Update date: November 2023
In the course of its business, Stancer provides payment services (hereinafter "Professional Customers") to professionals (hereinafter "Professional Services"). Stancer also provides account information services to individuals
"You" is understood, depending on the context, to be the Payer, the User, the Professional Client's Representative or the Visitor, as defined below
- The "Payer" means the natural or legal person who makes a payment to the Professional Client;
- The "User" means the user, a natural person, of our account information services;
- The "Professional Client Representative" means the natural person who acts on behalf of a Professional Client;
- The "Visitor" means the natural person who browses the Stancer sites and applications
Depending on the context, Stancer may act as a controller or processor within the meaning of the General Data Protection Regulation (GDPR)
If you have any questions about this policy or our use of your personal data, you can write to our Data Protection Officer email@example.com
1. What categories of data does Stancer collect about you?
Within the framework of its activities, Stancer collects, directly from you, automatically or not, or indirectly via its Professional Customers, partners or service providers, and processes mainly the following categories of personal data, the purposes of which are presented below:
|Personal data||Payer||User||Professional Customer Representative||Visitor|
Identification data: name, first name, identification number etc.
Contact data: mailing address, email, phone number, etc.
Billing and/or payment data: bills, payment method, consumption, purchase amount, etc.
Usage and consumption data: services subscribed, products used, consumption, communications, etc.
Customer relationship monitoring data: assistance requests, correspondence with the Client, etc.
Data necessary for the provision of information services
For each of the processing operations implemented, Stancer undertakes to use personal data only in an adequate, relevant and limited manner with regard to the purposes for which they are processed.
2. How does Stancer use your personal data?
In general, Stancer uses your data:
- in connection with the performance of the contract you have agreed to or in connection with pre-contractual measures necessary for the conclusion of the contract, or ;
- in order to comply with our legal and regulatory obligations, or ;
- if we have a legitimate interest that is justified, balanced and does not infringe your privacy, or ;
- if you have consented.
The processing performed by Stancer or its role is different if you are a Payer, a User, a Merchant Customer Representative or a Visitor.
a. The Payers
Within the framework of the Professional Services, Stancer processes your personal data for various purposes and on the following legal bases:
Stancer processes your data in accordance with the contract for the provision of Professional Services concluded with the Professional Customer with whom you make a purchase of goods or services and on the instructions of the latter. This is the case when Stancer executes a payment order on behalf of the Business Customer with whom you make a purchase of goods or services. To find out more and exercise your rights, please contact the Professional Customer with whom you are in contact
Security and prevention
Stancer may use your data to detect and prevent fraud against Stancer, its Professional Customers and its partners and to secure payment (e.g. by verifying your IBAN) As part of the Professional Services, Professional Customers may receive data about you so that they can assess the fraud risk associated with a payment transaction to which you are a party.
Where applicable, Stancer may also use your personal data where it has a legitimate interest or, where applicable, with your consent which you may withdraw at any time. Your personal data will allow Stancer to evaluate and improve its services and to develop new ones
Compliance with legal obligations
Stancer may also use your data to comply with its legal obligations including in particular laws relating to payment methods, anti-fraud laws, laws on money laundering and financing of terrorism (AML/CFT) and/or to respond to requests from public and governmental authorities
This data will be kept for the time necessary to achieve the purposes presented or according to the legally authorized periods
b. The Users
In the course of providing account information services, Stancer processes your personal data for the following purposes and legal bases:
Execution and management of your contract/services
Where applicable, this includes the management of the contractual relationship, the provision and management of the subscribed service, including accessing accounts and assessing the risk of fraud associated with a payment transaction to which you are a party and passing on this information to the Business Customer with whom you are in contact.
Where appropriate, Stancer may also use your personal data where it has a legitimate interest or, where appropriate, with your consent which you may withdraw at any time. Your personal data will allow Stancer to evaluate and improve its services and to develop new ones
Security and prevention
Stancer may use your data to verify your credit card information for security purposes and to detect and prevent fraud against Stancer, its Business Customers and its partners. Business Customers may receive data about you so that they can assess the risk of fraud associated with a payment transaction to which you are a party
This data will be kept for the time necessary to achieve the purposes presented or according to the legal periods allowed
c. Professional Customer Representatives
In the course of providing the Professional Services, Stancer may collect and process your personal data for the following purposes and on the following legal grounds:
Execution and management of your contract/services
Where applicable, this includes the management of your customer account and the contractual relationship, the provision and management of the subscribed service, the provision of assistance and the processing of your requests, the billing of the service, the management of claims and disputes and collection procedures, also through third parties
In this context, the data is kept for the time necessary to manage the contract and/or for the legal period allowed
As regards the provision of information services, your data is used to access accounts and, if necessary, to calculate your score and pass it on to our partners
Service improvement and canvassing
Stancer may also use your personal data where it has a legitimate interest or, where applicable, with your consent which you may withdraw at any time. Your personal data will thus allow Stancer to evaluate and improve its services and to develop new ones, as well as to carry out loyalty actions, prospecting, surveys and promotions
Unless you object, you may receive, by email and telephone, offers from Stancer or its business partners, as well as emails for services similar to those offered by Stancer. With your express consent, Stancer may send you commercial information by email for services not similar to those already provided
or, except in the case of the Universal Directory, transmit your email address to business partners for direct marketing purposes
If necessary, you can change your choices at any time in your Customer Area
Your data will be kept for the time necessary to achieve these purposes and for a maximum period of three years from the end of the contractual relationship concerning direct marketing
Statistics and service improvement
Stancer may also use your personal data to analyze your usage, evaluate and improve services to better understand its customers and develop new products and services
Security and prevention
Stancer will also use your personal data to achieve its legitimate interests in order to ensure the security of the network and to prevent possible fraud.
