Updated 31st of July, 2018.
DEFINITIONS AND INTERPRETATION
Collectively, all information that you submit to Ledger via our Website.
Collectively, all information making you directly or indirectly identifiable (e.g. your name, first name, address, phone number or email address but also the IP address of your computer, for example, or the information relating to your browsing of our Website).
Personal Data Controller
The processing of any personal data provided or collected on the Website is carried out under the supervision of Ledger SAS whose head office is located at 1 rue du Mail in Paris (75002), France.
The "General Data Protection Regulation" (EU Regulation 2016/679), as well as any national legislation adopted in accordance therewith.
Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector, as amended in 2009, as well as any national legislation adopted in accordance therewith;
User or you
Any Internet user who accesses the Website and who is neither (i) employed by Ledger and acting in the course of his/her employment; nor (ii) engaged as a consultant or otherwise providing services to Ledger and accessing the Website in connection with the provision of such services;
The following websites: www.ledgerwallet.com, www.ledger.com, www.ledger.fr, and all subdomains of these Websites, unless they are expressly excluded from the scope of this Policy by their own terms and conditions.
- The singular includes the plural and vice versa;
- A reference to a person includes firms, companies, government entities, trusts, and partnerships;
- "Including" means "including but not limited to";
- A reference to any legislative provision includes all amendments thereto;
Use of Personal Data
4. When you purchase products or services from our Website, we collect and process the Data that is necessary for the follow-up of our contractual relationship.
For this purpose, we use the information you provide us with:
- To handle orders,
- To deliver our products and/or provide our services,
- To process invoices, payments and transactions history,
- To manage unpaid bills and claims.
5. Whether you are our customer or simply a Internet user viewing the pages of our Website, we may also process your Data to meet our legitimate interests, consisting of:
- Communicating with you about our products and services and send you our promotional offers;
- Developing our products and services further;
- Continuously improving our Websites and offering you a more enjoyable and efficient shopping experience.
6. The use of the data we collect is, if so, subject to your consent to receive our marketing offers and/or those of our partners electronically (by email or SMS).
Depending on the purposes stated above, we may collect the following types of information:
- Information that you provide us with: When you purchase a product or service from Ledger, we collect, as part of the buying and selling process, the personal information you submit during your purchase, including:
- Your surname and first name;
- Your contact information such as your address, e-mail and telephone numbers;
- Your financial information such as your credit/debit card number.
- IP address (automatically collected);
- Web browser type and version (automatically collected);
- Operating system (automatically collected);
- Your browsing history to and from the Website;
Retention of Personal Data
7. The retention period of Personal Data processed by Ledger may vary depending on common practice, the documents considered in accordance with the legal obligations and the applicable limitation rules.
With regard to credit card data, Ledger uses payment services providers that manage transaction data in accordance with strict security rules applicable to online payments via encryption methods.
8. All Personal Data is securely stored on our servers in accordance with industry standards and the GDPR. For more details on the security measures implemented, please refer to the section “Security” below.
Recipients of Personal Data
9.We transmit your Data to our employees who are authorized to process them as part of their duties.
We may also transmit some of your data to our technical and logistic service providers acting on our behalf, and we ensure that they provide for the necessary guarantees with respect to the GDPR.
12. In certain circumstances and where required by law, we may transmit your data to competent administrative or judicial authorities or any other authorized third party.
Links to other websites
Your rights regarding the use of your Personal Data
14. When you provide us with your Personal Data, you stay in control of such Personal Data and have the option to limit their use.
This limitation may concern:
- The use of Personal Data for direct marketing purposes, which are subject to the opt-in rule; and
- The sharing of Personal Data with third parties.
15. You have the right to request access to your Personal Data, their rectification or erasure, as well as the right to request the restriction of the processing or to object to the processing.
You also have the right to withdraw your consent at any time, in particular to have your data no longer processed for the purpose of marketing by electronic means.
In the event that you believe that our use of your Personal Data violates the rules on personal data protection, you may file a complaint with the CNIL.
You also have the right to set general or specific guidelines regarding the fate of your personal data in the event of death. Your specific guidelines can be directly sent to the address below. They can also be registered with a digital trusted third party certified by the CNIL. You have the option to modify or delete such guidelines at any time.
You also have the right to request a copy, in an interoperable format, of the Personal Data that you have provided to us.
You can address your requests to: email@example.com.
Your requests must be accompanied by a copy of a proof of identity and will be reviewed by our services as soon as possible.
Functionality of the Website
16. In order to use all the resources and features available on our Website, you may be required to transmit certain Personal Data to us.
Personal Data Security
18. Personal Data security is of great importance to Ledger. In order to protect your Personal Data, we have implemented appropriate physical, electronic and organizational procedures to safeguard and secure the Personal Data collected via our Website in order to ensure its integrity and confidentiality.
19. If a password is required to access certain sections of our Website, you are responsible for keeping this password confidential.
20. We endeavor to do all we can to protect your Personal Data. However, the transmission of information on the Internet is not fully secure and remains under your sole responsibility. We cannot ensure the security of the transmission of your Data to our Website.
21. Payment Security: If you provide us with credit card information, such information is encrypted using a secure Internet Trade Protocol (TLS) and sent directly to our banking service provider. This information is never stored on our server.
Transfers outside the European Economic Area
22. Personal Data that we collect from you may be stored and processed in, and transferred to, countries outside the European Economic Area (EEA). For example, this could happen if our servers are located in a country outside the EEA or if one of our service providers is located in a country outside the EEA. These countries may not have data protection laws equivalent to those in force in the EEA.
23. If we transfer Personal Data outside the EEA this way, we will take the necessary steps to ensure that your Personal Data continues to be protected in compliance with the GDPR, notably by only transferring your Personal Data to businesses established in countries recognized by the European Commission as providing an adequate level of protection for your Personal Data or on servers of American companies that are members of the Privacy Shield or organizations that have concluded standard contractual clauses or that commit themselves to applying a code of conduct or a certification mechanism validated by the competent European authorities.
For more information on the safeguards put in place, please contact us.
25. Unless otherwise agreed, no delay, act or omission by a party in exercising a right or remedy will be deemed a waiver of such right, or of another right or remedy.
Our commitment to your privacy
27. We can assure you that we comply with the GDPR and that we process your Data lawfully, fairly and transparently.
We take confidentiality and privacy issues very seriously. We therefore ensure that your personal information is secure; we communicate our privacy and security guidelines and practices to all our employees and service providers and strictly enforce privacy safeguards within our company.
29. If our company is the subject of a corporate transaction such as an acquisition or merger with another company, your information may be transferred to the new owners so that we can continue to sell our products to you.
30. In the above cases, we will take steps to protect your privacy.
31. If you wish to access, correct, modify or delete the personal information we have about you, object to their processing, exercise your right to portability, file a complaint or simply obtain more information about the use of your Personal Data, please contact us by e-mail (firstname.lastname@example.org) or by mail to Ledger, Legal Department, 1 rue du Mail, 75002 Paris, France.
All such requests will be promptly examined and a reply will be sent to you by our teams.
Ledger SAS, Paris, France