Terms Of Service

Information notice on the protection of personal data

"I have read and I accept the information notice on the protection of personal data:"

Purpose of data processing

The information collected on the Phosforea e-learning platform is processed by Phosforea SAS as part of its training / awareness campaign on IT security. This information is processed by Phosforea in order to ensure the management and monitoring of learners, and more specifically to:

Provide training and monitor the progress of learners in the training space (LMS as well as Phosforea mobile application)
Manage learner accounts (registration, authentication, unsubscription)
Monitor the progress and success of learners
Issue follow-up certificates
Manage the platform and the mobile application
Perform statistical analyses of the activity on the platform and the mobile application
Provide customer support for the LMS platform
Manage customer support tickets
Follow-up on bugs and manage incidents
Communicate with administrators and customers

The processing for the purposes described above is performed with the consent of the learner (Article 6.1 a) of the GDPR), expressed by accepting this notice, and required for the execution of the training contract (Article 6.1 b) of the GDPR) by the administrators and managers with access to the platform.

Data processed

The following data is collected:

Identification data (last name, first name, username, email address, password, country, company, function)
Service usage data (IP address, browser used, operating system, dates / time / duration of connection to the platform, authentication data collected by means of a session cookie, date / time / time of follow-up and progress relating to the different modules, “liked” messages, favourite messages)
Data relating to the results of activities (Notes, results of activities, responses to activities, progress in educational activities, points obtained through the game system)
Data necessary for issuing the follow-up certificate (user identity, date of the certificate, success rate per module)

Persons concerned

The processing concerns the users of the platform, namely the learners, administrators, and managers.

Data recipients

Within the limits determined by their respective tasks, the following are recipients of all or part of the data:

Phosforea and SCASSI staff in charge of platform and content management

Phosforea subcontracts the hosting of the web platform and data to OVH. This data is stored on servers in Europe.

Data retention period

The data is kept for the duration of the contract with the customer. At the end of the contract, the customers' platform is archived on the Phosforea server. Archived data is kept until December 31st of the year following the year the project ends.

The technical and organizational security measures for the LMS platform are described in the LMS Security File, which is also available here: https://www.phosforea.com/plateforme-elearning-cybersecurite/securite/

Exercising your rights over your data

In accordance with the General Data Protection Regulation (GDPR), you can exercise your right of access but also of limitation, portability, and opposition to the data concerning you and have it rectified or erased.

Know your rights

You can exercise these rights by contacting your department manager or your company's DPO.