Doksure
Pricing
Log in Get started

Privacy Policy

Last updated: December 15, 2024

LSP Labs (hereinafter "LSP Labs", "We", "Our", or "the Company") is committed to protecting and respecting the privacy of your personal data. LSP Labs is the data controller for personal data collected via the Website. This privacy policy aims to inform all users, prospects, clients, partners, suppliers, and visitors of the website https://www.doksure.com (hereinafter the "Site") about how we collect, use, store, and protect their personal data, in compliance with the General Data Protection Regulation (GDPR).

LSP Labs is a simplified joint-stock company, registered with the Paris Trade and Companies Register under number 935 092 148 00011, whose registered office is located at 60 rue François Premier, 75008 Paris, France.

We encourage you to read this privacy policy carefully to understand your rights and our commitments regarding privacy and personal data protection.
This privacy policy is established in accordance with the General Data Protection Regulation (GDPR) and the French law n°78-17 of January 6, 1978, as amended, known as "Informatique et Libertés".

1. What is personal data?

Personal data means any information relating to an identified or identifiable natural person. Information can be direct (for example, your first name, last name, email address) or indirect (for example, your IP address or user ID).

2. What are our key principles?

  • We do not sell your personal data, and none of the third parties we work with do so.
  • The security of your information is our top priority. For more details, please see the section dedicated to the security measures implemented by LSP Labs.

3. What data is collected by LSP Labs?

We collect four types of data when you use our Doksure solution:

3.1 Registration data

  • First and last name
  • Company name
  • Email address
  • Password
  • Phone number (optional)
  • If you register as a legal entity:
    • Company name
    • Registration number
    • VAT number
    • Information concerning the legal representative (as indicated above)

3.2 Usage data

  • Server log files: technical records that may include your IP address, browser type, Internet service provider, referring/exit pages, operating system, timestamps, and clickstream data.
  • Site navigation data: information on how you use our Site, such as pages viewed, time spent on each page, clicks, scrolls, and mouse actions.
  • Application data: information related to interactions on the Site. For example, when you make a Doksure request to a contact, the application data will be as follows:
    • Subject of your request
    • Contact name
    • Contact email address
    • Contact company (optional)
    • Type of files requested in the request
    • Device information, location data, and timestamps

3.3 Payment data

  • Cardholder's first and last name
  • Card number (partially stored with first and last digits only)

Payment data is processed and stored by our payment service providers Stripe and ChargeBee, in accordance with the strictest security standards in the industry. You can view their privacy policies here: https://stripe.com/privacy and here https://www.chargebee.com/privacy

3.4 Communication data

  • Requests and messages sent via customer support: message content, attachments, details on problems encountered, and any information you voluntarily provide to facilitate the resolution of your request.
  • Communication channel information: depending on the contact method used (email, contact form, online chat), we collect the information necessary to respond to your request.
  • Interaction history: records of previous exchanges with our team, including date, time, and subject of communications, to improve follow-up and the quality of assistance provided.

4. Why do we process your personal data and on what legal bases?

We collect and process your personal data to provide our services, improve your user experience, ensure the security of our platform, and comply with our legal obligations. The legal bases for these treatments are mainly:

  • Performance of contract: to provide the services you have requested.
  • Consent: when you have given your explicit agreement for a specific treatment.
  • Legitimate interest: to improve our services and guarantee the security of the Site.
  • Legal obligation: to comply with applicable laws and regulations.

Summary table of data collected, processing purposes, and legal bases

Data category Data collected Processing purposes Legal basis
Registration data - Full name
- Company name
- Email address
- Password
- Phone number (optional)
- Legal information if legal entity		 - User account management
- Access to services
- Service-related communication
- Billing and payments		 Performance of contract
Consent (optional)
Usage data - Server log files
- Navigation data
- Device information
- Location data
- Timestamps		 - Provision of service
- Site improvement
- Security and fraud prevention		 Performance of contract
Legitimate interest
Payment data - Cardholder's first and last name
- Card number (partially stored)		 - Payment processing
- Billing
- Fraud prevention		 Performance of contract
Legal obligation
Communication data - Messages with customer support
- Attachments
- Communication history		 - Assistance and customer support
- Improvement of our services
- Follow-up of requests		 Performance of contract
Legitimate interest

5. How long is your personal data kept?

Your personal data is kept only for the time necessary for the processing purposes or in accordance with applicable legal requirements. The retention period depends on the nature of our relationship and legal obligations. As an indication:

  • Registration data: kept for the duration of your use of the Service.
  • Payment data: kept for the duration necessary for the transaction, then archived in accordance with legal accounting obligations (10 years).
  • Communication data: kept for the duration necessary to process your request, then archived for 3 years for evidentiary purposes.

