Privacy Policy

• to allow you to register,
• to send you bills,
• for sending you our newsletter or offers,
• to enhance the quality of our service and thus elevating your user experience,
• to protect your data and our infrastructure,
• to communicate with you.

• To perform a contract to our Registered Users, including registration and billing.
• Because it is in our legitimate interest to understand users and to improve and secure our service:
• via creating anonymous Usage and user parameter Statistics,
• via creating maintenance and security logs,
• via the use of anonymous statistics.
• Based on your consent to receive newsletters and additional offers or track website usage.
• As a Data Processor for Content uploaded by you.
• Out of legal obligations that require Personal Data.

To provide the Service we need to rely on Personal Data, there is no way around it. By using our service and browsing our website, we will collect Personal Data.

• you directly provide us with, like
  • your registration information,
  • your billing information,
  • any data which constitues Personal Data you upload to your profile;
• we observe automatically during your visit and use of our website, like
  • IP address or your region,
  • informtaion about your device or browser,
  • website URL you visited us from,
  • third party sites you visit when you leave our website,
  • vendors you search for;
• we receive from Third Parties, like
  • when you log on to our website from a social media platform,
  • when you visit our website via a promotional partner.

Our services are not intended for children under 16 years of age, and no one under the age of 16 should provide any information to, on, or via our services. We don’t knowingly collect Personal Data from children under 16 and will delete any that we learn we have collected or received that was not provided by, or with express consent on behalf of, the child’s parent or legal guardian.

The retention time depends on the purpose by which we collect and process Personal Data.

• to perform a contract for our Registered Users
  • to create a user profile on pasero.me and to provide our professional services, we store data till 30 days after you request your account to be deleted or when inactive for 2 years,
  • to manage billing of the Registered User’s subscription, we keep relevant Personal Data for 8 years based on requirements prescribed by invoicing regulations,
  • to secure our service via backups kept for 90 days;
• because it is in our legitimate interest
  • for our Visitors and Registered Users alike to maintain and secure our infrastructure with logs kept for 90 days,
  • to understand users and to improve our services via analyzing Usage Statistics and user parameters that we keep after anonymizing it for extended time.

You can contact us any time about deleting your Personal Data, and if there’s no contractual or legal reason to keep your Personal Data, we comply with your request as soon as possible.

We are using Amazon Web Services with servers in France to store most of the data provided by Registered Users. These servers are provided and/or supported by our contracted third parties acting under our instructions.

We only process European users’ Personal Data outside the European Economic Area where a European Commission-approved method of validating the transfer has been put in place.

Unfortunately, no website or app can guarantee complete security, but we put great effort into our application and data security, and do our best to keep your Personal Data as safe as possible. We use a range of technical, organizational, and administrative security measures and good practices proportionate to the risks of data processing. For example, the computer systems we use to store your data have access limitations and are hosted with reputable vendors. We use encryption to protect your personal data when we transfer it across the Internet and store it at our servers. We carry out security assessments and do due diligence on Third Party vendors who handle your data.

To make sure we maintain a culture of ‘Privacy by Design’, we provide thorough data protection and privacy training to all PASERO employees. We develop our services with the goal of using the minimum amount of personal data possible, including through use of data minimization techniques like anonymization and pseudonymization. Also, whenever we develop or update our services in ways that involve the collection or use of new forms of Personal Data, we conduct a balancing test to understand and reduce the likelihood of any unintended impact on you.

We take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the data. The data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to PASERO, in some cases, the data may be accessible to certain types of persons in charge, involved with the operation of pasero.me (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by PASERO-MI Ltd. The updated list of these parties may be requested from PASERO at any time.

To ensure availability, we keep backups of all data within the Service and store them separately for at most 90 days. Our backups are encrypted and have additional access restrictions in place. Also our infrastructure is designed to withhold Denial of Service attacks or to mitigate its effects.

Use of Personal Data for compliance with a legal obligation

Users' Personal Data may be used for legal purposes by PASERO in Court or in the stages leading to possible legal actions arising from improper use of pasero.me or other related services. User declares to be aware that PASERO may be required to reveal personal data upon request of public authorities. PASERO only provides personal data if the requesting Third Party provides the proper and exact legal basis of its request.

Use of Personal Data for our legal claims

We may disclose your information where necessary to enforce our Terms of Service or other agreements, or to a prospective or ultimate buyer if PASERO itself (or part of our business) is sold. We may also disclose your Personal Data if necessary to prevent, detect or prosecute illegal or suspected illegal activities, including fraud, or to prevent other damage or where necessary in response to legally binding requests, legal action against us, or to enforce our rights and claims.

