Data confidentiality policy

User's personal data:

We collect the personal data you provide to us when you use or register for any of our services, purchase and / or register a domain name and / or when you contact us directly through any communication channel (for example, support tickets, chat or calls; we also record information when you contact us, such as support queries, notes, or information about your requests and how we responded to you). This data collection is necessary to enable us to provide you with our services. We also use cookies and similar technologies on our sites and mobile applications to collect information about your interactions with and use of our services. Here are the types of personal data we collect about you:

Contact data

• your name
• your first name
• the name of your company, association or foundation
• Your login email address
• a recovery email address
• your mobile phone number
• a postal address

Login details

• Passwords and security information used for authentication and access.

Interaction data

• Device data
  • Device configuration
  • IP address(es)
  • Regional and language settings
  • Access points near your device
• Geolocation data (please see the 'Products, Services & Applications’ section)
  • Infomaniak Sync
  • Infomaniak Check
• Personal data relating to payment, such as the billing address or credit card details (for users of paid services).
• Personal data that you include in your communications with us (such as an identity card, passport, official company registration documents, minutes of an association, certificate of inheritance, death certificate).

Collection of your personal data is necessarily part of a specific use. Depending on the type of personal data collected, it may be used for:

1. Performing a contract or taking steps to enter into a contract with you
2. The supply and operation of Infomaniak products and services
3. Continuous improvement of Infomaniak products and services.
4. Providing our customers with administrative and technical support
5. Contact our customers to notify them of events affecting the services and products, as well as to transmit promotional messages.
6. Identify new customers
7. Comply with the laws and regulations in force
8. Reply to a request from the authorities or a legal obligation
9. Process job applications for positions at Infomaniak

We protect and treat your personal information as if it were our own, and we never share your personal data with third parties without good reason. In all cases, third parties are not authorised to use your information for any purpose other than that described in our confidentiality policy. Your personal data may therefore be shared with affiliates within our family of companies, with third parties with whom we are partners (e.g. to enable you to integrate their solutions into our services) or with trusted third-party service providers. For example, we may share your data for the purposes of processing a payment, obtaining feedback or fulfilling a legal obligation.

You have control over your personal information. See your choices about the data we collect to find out more.

We provide you with tools to control your account information as well as information on how it is used. Access your user account or contact us to:

• Display and update your account information, such as your name, phone number and billing address;
• View and update your contact preferences to receive messages about Infomaniak's account and products;
• Display and update Whois information for your domain names registered through us.

You can also unsubscribe from our marketing communications by clicking on the unsubscribe link at the bottom of each of our emails, with the exception of messages concerning technical interventions or the evolution of your products.

You may request that your account be closed if the following conditions are met:

• All products and services must be terminated by you via your Manager before the account is closed. If the account still contains active products or services, the account cannot be closed;
• Your prepaid account balance must be zero. If necessary, you can request that the remaining balance be refunded to the bank account of your choice;
• The request can only be honoured to the extent that your data is no longer required for the services purchased, nor required for our legitimate products for commercial purposes or for legal or contractual record-keeping requirements.

When you close your account, you can request that your personal data be deleted. Please note that it may take up to 30 days to delete all the data associated with your account. In the absence of a specific request on your part, Infomaniak will automatically delete all your data six months after the termination of your account. You will no longer be able to access your account or payment history once your account has been deleted.

You can ask us for a copy of your personal data in electronic format, which you can pass on to other service providers if you wish. We will respond to your request within 30 days, providing you with a link enabling you to retrieve your data easily.

Here are some of the ways we help you protect your identity and personal data:

• We encrypt the personal data you send us via online forms using the very latest encryption technologies to prevent anyone from intercepting your information.
• We give you the option of strengthening the security of your user account with two-step verification.
• The request can only be honoured to the extent that your data is no longer required for the services purchased, nor required for our legitimate products for commercial purposes or for legal or contractual record-keeping requirements.

When you close your account, you can request that your personal data be deleted. Please note that it may take up to 30 days to delete all the data associated with your account. In the absence of a specific request on your part, Infomaniak will automatically delete all your data six months after the termination of your account. You will no longer be able to access your account or payment history once your account has been deleted.