In this context, Stancer may collect your personal data through third party service providers and partners such as financial or identity verification services. In order to detect possible fraud, we inform you that we may use monitoring systems to assess the risk associated with certain transaction requests. This data will be retained for the time necessary to fulfill the purposes presented or as permitted by law
Compliance with legal obligations and defense of our interests in court
Stancer may also use your data to comply with its legal obligations including in particular laws relating to payment methods, anti-fraud laws, laws on money laundering and financing of terrorism (AML/CFT) and provisions concerning late or non-payment and/or to respond to requests from public and governmental authorities as well as any request for rights from persons concerned by a processing of their personal data carried out by Stancer.
This data will be stored for the time necessary to achieve the purposes presented or according to the legally permitted periods
d. The Visitors
Realization of audience measurements
The term "cookie" or "tracer" refers to small files containing a string of characters, stored by your Internet browser on your terminal (computer, mobile, tablet etc.)
The cookies deposited by Stancer have the sole purpose of measuring the audience of the Website (performance measurement, detection of navigation problems, optimization of technical performance or ergonomics, estimation of the power of the servers required, analysis of the content consulted), for the exclusive account of Stancer. The data collected is used to produce anonymous statistical data only
3. How can you manage the collection and use of your personal data?
Within the limits and conditions authorized by the regulations in force, you have the following rights concerning the collection and use of your personal data You may at any time access your personal data and obtain further information on the characteristics of the processing that we carry out, have your data rectified, request their deletion for specific reasons or exercise your right to the limitation of processing or to the portability of your data in the authorized cases You also have the right to object at any time to the processing of your personal data for commercial prospecting purposes or for reasons relating to your particular situation to the processing of your personal data whose legal basis is our legitimate interest You may withdraw your consent to processing based on your consent You can also define directives concerning the fate of your personal data after your death You can exercise these rights via your Customer Area, if applicable, or by sending an email and proving your identity to the firstname.lastname@example.org. In the event of a complaint to which Stancer has not given you a satisfactory response, you may contact the Commission Nationale de l'Informatique et des Libertés (CNIL), which is responsible for compliance with obligations in terms of personal data
4. How does Stancer ensure the security of your personal data?
The security of personal data is of particular importance to Stancer, and as such we comply with the Payment Card Industry Data Security Standard (PCI DSS) and Stancer has received PCI DSS certification to protect your personal data from fraudulent use
Stancer also takes all necessary actions to protect the personal data it processes. Your data is treated in a manner that ensures its security, protection and confidentiality in accordance with its sensitivity level, through administrative, technical and physical measures to prevent loss, theft, unauthorized use, disclosure or modification. Stancer implements measures that respect the principles of protection by design and protection by default of personal data processed. In this respect, Stancer is able to use data anonymization or encryption techniques where possible and/or necessary
5. Who can have access to your personal data?
Your personal data is processed by Stancer, the companies of the Iliad Group to which Stancer belongs, its subcontractors and commercial partners and service providers, solely for the purposes mentioned above. Only our employees who are authorized and aware of the protection of personal data may have access to your data within the framework of their missions
Your data may also be transferred to third party service providers who provide services (hosting, etc.) or assistance and advice to Stancer. These service providers may have access to your personal data only for the purpose of performing the services or resolving disputes
When we use a service provider, we will only disclose your personal data to them after we have obtained a commitment and guarantees from them on their ability to meet our security and confidentiality requirements and we will enter into contracts in compliance with legal and regulatory obligations specifying the terms and conditions of the personal data processing. We ensure that they have strict policies in place to ensure that your personal data is only shared with those authorized to access it
Stancer's subcontractors, partners and service providers may be located outside the European Union. Where they are located in a country that has not been recognized as providing an adequate level of protection, Stancer will ensure that they provide an adequate level of protection and security of your personal data equivalent to that provided by European legislation (for example, on the basis of a transfer agreement incorporating the European Commission's Standard Contractual Clauses) as well as require them to comply with its requirements for the security and confidentiality of your personal data and to process your data only for the purposes it has determined
Finally, upon request, your personal data may also be transferred to persons and authorities whose right to access your personal data is recognized by law, regulations or provisions of authorities authorized by law