Access to AppConsent solutions published by SFBX by the Client implies the Client's express and unreserved acceptance of these General Terms and Conditions.
SFBX may modify these Terms and Conditions at any time.
SFBX informs Customers of such changes by email or any other form of communication with Customers, ensuring that a notice period is respected.
The following terms have the following meaning in these General Terms and Conditions unless otherwise stated.
SFBX provides its Customers with two services for managing their consent and personal data: AppConsent and AppConsent Xchange.
AppConsent Premium is a consent management platform (CMP), a solution for collecting consents from users of the Customer's websites or applications.
AppConsent® Xchange is a next-generation CMP that allows publishers, retailers and e-merchants to distribute their data with confidence.
This product allows sellers customers to share the data they hold with buyers customers and provide traceability and ensure that the user's choice is respected on the use of their data.
No data is shared without its attached legal basis.
The Customer must connect to the Internet (SaaS solution) and then to the Platform to use AppConsent solutions.
AppConsent solutions can be modified according to improvements or updates made without prior notice to the Customer.
By creating an Account, the Client declares that he/she is of legal age and able to enter into a contract.
In the case of incapable persons and minors, the Client declares that he is legally authorised to represent them either because he has parental authority or because he has been appointed as their legal representative by a court decision. The Client undertakes to provide proof of this at the first request of AppConsent.
For any person working for a legal entity, the latter declares that it is authorised to bind the company it represents.
To access the AppConsent Platform, the Customer must create an Account. The platform is common for AppConsent Premium and AppConsent XChange.
The creation of an Account is done by providing the following information:
A verification email is sent to the address provided to activate the Account.
To access all the features of AppConsent Solutions, the Customer must provide the following information in his account in order to activate the SaaS service:
The AppConsent Platform, for technical reasons, automatically collects the unique identification number of the device (IP and/or IMEI) used to create the Account and other devices subsequently authorized by the Customer to connect to the Account.
The Customer is responsible for keeping his username and password.
The Customer undertakes to immediately inform SFBX of any loss and/or disclosure of his username or password.
Access to AppConsent solutions can be achieved by means of a digital identity authentication process (PIN code or other) that guarantees the Customer secure access to his Account in addition to the email address and password chosen at the time the Account is created.
The Customer has a right of access to the Platform from his fixed or mobile equipment and by means of the Identifiers provided to the Customer and in his custody. The Identifiers are intended to restrict access to the Platform to the Customer's administrators authorized by the Customer to manage the Customer's account, to protect the integrity and availability of the Platform and to protect the integrity, availability and confidentiality of Visitors' data.
Identifiers are personal and confidential. They are managed by the Client. The Client undertakes to do everything possible to ensure that its administrators keep the Identifiers confidential and comply with security instructions.
The Customer is fully responsible for the equipment and identifiers and for the implementation of appropriate security measures.
SFBX grants the Customer, during the term of the Agreement, a personal, non-exclusive, non-transferable and non-transferable right to use the Platform for the purposes of its website(s) or mobile applications.
The Platform automatically collects, manages, monitors and stores Consents on behalf of the Client, which are time-stamped and immutable. At the time of collection, each Consent is collected in accordance with the Consent Notice and linked to a Visitor by the establishment of the Correspondence Table.
This service is charged according to the conditions described on the AppConsent.io website and in the contracts signed with each Client.
In return for the free supply of AppConsent Premium, the customer Seller will provide SFBX with user data for the mobile applications and/or websites it publishes directly or through its network when it acts as an aggregator.
In return for a remuneration defined according to the type of personal data and the quality of the Seller Customer, the Buyer Customer purchases from SFBX personal data for which the Seller Customer has previously given its authorization in exchange for a remuneration sharing, if applicable according to the type of data.
This module is a technological solution for the secure distribution of data collected via SFBX's SDK (Direct Collection) or in connection with Server2Server with the Client. AppConsent XChange is based on the stack of private blockchains and more broadly on SFBX's Privacy-by-Design and Privacy-by-Default infrastructure.
Main features :
The Client firmly undertakes not to share any personal data such as racial or ethnic origins, political opinions, religious or philosophical beliefs, membership of a trade union organisation, data concerning life or sexual orientation, health information or data treated as health data on the platform.
The AppConsent Xchange Solution allows the Seller Customer to share its Users' Data with any Partner (Buyer Customer) connected to the AppConsent Platform on the basis of a prior agreement (contract).
SFBX provides access to Seller Customer Data and allows its transfer to registered partners (customer buyers) in accordance with the signed contract and in accordance with the consents given by visitors to the seller customer's websites or applications and in a secure manner.
Depending on the category of shared data, the customer seller may receive a remuneration sharing (see article 6).
Each contract is specific, the Consent is different from one partner (client buyer) to another and can be modified or revoked according to the terms of the contracts by the Client seller.
The Client can permanently consult the status and history of contracts with his partners, from his Account, as well as the status of the consents collected.
SFBX shall not be liable for any breach or improper processing of Customer Data by a partner.
The Client is required to inform SFBX in the event of non-compliance by the partner with the terms of the Consent given for access to the Data.
In return for the free provision of the AppConsent Premium solution, the customer will provide SFBX with user data for the mobile applications and/or website it publishes directly or through its network when the latter acts as an aggregator. It is organic, non-intrusive data for users.
This data does not entitle the Seller customer to a remuneration share.
Here is the list of the data concerned, this list is not exhaustive:
MAID maidType timestampCollect deviceManufacturer deviceModel deviceCarrier IP (Truncated) appNameBundle deviceOS deviceOSVersion consentString deviceCountryCode externalId signalStrenght networkType URL Content ID Sync
In the event that the Seller customer wishes to share personal data that meets the criteria below, a remuneration sharing may take place.