Infomaniak cannot guarantee the security of your personal data without your cooperation. We recommend that you follow the recommendations below to best protect your personal data:

• Use different, complex passwords for each of your services.
• Never share your passwords.
• Log out of your user account when using a computer you share with other people.
• Modify your account password at least once a year.
• Enable two-step verification on your user account.
• Install a recognised antivirus software on your computer.

How is data processed when synchronising, backing up, importing or migrating data from an external service?

As part of our productivity solutions, users can synchronise, back up or import data from services external to Infomaniak.As part of our productivity solutions, users can synchronise, back up or import data from services external to Infomaniak.

What personal data does Infomaniak collect about me and for what purpose?

When using this application, the following personal data is collected:

• User's Infomaniak login credentials
  • Email address for connection
  • Log-in password
• Address books stored on Infomaniak Mail (optional)
• Diaries stored on Infomaniak Mail (optional)
• User device localisation (optional)

Use of your personal data

The application uses this data exclusively for this purpose:

• Login credentials: these are used to connect to an existing Infomaniak customer account, from which synchronisation will be performed.
• Address books: customers can synchronise address books saved on Infomaniak Mail associated with the login credentials used.
• Diaries: customers can synchronise diaries saved on Infomaniak Mail, associated with the connection credentials used.
• Localisation: when the customer activates the 'Wi-Fi synchronisation only' option (account settings in the application) and wishes to restrict access to one or more Wi-Fi access points (SSIDs), localisation must be enabled. This option retrieves the Wi-Fi (SSID) to which the device is connected and compares it with the list of authorised Wi-Fi access points (SSIDs). If the network used is on the list, the application will synchronise the diary(ies) and / or address book(s) on the device.

How is your personal data shared?

The synchronisation of calendars and / or address books implies that events and contacts are available for consultation on the final device or application and are therefore subject to the conditions of use of the device and the native or third-party applications used.Infomaniak kCheck is an application that allows the user to securely transmit the elements required to perform security checks. When the user receives a request for identity verification (please refer to the specific terms and conditions for the different reasons), he or she is invited either to download the application or to use it if it is already installed on the device. All personal data transmitted as part of an identity verification request are kept for the time of processing, and for a maximum of 72 hours if the request is not finalised by the user. Data is automatically deleted from our servers 24 hours after processing. Once the procedure has been completed, the user can delete the application.

What personal data does Infomaniak collect about me and for what purpose?

The application collects personal data for the purpose of checking the identity of the person following the procedure. Depending on the nature of the procedure, the following information may be collected:

• Mobile phone number: requested during the procedure.
• Geolocation: requested during the procedure via the device's GPS.
• Identity documents: passport, identity card or driver's licence (depending on the legislation in force in the user's country) are photographed via the application.
• Selfie: users can be asked to take a selfie by holding their ID close to their face via the application.

How is your personal data used?

Personal data is used as follows:

• Mobile phone number: used to send a verification code by SMS. The area code is used for cross-referencing with geolocation data.
• Geolocation: used to cross-reference data with the telephone number code.
• Identity documents: used to verify the user's identity.
• Selfie: used for user identification.

How is your personal data shared?

This data is never shared with third parties and is only processed internally by Infomaniak.

Synchronise, backup or migrate emails, contacts, appointments or documents from third-party services

Infomaniak offre la possibilité d’importer, de sauvegarder ou de synchroniser des données d’autres fournisseurs comme par exemples Google Drive, Dropbox, Gmail. Dans le cas d’une opération en provenance d’un autre fournisseur comme Gmail, une connexion au compte via OAuth peut être nécessaire. L'utilisation et le transfert par Infomaniak à toute autre application des informations reçues des API de Google se font en conformité avec la Google API Services User Data Policy, y compris la Limited Use requirements.

How is your personal data used?

Personal data is processed securely and used exclusively for the migration or retrieval of data selected by the user. No other use (e.g. marketing) is made of the data collected, and under no circumstances do we transfer your information to third parties.Personal data is retained for the period necessary to achieve the aims described in this confidentiality policy. When the data retention period expires, we delete the data. Any connection to third-party services is then terminated.