At Certidrill (referred to as “Certidrill,” “us” or “we”), we recognize that your privacy is critical and have instored this version of our Privacy Policy (“Privacy Policy”).
This Privacy Policy discloses the privacy practices for Certidrill’s websites, web applications, softwares, and mobile applications (collectively the “Website”), as well as related products and services we may offer to you (collectively, the “Services”).
This Privacy Policy also covers how personal and other information that we receive about you is collected through your use of our Services and access to the Website.
Please read the information in this Privacy Policy and learn the following regarding your use and access to this Website.
Our Website may contain links to other websites and the practices, data gathering and retention policies of those websites are governed by the privacy policies of such other websites.
You should review the privacy policies of any such websites to understand how those websites’ privacy policies apply to you.
We reserve the right to change and update this Privacy Policy at any time.
We will notify you about changes and updates in the way we treat Personal Information by sending you a notice to the primary email address specified in your user account, by deploying a prominent notice on our Website, and/or by updating any privacy information on this page.
Your continued access and use of the Website and/or Services available through this Website after such modifications and updates will constitute your acknowledgment and acceptance of the modified Privacy Policy.
To use the Website and/or Services available on this Website, you must give your consent so that all Personal Information and information that you submit may be processed and treated by us in the manner and for the objectives described below.
If you do not agree with this Privacy Policy, please do not use the Website.
1. What type of data we collect?
In order to enhance our Website and the Services offered on the Website, we collect two kinds of data about our users and visitors: Personally Identifiable Information (“Personal Information”) and Aggregate Information.
1.1 Personal Information :
This refers to information that allows us to know the specifics of who you are.
When you engage in certain activities on this Website, such as registering for a user account, downloading or purchasing a product or service, subscribing to our membership services, submitting content and/or posting content, or sending us feedback and questions, we may ask you to provide certain information about yourself.
This information is necessary for the adequate performance of the contract between you and Us, to allow us to comply with our legal obligations and to provide and improve the features of this Website.
Without this information, we may not be able to offer you the requested products or services.
1.1.1 Services/User Account
When you sign up for a user account, Certidrill will collect and associate with your user account your first and last name, date of birth, email address, mailing address (including zip code), cell phone, and payment information (such as payment instrument used, date and time, payment amount, payment instrument expiration date and billing postcode, IBAN information, your address, and other transaction-related details).
1.1.2 Other information
If you decide to use Certidrill forums, bulletin board services, chat areas, message boards, newsfeeds, newsgroups, communities, personal web pages, calendars, and/or other message or communication facilities, you may choose to provide us information when you fill in a form, conduct a search, respond to surveys, post to community forums.
1.1.3 Communication Services
If you use Certidrill forums, bulletin board services, chat areas, message boards, news feeds, newsgroups, communities, personal web pages, calendars, and/or other message or communication facilities, Certidrill will store your files, messages, comments, and photos, as well as any information related to it.
1.2 Aggregate Information :
This refers to information that does not by itself identify a specific individual or person.
We collect certain information about you based on where you use and visit our Website and what other websites may have directed you to Certidrill.
This information, which is gathered in different methods, is compiled and analyzed on both a personal and an aggregated basis.
This information may include the Website’s Uniform Resource Locator (“URL”) that points to the site you just came from, which URL you go to after visiting our Website, what browser you are using, and your Internet Protocol address (“IP”).
2. How de we collect and use your information?
We collect Personal Information about you through the Website only if you voluntarily provide it to us.
However, you may be required to provide certain Personal Information to us when you elect to use certain products or services available on the Website.
This may include :
- Registering or activating a user account on our Website;
- Entering a sweepstake or contest sponsored by us or one of our partners;
- Signing up for special offers from selected third parties;
- Sending us an email message;
- Submitting a web form or transmitting other information by telephone or letter;
- Registering or attending an event affiliated with Certidrill or at which Certidrill participates;
- Submitting your credit card or other payment information when ordering and purchasing products and services on our Website or when subscribing to our services;
We will only use your Personal Information in ways that are compatible with the objectives for which it was collected or as subsequently allowed by you.
We will use your Personal Information to provide product or service offerings to you.
We will also use certain forms of Personal Information to improve our Website, enhance our internal marketing and promotional efforts, statistically analyze the Website use, improve our product and service offerings, and customize our Website’s content, layout, design, and services.
We may use Personal Information to deliver information to you and to contact you regarding administrative notices.
Finally, we may use your Personal Information to resolve problems, disputes, troubleshoot problems, and enforce our agreements and contracts with you, including our Website Terms And Conditions, and this Privacy Policy.
3. Service providers and third parties
We sometimes hire third parties to perform certain business-related functions.
