Arclib may collect personal information in order to operate its electronic archiving service as well as its commercial activity. As such, this document transparently presents Arclib’s personal data protection policy by describing the practices and purposes. The rules stated in this document apply to: Clients of the Arclib service Prospects Visitors of the Arclib institutional website The rules regarding the protection of personal data may evolve. In accordance with these developments, Arclib reserves the right to modify this document. These modifications will be announced in advance in this policy before they are applied. We recommend that you regularly check whether changes have been made to these conditions. ‍

What data is collected and why

A certain amount of data is collected in order to operate the Arclib service and its institutional website. As such, information such as: Email IP address Last name First name Company Position Phone number May be collected by Arclib in order to: Establish contracts and maintain the customer relationship Guarantee access to the service and provide assistance Carry out commercial prospecting activities The electronic archives deposited by the client in the Arclib service may contain personal data. In this case, it is the client’s responsibility to define retention periods consistent with the administrative usefulness of such archives. This principle also applies to associated metadata. ‍

Who they are shared with

Depending on the purpose, personal data is transmitted to the Arclib sales department or the operations team. Under no circumstances can this information leave the Arclib perimeter and it will not be transmitted to a third party. ‍

How long they are kept

Personal data is only kept for the period strictly necessary to carry out the actions for which it was collected. Specifically: Personal information related to the service will be deleted at the end of the contract between Arclib and its client Personal information related to prospecting will be deleted at the end of the prospecting activity if it was unsuccessful, or at the end of the contract ‍

Hosting of personal data

Personal data related to the service will be hosted on the servers of Monaco Cloud, located at 25, boulevard de Suisse – 98000 Monaco and at 4-6, avenue Albert II, Zone F – 98000 Monaco. Personal data related to prospecting, contracts and customer relations will be stored in the document management system hosted in Infotel’s premises. ‍

Security

Arclib implements all best practices in terms of IT security in order to provide all guarantees regarding the protection of personal data. As such, Arclib holds the following certifications: ISO 27001 Certification: International standard describing best practices for creating an information security management system; Compliance with ETSI EN319-401: General specification for trust service providers; Compliance with the ANSSI IT security hygiene guide. A regular review and audit policy allows Arclib to maintain a high level of security. If, despite this level of protection, a personal data breach were detected, the owners of the data as well as the Personal Data Protection Authority (APDP) would be immediately informed. ‍

What rights do you have?

In accordance with Articles 15, 16 and 17 of the General Data Protection Regulation (GDPR), you may contact the service at any time in order to: Correct your personal data Access the personal data collected by the service Exercise your right to be forgotten These requests must be addressed to the Infotel Data Protection Officer (DPO) at the following email address: dpo@infotel.com.