6. What are the security measures implemented by LSP Labs?

At LSP Labs, we take the security of your data very seriously. We have implemented robust technical and organizational measures to protect your personal information:

  • SSL Encryption: All data transmitted between your browser and our Site is secured thanks to the SSL encryption protocol, guaranteeing the confidentiality and integrity of the information exchanged.
  • Password Hashing: Your passwords are hashed before being stored, which means they are never saved in plain text in our systems. Access to your account is protected by your personal password. It is crucial to maintain the confidentiality of your credentials and close your browser after each session, especially if you use a shared device.
  • Encryption of Stored Documents: All documents you store on our platform are encrypted to ensure that no third party, including LSP Labs, can access them without your password. Only your password, which we never store, allows your files to be decrypted when you want to access them.

7. Does LSP Labs transfer your personal data?

We may share your personal data with:

  • Our technical providers: These partners assist us in providing our services. We require each of them, in their capacity as processors in accordance with GDPR, to strictly comply with the provisions of this Privacy Policy. Our providers include:
    • PostHog: Used for analyzing Site and application usage. PostHog allows us to understand how users interact with our services in order to improve them. Data may be processed in the EU or the US, with appropriate safeguards. You can view PostHog's privacy policy here: https://posthog.com/privacy
    • Crisp: Used for live chat and customer support. You can view Crisp's privacy policy here: https://crisp.chat/en/privacy/
    • Stripe: Used for payment processing. Payment data may be transferred outside the EEA. Stripe applies appropriate safeguards to ensure the security of your data. You can view Stripe's privacy policy here: https://stripe.com/privacy
    • Chargebee: Used for subscription and recurring payment management. Subscription-related data may be transferred outside the EEA. Chargebee applies GDPR-compliant safeguards to ensure the security and confidentiality of your data. You can view Chargebee's privacy policy here: https://www.chargebee.com/privacy
    • Cloudflare, Inc.: Used for data storage and Site security. Data may be transferred outside the EEA. Cloudflare applies strict safeguards to ensure the security and confidentiality of your data. You can view Cloudflare's privacy policy here: https://www.cloudflare.com/privacypolicy/
    • OVH: Used for data storage and Site security. OVH operates mainly in Europe but may also transfer data outside the EEA as needed for operations. OVH applies GDPR-compliant safeguards to ensure the security of your data. You can view OVH's privacy policy here: https://www.ovhcloud.com/en/terms-and-conditions/privacy-policy/
  • Legal obligations: We may disclose your personal data if required by law or if we believe in good faith that such disclosure is necessary to protect our rights, your safety, or that of others.
  • Business transactions: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the acquiring entity or its advisors, provided they comply with applicable confidentiality obligations.

All of your data is stored on servers located in Europe and managed by Cloudflare, Inc. and OVH. Cloudflare and OVH are only used for data and document storage; however, we only provide them with encrypted information, thus guaranteeing the confidentiality and security of your data.

8. What are your rights and how to exercise them?

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access: Obtain a copy of the personal data we hold about you.
  • Right to rectification: Request the correction of your data if it is inaccurate or incomplete.
  • Right to erasure: Request the deletion of your personal data in certain cases.
  • Right to restriction of processing: Request the temporary restriction of processing of some of your data.
  • Right to data portability: Receive your data in a structured, commonly used format, or transfer it to another controller.
  • Right to object: Object to the processing of your data for commercial prospecting purposes.
  • Right to withdraw consent: Withdraw your consent for treatments based on it at any time.

To exercise these rights, please contact our team at the following address: [email protected]. We undertake to respond to you within one month.

If you have any questions regarding your personal data, please do not hesitate to contact us at the same address.

You also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL) if you believe that your rights are not being respected.

9. Cookies and analysis tools

We use PostHog to analyze the use of our Site and improve the user experience. PostHog may use cookies or similar technologies to collect information about your navigation. You can configure your browser to refuse these cookies.

10. Changes to the privacy policy

LSP Labs reserves the right to modify this privacy policy at any time. We will inform you of changes via our Site and encourage you to check this page regularly to stay informed of updates.

11. Contact

For any questions or concerns regarding this privacy policy, please contact us:

  • By email: [email protected]
  • By mail:
    LSP Labs
    60 rue François Premier
    75008 Paris, France