Skip to content
Get started

Glev Privacy policy

The processing of your data is subject to EU regulation 2016/679 of April 27, 2016 ("GDPR") relating to the protection of individuals about the processing of personal data and on the free movement of such data.

Article 1: Purpose of this Policy

The purpose of this Privacy Policy is to inform you, the user, about how Glev collects, processes, and protects your personal data. We are committed to maintaining the trust of our users and believe in full transparency regarding our data handling practices. This policy details the types of information we collect, how it is used, with whom it may be shared, and the measures we take to ensure its security. This document is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR).

Article 2: Who We Are

Glev is a software company that edits an Application Security platform. Our mission is to help organizations protect their software applications from threats and vulnerabilities throughout the development lifecycle, from the initial coding stages through to deployment and beyond. By using our platform, you are engaging with a service designed to safeguard sensitive data and ensure the integrity of your applications.

Article 3: Data We Collect

We may collect various types of personal data, including:

  • Identification Data: Name, surname.

  • Contact Data: Email address, phone number.

  • Professional Data: Company name, job title.

  • Connection Data: IP address, cookies.

Article 4: How We Use Your Data

We use your data for the following purposes:

  • Service Delivery: To provide and manage the Glev platform, including user accounts and features.

  • Communication: To contact you regarding your account, updates, or to respond to your inquiries.

  • Legal and Regulatory Compliance: To comply with our legal obligations.

Article 5: Data Hosting and Security

The data for the Glev platform is hosted on Scaleway. Scaleway is a European cloud provider committed to complying with the GDPR. They have implemented robust security measures and hold several industry-standard certifications, including:

  • ISO/IEC 27001:2022 Certification: This is the international standard for Information Security Management Systems (ISMS), which demonstrates Scaleway's commitment to managing data security risks.

  • HDS (Health Data Host) Certification: This certification, managed by the French National Agency for Digital Health, confirms the implementation of rigorous technical and organizational measures to protect health data.

You can find more information about Scaleway's security and resilience at https://www.scaleway.com/en/security-and-resilience/.

Article 6: How We Ensure the Security of Your Data

We take the security of your data very seriously. We have implemented technical and organizational measures to ensure the confidentiality and integrity of your personal data and to prevent unauthorized access or disclosure. These measures include:

  • Access Control: We apply strict management of access rights to our systems and data.

  • Staff Awareness: Our staff is regularly trained and made aware of the importance of data protection and privacy policies.

  • Incident Response: We have procedures in place to detect, manage, and respond to any potential security incidents or data breaches.

Article 7: Data Sharing

We do not sell your personal data to third parties. We may share your data with:

  • Service Providers: Third-party companies that perform services on our behalf (e.g., data hosting).

  • Legal Authorities: When required by law or to respond to legal processes.

All third-party service providers are required to protect your personal data and use it only for the purposes for which it was provided.

Article 8: Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including for legal or reporting requirements.

Article 9: Your Rights

Under data protection laws, you have the following rights regarding your personal data. To exercise any of these rights, please contact us at contact@glev.ai.

  • Right of Information: You have the right to be informed about how your data is processed.

  • Right of Access: You can request a copy of the personal data we hold about you.

  • Right to Rectification: You can request that we correct any inaccurate or incomplete data.

  • Right to Erasure: You can request the deletion of your personal data, within the limits of what is permitted by regulation.

  • Right to Limit Processing: You can request the limitation of the processing of your data under certain circumstances.

  • Right to Withdraw Consent: You can withdraw your consent for data processing at any time, although we may have legitimate reasons to keep it.

  • Right to Data Portability: You can request that your data be communicated to you or transferred to a third party if technically possible.

  • Right to Object: You can object to the processing of your personal data for reasons related to your specific situation.

Article 10: Changes to This Policy

We reserve the right to update this privacy policy at any time. We will notify you of any changes by posting the new policy on this page.

Following applicable legislation, in addition to the abovementioned rights, you have the right to contact a data protection authority, such as the CNIL in France, in particular via the online form: https://www.cnil.fr/fr/plaintes.