Privacy Policy
as of November 20, 2018
The data we collect
Through inWebo websites
The inWebo showcase site (www.inwebo.com), as well as the developer website (developer.inwebo.com), together referred to as "inWebo websites" are managed by In-Webo Technologies ("inWebo"), a company registered in France.
When you fill out a form on inWebo websites, we create a record in our systems, which may contain information such as your name, e-mail address, company, role and telephone number. We use this information for marketing and business development purposes.
As a visitor to the inWebo websites, you can ask us if we have a profile and information (such as forms filled out and pages visited) about you and, if so, access, correct or delete it. You may also ask us to stop receiving marketing or sales information from us. To do so, you must write to privacy@inwebo.com and provide us with the e-mail address under which we may have information about you. Please note that for most visitors, we do not have such information. Finally, any marketing communication you receive from us will contain an unsubscribe link. Please also note that you have the right to lodge a complaint about this information with one of the Supervisory Authorities established by the European Union's GDPR (General Data Protection Regulation).
We use third-party service providers to host inWebo websites and to provide us with certain services related to those websites, such as automating our marketing interactions. We ask these service providers to agree not to access or use any information or data they may have access to in the course of providing these services to inWebo other than as specified by us. None of the data we may collect about visitors to the inWebo websites is sold or even shared with third parties.
Through inWebo authentication solutions
inWebo provides organizations such as corporations, banks and e-health platform hosts with a solution they can use to more securely authenticate their users - such as employees, contractors, customers - accessing their online applications. To understand how these organizations manage your data, you should refer to their privacy policies.
If one of our customers (an organization) provides you with a means of inWebo authentication to log into their applications, we will have a record in our systems that may contain data such as your username with that organization, your first and last name, and your email address. The actual data we have depends on how this organization uses our solution, as we do not need any of this data to operate our service.
When you use our solutions, you are sometimes given the opportunity to name your trusted profiles or equipment, for the sole purpose of recognizing and distinguishing them. Unlike authentication data, which we protect with the highest security measures, these names are not considered sensitive information in our systems and do not benefit from the additional security measures taken for sensitive data. It is therefore your responsibility to ensure that the names you use are not sensitive data whose loss or accidental disclosure to an unauthorized third party could cause you harm. Simply put, never use sensitive information such as a social security number, tax ID, driver's license number, payment card number, or password to name your trusted profiles and equipment. Instead, use nicknames such as "John's Work", "Julie's House", "Mary's Personal", etc.
We make a commitment to our customers that we will not access or modify their user authentication information. We do not process it or share it with third parties. We have a strict internal policy in place not to access user data without a specific request from the organization that created the data and for the sole purpose of analyzing or resolving an issue impacting the authentication service provided to that organization.
We record information about how the authentication solution is used to access our customers' applications. We therefore store in our systems data such as the day and time of the access attempt, sometimes the IP address, the authentication method used and the result of the authentication. We do not process or share this information with anyone except the organization that uses our solution to authenticate its users.
Since the data on our systems is primarily created by our customers using their own repository of user identifiers (such as usernames or anonymous aliases), we generally cannot know whether we have any data about you, as a user of our customers' services. All requests for access, correction or deletion of personal data, as well as any questions or complaints about the use of such data, should be addressed exclusively to the organization that created an authentication profile for you in our systems. If you have made such a request to delete your profile from our systems, but you are not sure if the organization has executed it, you can go to this web page and enter your email address (the one you use with this organization) in the "already a user" section. If this address still exists in our systems, you will receive an automatically generated message listing the organizations that still hold data about you in our systems.
We do not track your navigation
inWebo websites
We use Google Analytics and some similar tools on the inWebo websites to obtain navigational statistics in order to make the sites more relevant to our visitors. Browsing statistics are aggregate data (number of pages viewed, sessions, percentage of new or repeat visitors, etc.) that do not contain any personal data, such as your name, IP address, user ID or e-mail address. Please see the Google Analytics privacy policy for details about Google's practices.
We also use Google Analytics to "retarget" ads (which means showing ads on the Google ad network for people who have previously visited certain pages of the inWebo websites). As a visitor to the inWebo websites, you can avoid being added to a Google Analytics retargeting list by installing a browser add-on available here. We respect your choice, and this will not change your browsing experience on the inWebo websites.
inWebo does not collect data about your browsing behaviour beyond our websites.
inWebo authentication solutions
There is no tracking of your navigation implemented in our authentication solutions.
Security
inWebo websites
We implement SSL certificates on the inWebo websites so that you can be sure, when you browse these sites, that you are on a reliable and legitimate website. We also use these certificates to encrypt (https) the information you enter on the inWebo websites when you fill out a form. Information you provide and data that may be collected as a result of interactions with inWebo websites is stored under our direction by our Marketing Automation and Customer Relationship Management (CRM) service providers who have indicated in their privacy policies that they have put in place physical, electronic, and procedural safeguards to protect this information.
inWebo authentication solution
If an organization has created an authentication profile for you in our systems, we have put in place appropriate physical, electronic, and procedural safeguards to protect the information contained in that profile. In particular, we host our systems in ISO27001 certified data centers, implement firewalls, use certified encryption and physical security equipment.
What data is sent outside the EU?
Currently, inWebo does not transfer any data collected within the EU to locations outside the EU.
Government requests
Notwithstanding anything to the contrary in this policy, we may disclose personal data if we believe it is reasonably necessary to comply with a law, regulation or legal request or to protect the safety, property or rights of inWebo or others. However, nothing in this policy is intended to limit any defences or objections you may have to a request from a third party or government to disclose your information.
Data retention
Given the retention requirements of certain regulatory bodies and organizations creating user profiles in our systems, we have a policy of deleting data after a period of no more than 6 (six) months following the creation of usage data in our systems. As an exception to this principle, the retention period will be extended if we have a contractual obligation to an organization to archive usage data of its users. Due to the very limited scope of the data we store for marketing and business development purposes, we do not have governance or a policy for deleting this data.
Change of control
If inWebo is involved in a bankruptcy, merger, acquisition, reorganization or asset sale, your information may be sold or transferred as part of that transaction. The promises in this policy will apply to your information transferred to the new entity, including your right to remove your information entirely from our databases.
Changes and contact information
From time to time, we need to make changes to our privacy policy to accommodate new features or for other reasons. When such changes occur, you can track them on our websites and view the new privacy policy on our websites. By continuing to visit inWebo websites or use our authentication solutions, you consent to the updated policy. If you have any questions about our policy, please send them to privacy@inwebo.com, and we will do our best to respond promptly.