This compensation sharing is based on a percentage of SFBX's revenue when sharing this data with the Client Buyer.
This percentage is determined on a case-by-case basis.
Here is the list of the data concerned, this list is not exhaustive:
hashEmailSHA1 hashEmailSHA256 hashEmailMD5
Phone hashPhoneSHA1 hashPhoneSHA256 hashPhoneMD5
GivenName Surname StreetNo StreetName StreetType Floor Town Region Postcode Country Gender dateOfBirth revenues household ageRange
location_lat location_long location_accuracy bearing speed altitude geoip_country_code
geoFenceID GeoFenceTsEntering GeoFenceTsLeaving
The hosting of the AppConsent Platform and Data meets high protection and security requirements.
The Data that the Client registers in his AppConsent Account is encrypted.
SFBX and its Host cannot decrypt the Data, including when SFBX authorizes access or sharing of the Data with the Customer's partners.
The Customer may at any time upload, download or delete the Data appearing on his account, under his sole responsibility.
SFBX guarantees that only the email and encrypted password are stored in the Customer Account Data and that they:
The AppConsent platform undertakes not to make any copies of the Data outside of the technical requirements.
Only a SFBX administrator is authorized to work on the Figures for specific technical needs: maintenance and updating of the AppConsent Platform.
The commitment takes effect on the day the Client's Account is registered for an indefinite period or for the period specified in the contract.
The Client may terminate the commitment at any time under the conditions provided for in the contract.
SFBX may, as of right, terminate the commitment at any time in the event of non-compliance by the Client with the obligations provided for in these general terms and conditions, in accordance with the contractual conditions.
The end of the commitment results in the closure of the Account and the archiving of the Data.
SFBX guarantees the Portability of the Data to the Customer (return or transfer) or its deletion in the cases provided for by law, as soon as possible.
The restitution will be done by providing a link to download the Data, in json format. This link will be available for 10 days after the termination date.
Beyond that, the Customer's data will be deleted without further notice.
SFBX reserves the right to suspend access to the Account in the event of non-compliance with any of the clauses contained in these GTC or the signed contract.
Access will be restored once the Customer has repaired the breaches that caused the suspension.
The Customer is solely and entirely responsible for the Data it transfers into or from its AppConsent Account and access to which is made available to the Customer's partners by SFBX.
The Client undertakes to respect the rights of third parties, in particular personality rights, intellectual or industrial property rights such as copyright, patent, design or trademark rights.
The obligation entered into by SFBX is an obligation of means.
In this context, SFBX undertakes to take all the care and diligence necessary to provide a quality service in accordance with the practices of the profession.
SFBX will endeavour to provide 24-hour access to the Platform, every day of the year except in cases of force majeure, as defined by law, breakdowns, failures due to the Host, maintenance interventions necessary for the proper functioning of the Platform.
In case of absolute necessity, SFBX reserves the right to interrupt access to the Platform in order to carry out a technical maintenance or improvement intervention in order to ensure the proper functioning of its services, regardless of the time and duration of the intervention.
Service interruptions will not entitle the Customer to any compensation.
The Client acknowledges having read all of its obligations and, more generally, all the conditions relating to the use of AppConsent solutions.
Under no circumstances and within the limits provided by law, SFBX may not be held liable, directly or indirectly, for any damage caused to the Customer or a third party as a result of the use of AppConsent solutions, regardless of the cause.
Similarly, and within the same limits, SFBX may not be held directly or indirectly liable for any damage caused to the Customer or a third party due to the unavailability or malfunction of AppConsent solutions, regardless of the cause and duration.
SFBX does not cover compensation for direct or indirect, material or immaterial damages caused by the use of AppConsent solutions.
This clause is considered essential and decisive by SFBX, which would not have contracted without it.
Under Article L. 221-18 of the Consumer Code, any Consumer Customer, within the meaning of the Consumer Code, has 14 days to exercise his right of withdrawal, without having to give a reason or pay any fees or penalties.
The withdrawal period expires 14 days after subscribing to the AppConsent services.
To exercise this right of withdrawal, the Customer must notify SFBX of his decision to withdraw by means of an unambiguous statement, either by e-mail: dataprotection@SFBX.com, or by post to the following address: SFBX SAS - 15 Place Canteloup 33800 Bordeaux FRANCE.
For the withdrawal period to be respected, it is sufficient for the member to send SFBX his communication concerning the exercise of the right of withdrawal before the expiry of the withdrawal period.
In accordance with Article L. 221-25 of the French Consumer Code, the Customer may request access to the AppConsent services before the end of the withdrawal period.
After the creation of his account, the Customer receives an email confirming the platform.
This email contains a PIN code that allows the member to activate his AppConsent account without waiting for the end of the 14-day withdrawal period.
By entering this PIN code into the platform, SFBX collects the member's express request for immediate access to the services.
The invalidity of one of the clauses of the Contract pursuant to a law, a regulation or following a decision of a competent court which has become res judicata shall not entail the invalidity of the other clauses of these General Terms and Conditions which shall remain in full force and effect between the parties.
The fact that SFBX does not at any given time invoke any of the clauses of these General Terms and Conditions and/or a breach by the Customer of any of its contractual obligations shall not be construed as a waiver by SFBX of its right to invoke any of these clauses or contractual obligations at a later date.
This Approval is entirely subject to French law.
In the event of a dispute arising out of the interpretation or performance of this Agreement, the undersigned shall endeavour to settle it amicably before any legal action is taken.
The Customer who is a consumer is informed that he may in any case resort to conventional mediation, in particular with the National Consumer Ombudsman (www.mediation-conso.fr), or to any other alternative dispute resolution method.
In the event of persistent disagreement on the interpretation or execution of this Agreement, the Courts of Bordeaux shall have exclusive jurisdiction.