being able to provide the Data, if needed, to the legal authorities for the prevention, investigation, detection or prosecution of criminal offences.
6) Security
Authentik takes appropriate technical and organizational measures to prohibit unauthorized access or disclosure of User Data. However, Authentik cannot guarantee the elimination of any risk of misuse of the Data. It is important that Users maintain the confidentiality of their password to prevent unauthorized use of their account.
On receiving a request for erasure, Authentik will proceed to erase (or anonymize) the Data within the legal time limit, but is not responsible for any residual traces that may be found on the Internet.
B. Processing for which Authentik’s partners or clients are responsible
Some partners or clients of Authentik may collect personal or behavioural Data on the Website, notably via Cookies or other similar tracking technologies, for their own use. Said partner or client is then responsible for any processing carried out.
The User is informed that, if third parties are responsible for the processing of User Data, this will be specified in the relevant statements or documents (information banner, data collection form, third-party partner’s privacy policy etc.)
Use of Google Analytics
Authentik uses Google Analytics on this Website, a tool for measuring website traffic. The Google Analytics Privacy Policy requires Authentik to provide the following information:
“This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer, to help the website analyze how users use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website.”
Google uses the information collected only to produce statistics and reports on Website traffic, allowing Authentik to improve its electronic products and services. Google will not link the information collected on the Website with any other data it retains.
II. COOKIES
1. What is a Cookie?
Cookies and similar tracking technologies (hereafter "Cookie(s) ") are small text files stored on your device (computer, tablet or smartphone) when you visit an online Service on the Website using a web browser.
A cookie allows its issuer to identify, during its period of validity, the data device on which it is stored each time the device accesses digital content containing cookies from the same issuer and, depending on the Cookie, to collect anonymous information on the interaction of the User with the Services.
2. Who uses Cookies?
Cookies may be installed by Authentik, its technical service providers or its partners.
Only the Cookie’s manager—that is to say the person on whose behalf the Cookie is issued, whether or not that person issued the Cookie—is responsible for its use and for the Data collected through it.
3. Why are Cookies stored on the Authentik Website?
Cookies allow the Website to function more efficiently, remember the User’s preferences, and provide Authentik and its partners with statistical data.
FUNCTIONAL COOKIES:
These Cookies are necessary for proper browsing of the Website. They are used to:
- Customize the presentation of the Website to the display settings of the User’s device (language, currency, etc…);
- Store information regarding the User’s login information;
- Allow the User access to his/her account and other restricted or personalized areas of the Website based on login information;
- Implement security measures, such as when the User must complete and submit a form (CSRF Token);
COOKIE CONSENT
The User is considered to have accepted the use of cookies:
- by clicking on the "OK" button on the information banner that appears on the first page the User visits on the Website or after the legal Cookie consent period has expired;
- by continuing to use the Website, i.e. once the User has clicked on an element of the Website (image, link, search button, etc.) or has reached another page of the Website;
If the User consents to having Cookies stored on his/her device through his/her browser software, Cookies integrated into the pages and content viewed by the User will be temporarily stored in a dedicated space on the device. Cookies can only be read by their issuer.
The User’s Cookie consent is valid for a period of thirteen (13) months from the time the first Cookie is stored on the User’s device, following consent being given by the User.
CHOOSING YOUR PREFERENCES
Certain Cookies are installed by Authentik or its technical service providers and managed by Authentik, while others are issued and managed by third-party partners of Authentik.
You are reminded that only a Cookie’s issuer can read or modify the information contained within the Cookie. Furthermore, only the manager of the Cookie (whether or not this is the same as the issuer) is responsible for its use and for the Data collected through it.
You can prevent your data from being used by Google Analytics (web analysis service) by downloading the Google Analytics opt-out browser add-on:
https://tools.google.com/dlpage/gaoptout
You can manage the Cookies issued by or on behalf of Authentik using the settings on your browser:
Each browser has a different way of managing cookies and cookie settings, which is described in the browser’s help menu. See instructions on how to view and manage cookies in the different browsers here:
Internet Explorer™:
https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Safari™:
https://support.apple.com/en-ca/guide/safari/sfri11471/mac
Chrome™:
https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
Firefox™:
https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Opera™:
http://help.opera.com/Windows/10.20/en/cookies.html