About "Do Not Track" requests

PASERO does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.

• first name,
• last name,
• email address,
• billing information.

• We send your Personal Data to our online payment service provider and our accountant.
• We use your e-mail address to:
  • communicate with you during your active subscription,
  • send you newsletters in case you consent.

We store your Personal Data at: Amazon Web Services, ProtonMail.

Third Parties, who may receive your Personal Data: online payment&accounting service provider, accountant.

We keep your Personal Data related to your registration for the period you have an active user account on pasero.me. You can request to have your account deleted, after which we need to keep most of the Personal Data related to Registered Users for 8 years because of invoicing regulations. After that, we will anonymize all your Personal Data and only keep this anonymized data for statistical reasons.

If your account is inactive, we will consider it deleted after 2 years of inactivity. For any Personal Data not related to your registration, we will delete it latest 90 days after collection.

• our authorized employees,
• our payment and accounting service providers.

• first name,
• last name,
• email address,
• billing information,
• contract signatories and contacts,
• email address of your customers,
• free text within comments and descriptions.

We are not going to process any Personal Data other then as instructed by you based on our Data Processing Agreement. We will forward any Data Subject Requests we receive in relation to your Content to you, and only act upon your instructions.

We store your Content at Amazon Web Services in servers in France.

• keep relevant Personal Data related to Registered Users required by invoicing regulations for 8 years,
• remove any Personal Data contained within your Content.

If your account is inactive, we will consider it deleted it after 2 years of inactivity.

Your Content shall be accessed only by our authorized employees.

• Withdraw your consent at any time: you have the right to withdraw consent where you have previously given your consent to the processing of Personal Data, like our newsletter or Analytical Cookies.
• Object to processing of your data: you have the right to object to the processing of your Personal Data if the processing is carried out on a legal basis other than consent.
  • Where Personal Data is processed for a public interest, in the exercise of an official authority vested in PASERO or for the purposes of the legitimate interests pursued by PASERO, you may object to such processing by providing a ground related to your situation to justify the objection.
  • But: should your Personal Data be processed for direct marketing purposes, you can object to that processing at any time without providing any justification. To learn, whether PASERO-Mi is processing Personal Data for direct marketing purposes, you can reach out to us.
• Access your data: you have the right to learn if data is being processed by PASERO, obtain disclosure regarding certain aspects of the processing and obtain a copy of the data undergoing processing.
• Verify and seek rectification: you have the right to verify the accuracy of your data and ask for it to be updated or corrected.
• Restrict the processing of your data: you have the right, under certain circumstances, to restrict the processing of your data. In this case, PASERO will not process your data for any purpose other than storing it.
• Have your Personal Data deleted or otherwise removed: you have the right, under certain circumstances, to request the erasure of your Personal Data from PASERO.
• Receive your data and have it transferred to another controller:
  • You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance.
  • This provision is applicable provided that the Personal Data is processed by automated means and that the processing is based on your consent, on a contract which you’re part of or on pre-contractual obligations thereof.
• Lodge a complaint: you have the right to bring a claim before your competent data protection authority.

Exercising your rights: Any requests to exercise your rights can be directed to PASERO via legal@pasero.me. These requests can be exercised free of charge and will be addressed by PASERO as early as possible and always within one month.

Our visitors can manage preferences for Cookies directly from within their own browsers and prevent – for example – third parties from installing Cookies.

Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website – at any time.

You can find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Edge.

You can turn cookie consent on or off simply and effectively by clicking the ON/OFF bar in the left bottom corner:

• process Personal Data only as instructed or as you gave them explicit consent,
• have the necessary and obligatory security measures,
• demonstrate compliance with the applicable data protection laws,
• ensure authorized processes and confidentiality,
• only engage another processor with our acknowledgement,
• assist us in the fulfilment of the controller's obligation to respond to requests for exercising data subjects' rights.

We will put in place appropriate measures to ensure that Personal Data is adequately protected if the Third Party Data Processor is outside of the European Economic Area.

• Payment processors: To securely store or handle payments information (credit or debit card details) if you provide us with your credit or debit card details we store these in a PCI-compliant data vault provided by a third party payment processor.
• Provider of email management and distribution tools: When you sign up to receive SOMA newsletters or other marketing messages, we will manage the delivery of these to you using a third party email distribution tool.
• Providers of data aggregation and analytics software services: These enable us to effectively monitor and optimize the delivery of our services.
• Providers of online cloud hosting and storage services: These providers run our infrastructure and our code in scalable public cloud environments. Additionally, all our databases are hosted in public cloud environments.