We respect your privacy and are committed to protecting it through our compliance with this privacy policy (“Policy”). In the this Privacy Policy, Fipto Holding SAS and its subsidiaries Fipto France SAS and Fipto PI SAS (hereinafter: “Fipto”, “we”, “our”, “the Company”)) shall inform you about the collection, use and processing of personal data when using our website (hereinafter: “Website”) and our web application (hereinafter: “Web App”).
This Policy is a legally binding agreement between you (“User”, “you” or “your”) and Fipto. If you are entering into this Policy on behalf of a business or other legal entity, you represent that you have the authority to bind such entity to this Policy, in which case the terms “User”, “you” or “your” shall refer to such entity. If you do not have such authority, or if you do not agree with the terms of this Policy, you must not accept this Policy and may not access and use the Website and Services. By accessing and using the Website and Services, you acknowledge that you have read, understood, and agree to be bound by the terms of this Policy.
For information related to the usage of cookies or similar technologies on our Websites or Apps, please refer to the respective website cookies policy on our websites.
WHO WE ARE
Fipto is the data controller and is responsible for your personal data. We have appointed a DPO (Data Protection Officer), who is accessible via mail at privacy@fipto.com.
CONTACT DETAILS
Our full details are:
You have the right to make a complaint at any time to the data protection supervisory authority in any appropriate member state of the EU for data protection issues.
This version was last updated on March 20, 2025. It may change and if it does, these changes will be posted on this page and, where appropriate, notified to you.
THIRD PARTY LINKS
Our Sites may, from time to time, contain links to and from the websites of our partner networks, advertisers, and affiliates. Please note that these websites and any services that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these websites or services, such as Contact and Location Data.
Please check these policies before you submit any personal data to these websites or use these services.
THE DATA WE COLLECT ABOUT YOU
We may collect, use, store and transfer different kinds of personal data about you as follows:
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during our relationship with you.
Data collected in the framework of phone call recordings
When you discuss contractual matters with us (such as account information or your transactions), the call will be recorded for security and evidential purposes. The recording of calls is justified with regard to our legitimate interest in being able to establish proof of requests for contractual information as well as to prevent and detect fraudulent behavior.
The recording of calls will be kept for the time necessary for security purposes and the production of evidence. If we are required to do so, we will communicate the recordings to the competent authorities, in accordance with applicable law.
HOW IS YOUR PERSONAL DATA COLLECTED?
We will collect and process the following data about you:
Information you give us. This is information (including Identity, Contact, Financial, Marketing, Communications Data and voice recording) you consent to giving us about you by filling in forms on the Website, and the Web App, or by corresponding with us (for example, by email or phone). It includes information you provide when you register to use the Services, subscribe to any of our Services, search for the Service, or survey, and when you report a problem with our Services, or any of Our Sites. If you contact us, we will keep a record of that correspondence.
Information we collect about you and your device. Each time you visit one of Our Sites we will automatically collect personal data including Device, Content and Usage Data. We collect this data using cookies and other similar technologies. Please see our cookie policy for further details.
Location Data. We also use your IP address which may determine your geolocation for the purposes of fraud monitoring, prevention, detection, and compliance activities.
Information we receive from other sources including third parties and publicly available sources. We will receive personal data about you from various third parties and public sources.
HOW WE USE YOUR PERSONAL DATA
We will only use your personal data when the GDPR and the applicable law to which we are subject, allows us to do so. Most commonly we will use your personal data in the following circumstances:
PURPOSES FOR WHICH WE WILL USE YOUR PERSONAL DATA
DISCLOSURES OF YOUR PERSONAL DATA
Where processing of personal data is carried out on behalf of the Company, by an external processor, we conclude a separate contract with the processor with respect to such processing. This contract is a commitment to compliance with GDPR and provides sufficient contractual guarantees for the implementation of appropriate technical and organizational measures, which ensure the protection of your rights.
In terms of the transmission of personal data to recipients outside of our group of companies, we only transmit data to third parties when this is required by law or necessary for the performance of the contract or where you have consented to the transmission. Under these conditions such third party recipients of personal data may be:
Service Providers are not authorized to use or disclose your information except as necessary to perform services on our behalf or comply with legal requirements. Service Providers are given the information they need only in order to perform their designated functions, and we do not authorize them to use or disclose any of the provided information for their own marketing or other purposes.
INTERNATIONAL TRANSFERS
Some of our external third parties may be based outside the EEA so their processing of your personal data will involve a transfer of data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring a safeguard is implemented. Please contact us if you want further information on the mechanism used by us when transferring your personal data out of the EEA.
DATA SECURITY
We recognize the importance of protecting and managing your personal data. Any personal data we process will be treated with the utmost care and security. This section sets out some of the security measures we have in place.
As the security of Personal Information depends in part on the security of the device you use to communicate with us and the security you use to protect your credentials, please take appropriate measures to protect this information.
DATA RETENTION
We must retain personal data only for the minimum period necessary for the purposes set out in this Policy. Then, the data shall be canceled. By way of exception, the data may be stored to manage the ongoing claims and litigations, the execution of legal and/or regulatory obligations and/or answer to legally empowered authority requests.
YOUR LEGAL RIGHTS
Under certain circumstances you have the following rights under data protection laws in relation to your personal data:
In any case, you have the right to complain to a data protection authority about our collection and use of your Personal Information. If you are not satisfied with the outcome of your complaint directly with us, you have the right to lodge a complaint with your local data protection authority.
For more information, please contact your local data protection authority in the EEA.
For information, our DPO is registered with the CNIL in France. To contact the CNIL, for example, you can do so via the following link: https://www.cnil.fr/en/contact-us
For any request, please contact us by:
PRIVACY OF CHILDREN
We do not knowingly collect any Personal Information from children under the age of 18. If you are under the age of 18, please do not submit any Personal Information through the Website and Services. If you have reason to believe that a child under the age of 18 has provided Personal Information to us through the Website and Services, please contact us to request that we delete that child’s Personal Information from our Services.
CALIFORNIA PRIVACY RIGHTS
Consumers residing in California are afforded certain additional rights with respect to their Personal Information under the California Consumer Privacy Act (“CCPA”). If you are a California resident, this section applies to you.
As described in this Policy in the information collection section above, we have collected the categories of Personal Information listed below in the past twelve (12) months:
Furthermore, California residents have the right to request deletion of their Personal Information or opt-out of the sale of their Personal Information which may include selling, disclosing, or transferring Personal Information to another business or a third party for monetary or other valuable consideration. To do so, simply contact us. We will not discriminate against you if you exercise your rights under the CCPA.
EMAIL MARKETING
We offer electronic newsletters to which you may voluntarily subscribe at any time. By doing so, you give us your consent to send you the requested newsletter, on the email address of your choice. We are committed to keeping your e-mail address confidential and will not disclose your email address to any third parties except as allowed in the information use and processing section or for the purposes of utilizing a third-party provider to send such emails. We will maintain the information sent via email in accordance with applicable laws and regulations.
In compliance with the CAN-SPAM Act, all e-mails sent from us will clearly state who the email is from and provide clear information on how to contact the sender. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails or by contacting us. However, you will continue to receive essential transactional emails.
You acknowledge that you have read this Policy and agree to all its terms and conditions. By accessing and using the Website and Services and submitting your information you agree to be bound by this Policy. If you do not agree to abide by the terms of this Policy, you are not authorized to access or use the Website and Services.
We reserve the right to modify this Policy or its terms related to the Website and Services at any time at our discretion. When we do, we will revise the updated date at the top of this page. We may also provide notice to you in other ways at our discretion, such as through the contact information you have provided.