When we hire a third party to perform a function of this nature, we may need to provide them with access to certain Personal Information.
These third parties will access your information only to perform tasks on our behalf in compliance with this Privacy Policy, and Certidrill will remain responsible for their handling of your information per our instructions.
Certidrill requires its agents and service providers that have access to Personal Information received by Certidrill to provide at least the same level of privacy protection required by this Privacy Policy.
Where Certidrill has knowledge that an agent, third-party, or service provider is using Personal Information in a manner contrary to this Privacy Policy, Certidrill will take reasonable steps to prevent or stop the use or disclosure of such Personal Information.
Service providers may be located inside or outside of the European Economic Area (“EEA”).
4. Information collected with technology
4.1 Information collected by our servers :
To make our Website and Services more useful to you, our servers (which may be hosted by a third-party service provider) collect your information, including your browser type, operating system, Internet Protocol address (“IP”) (the number automatically assigned to your computer when you use the Internet, which may vary from session to session), domain name, and/or a date/time stamp of your visit.
4.2 Log Files :
As is true with most websites, we collect certain information automatically and store it in log files.
This data includes IP addresses, browser type, Internet service provider (“ISP”), referring/exit pages, operating system, date/time stamp, and clickstream data.
We use this information to analyze behaviors and trends, administer the Website, track users’ movements around the Website, gather demographic information about our visitor base as a whole, and better tailor our Services to our users’ needs.
For example, some of the data may be collected so that when you visit the Website or the Services again, it will recognize you and the information could then be used to serve advertisements and other information considered appropriate towards your interests.
Except as noted in this Privacy Policy, we do not link this automatically-collected data to Personal Information.
4.3 Cookies
Like many online services, we use cookies “Cookies” to collect information.
Cookies are small pieces of information that a website sends to your computer’s hard drive while you are visiting the Website.
We may use both session Cookies (which expire once you close your web browser) and persistent Cookies (which remain on your computer until you delete them) to provide you with a more personal and interactive experience on our Website.
This type of data is collected to make the Website more useful to you and to tailor the experience with us to meet your special objectives, interests, and needs.
Most browsers are initially set up to accept Cookies, but you can reset your browser to refuse all Cookies or to indicate when a cookie is being sent.
However, be aware that some features and aspects of the Website may not function properly if you disable Cookies.
4.4 Pixel Tags
In addition, we use “Pixel Tags” (also referred to as clear Gifs, Web beacons, or Web bugs).
Pixel Tags are tiny graphic images with a unique identifier, similar in function to Cookies, that are used to track online movements of Web users and visitors.
Conversely to Cookies, which are stored on a user’s computer hard drive, Pixel Tags are embedded invisibly in web pages.
Pixel Tags also allow us to send e-mail messages in a format that users can read, and they tell us whether e-mails have been opened to ensure that we are sending only messages that are of interest to our visitors and users.
We may use this information to reduce or eliminate messages sent to a user.
4.5 Mobile Services
We may also collect non-Personal Information from your mobile device if you have visited our Website vie a mobile browser.
This information is generally used to help us deliver the most relevant information to you.
Examples of information that may be collected and used include your geographic location, how you use the mobile Website, and information about the type of device you use.
In addition, in the event our Website crashes on your mobile device, we will receive information about your mobile device model software version and device carrier, which allows us to identify and fix bugs and otherwise enhance the performance of our mobile Website.
This information is sent to us as aggregated information and is not traceable to any individual and cannot be used to identify an individual.
4.6 Analytics Tools
We use third-party analytics tools to help measure traffic and usage trends and behaviors for the Website and Services.
4.7 Location Information
If you have enabled location services on your phone, we collect your location data to make a map available to the recipients of your messages showing your location.
If you do not want this information collected by us, you can disable location services on your phone.
5. Where do we store your personal information?
Your Personal Information will be stored and treated in our primary data store located in Tangier, Morocco.
6. How do we handle data from international users?
Certidrill is based in Morocco and provides services globally.
We primarily store Personal Information about the Website visitors and users within the European Economic Area (the “EEA”), the United States, and in other countries and territories.
To facilitate our global operations, we may transfer and access such Personal Information from around the world, including from other countries in which Certidrill has operations for the purposes described in this Privacy Policy.
We may also transfer your Personal Information to our third-party sub-processors as detailed here, who may be located in a different country.
If you are a European Union (EU) citizen and your information is shared with corporate affiliates or third-party service providers outside the EEA, we will, prior to sharing your information with such corporate affiliate or third-party service provider, establish the necessary means to ensure an adequate level of data protection.
This may be an adequacy decision of the European Commission confirming an adequate level of data protection in the respective non-EEA country or an agreement on the basis of the EU Model Clauses (a set of clauses issued by the European Commission).
We will provide more information on the means to ensure an adequate level of data protection upon request.
If you are visiting our Website from the EEA or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your Personal Information to Morocco and other jurisdictions in which we operate.
By providing your Personal Information, you consent to any transfer and processing in accordance with this Privacy Policy.
Please note, that for Users from the EEA, all processing of Personal Information will be performed in accordance with the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons and Organic Law 3/2018 on the Protection of Personal Data and Guarantee of Digital Rights with regard to the processing of Personal Information and to the free movement of such data and the implementations of this Regulation in local legislation.
6.1 Data Processing Agreements
In compliance with the General Data Protection Regulation (GDPR), Certidrill recognizes the importance of ensuring that personal data is processed with the utmost care and in accordance with applicable data protection laws. When engaging third-party entities for data processing activities, Certidrill will establish Data Processing Agreements (DPAs) to govern the processing of personal data. These agreements outline the terms and conditions under which personal data will be processed, ensuring a high standard of data protection.
6.2 Lawful Bases for Processing
Certidrill is committed to processing personal data lawfully, fairly, and transparently. The processing of personal data is based on one or more lawful grounds, as outlined in Article 6 of the GDPR. These grounds include the necessity of processing for the performance of a contract, compliance with legal obligations, protection of vital interests, consent, the performance of tasks carried out in the public interest or in the exercise of official authority, and the legitimate interests pursued by Certidrill or a third party.
6.3 Specific Requirements for International Data Transfers
Certidrill operates globally, and as such, there may be instances where personal data is transferred internationally. To comply with the GDPR's requirements for international data transfers, Certidrill employs appropriate safeguards. These may include the use of Standard Contractual Clauses (SCCs), Binding Corporate Rules (BCRs), obtaining explicit consent from data subjects, or relying on specific adequacy decisions by the European Commission for the destination country. Certidrill ensures that any international data transfers are conducted with the highest regard for data protection standards.
7. How do we share Personal Information with others?
We will not sell, trade, or rent your Personal Information to others.
If and whenever we intend to share your Personal Information with a third party (other than to a business partner as provided herein), you will be notified at the time of data collection or transfer, and you will have the option of not allowing the transfer.
However, we may from time to time rent or sell demographic information in the aggregate which does not contain your Personal Information.
We do provide some of our product and service offerings through contractual arrangements made with affiliates, service providers, partners, and other third parties (“third-party service providers”).
We and our third-party service providers may need to use some Personal Information to perform tasks between our respective sites or to deliver products or services to you.
For example, your credit card information may be released to the card-issuing bank to confirm payment for products and services purchased on this Website; or provide order information to third parties that help us provide customer service.
We may share some or all of your Personal Information in connection with or during negotiation of any merger, financing, acquisition or dissolution, transaction or proceeding involving sale, transfer, divestiture or disclosure of all or a portion of our business or assets.
In the event of an insolvency, bankruptcy, or receivership, Personal Information may also be transferred as a business asset.
If another company acquires our company, business, or assets, that company will possess the Personal Information collected by us and will assume the rights and obligations regarding your Personal Information as described in this Privacy Policy.
In certain circumstances, we may be required by public law enforcement or judicial authorities to provide Personal Information to the appropriate governmental authorities.
In such cases, we will disclose Personal Information upon receipt of a court order, subpoena, or to cooperate with a law enforcement investigation or meet national security requirements.
We may also disclose Personal Information if we believe it is necessary to protect or defend the rights or property of Certidrill or users of the Website or Services.
We may also provide Aggregate Information about our customers’ sales, traffic patterns, and related Website information to third-party advertisers, but these statistics do not include any Personal Information.
8. What are your rights?
We may send you e-mails regarding new products and services that we feel may interest you.
If you do not wish to receive emails of this nature, you may unsubscribe from the mail list using the “unsubscribe” feature that accompanies our emails or by contacting us at contact@certidrill.com
You also have choices with respect to Cookies, as described above.
By modifying your browser preferences, you have the choice to accept all Cookies, to be notified when a cookie is set, or to reject all Cookies.
If you choose to reject all Cookies some aspects of our Website may not work properly in such a case.
In addition, if we propose to use your Personal Information for any purposes other than those described in this Privacy Policy and/or in the specific notice provided when you sign up for a certain component of our Services, we will offer you an effective way to opt-out of our use of your Personal Information for those other purposes.
8.1 Managing Your Personal Information
You may access and update your Personal Information through your account settings or by contacting us at contact@certidrill.com
8.2 Data Access
You have the right to obtain from the controller confirmation as to whether or not your Personal Information is being processed, and, where that is the case, access to the Personal Information and relevant information.
You also have the right to obtain a copy of the Personal Information undergoing processing.
8.3 Rectification of Inaccurate or Incomplete Information
You have the right to ask us to correct inaccurate or incomplete Personal Information.
You have the right to ask us the erasure of Personal Information if:
- The Personal Information is no longer necessary in relation to the purposes for which it was collected or otherwise processed and there is no other legal ground for the processing;
- You withdraw your consent or object to the processing of your Personal Information;
- The Personal Information have been unlawfully processed;
- The Personal Information have to be erased for compliance with a legal obligation to which the controller is subject.
You may also be entitled to request copies of Personal Information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible).
You may withdraw your consent at any time by changing your account settings or by sending us a communication specifying which consent you are withdrawing.
Please note that the withdrawal of your consent does not affect the lawfulness of any processing activities based on such consent before its withdrawal.
You have the right to limit the ways in which we use your Personal Information, in particular, where:
- You contest the accuracy of your Personal Information;
- The processing is unlawful and you oppose the use of your Personal Information;
- Certidrill no longer needs your Personal Information for the purposes of the processing, but you require the information for the establishment, exercise, or defense of legal claims;
- You have objected to the processing for direct marketing purposes pending the verification whether the legitimate grounds of the controller override those of the data subject.
Where your Personal Information is processed for direct marketing purposes, including profiling, you may, at any time ask us to cease processing your Personal Information for these direct marketing purposes.
You have the right to lodge complaints about the data processing activities carried out by Certidrill before the competent data protection authorities of your country.
You may exercise any of the rights described in this section before by sending an email to contact@certidrill.com
Certidrill commits itself to respond to you within a maximum of 30 (thirty) days.
9. Restriction
Concerning the rights of the data subject described above, please note that the applicable laws may restrict the scope of the rights provided when such a restriction is a necessary and proportionate measure to safeguard:
- National and public security;
- The prevention, investigation, detection, or prosecution of criminal offenses or the execution of criminal penalties;
- Other important objectives of general public interest;
- The protection of judicial independence and judicial proceedings;
- The prevention, investigation, detection, and prosecution of breaches of ethics for regulated professions;
- The monitoring and inspection of any regulatory function connected;
- The protection of the data subject or the rights and freedoms of others;
- The enforcement of civil law claims.
10. How do we secure your data and Personal Information?
Certidrill is committed to protecting the security of your Personal Information.
We use a variety of industry-standard security technologies and procedures to help protect your Personal Information from unauthorized access, use, or disclosure.
We also require you to enter a password to access your User Account information.
Please do not disclose your User Account password to unauthorized people.
No method of transmission over the Internet, or method of electronic storage, is 100% secure, however.
Therefore, while Certidrill uses reasonable efforts to protect your Personal Information, Certidrill cannot guarantee its absolute security.
11. Data Retention
Certidrill will retain your Personal Information for as long as necessary towards the performance of the contract between you and us and to comply with our legal obligations.
If your Personal Information is no longer required to fulfill contractual or statutory obligations, it will be deleted, unless its further processing is required for the following purposes:
- Preservation of records according to commercial and tax law or other legal obligations;
- Exercise the right of freedom of expression and information;
- Exercise or reply to any legal claims.
12. Information Security Breach and Data breach
Certidrill will notify you and the competent supervisory authority, immediately and in writing, of any infringements on processing of Personal Information, any breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, Personal Information transmitted, stored or otherwise processed or any of the obligations specified in this Privacy Policy as well as information about initiatives to safeguard against a future security breach.
13. What exclusions are there to the Privacy Policy?
This Privacy Policy shall not apply to any unsolicited information you provide to us.
This includes, but is not limited to, information posted in any public areas of our website, any ideas for new products or modifications to existing services, and other unsolicited submissions (collectively, “Unsolicited Information”), including all User Content, as that term is defined in Certidrill’s Terms And Conditions, that by its nature is accessible or intended to be accessible to other users of the Services.
All such Unsolicited Information shall be deemed to be non-confidential and we shall be free to reproduce, use, disclose and distribute such Unsolicited Information to others without limitation or attribution.
You should also be aware that when Personally Identifiable Information is voluntarily disclosed (i.e. your name, email address, etc.) in the discussion forums or other public areas on our Website, that information, along with any information disclosed in your communication, can be collected and used by third parties and may result in unsolicited messages (including unwanted spam messages) from third parties.
Such activities are beyond our control and this Privacy Policy does not apply to such information.
If you have any questions, concerns, or inquiries about our Privacy Policy, our use of your Personal Information, or our privacy practices, please contact us at contact@certidrill.com