General conditions for the protection and management of personal data

The purpose of the present clauses is to define the conditions under which the Company PROOFTAG SAS (hereinafter “Prooftag”) undertakes to carry out on behalf of the Customer (hereinafter “the Processing Manager”) the Personal Data Processing Operations defined hereafter. Within the framework of their contractual relations, the parties undertake to comply with the regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 applicable as of 25 May 2018 (hereinafter, the “European Data Protection Regulation”, “EDPR” or “Regulation”) hereafter GDPR

Description of the processing being outsourced:

Prooftag is authorized to process on behalf of the Processing Manager the personal data necessary to provide the following services: Implementation of the ProoftagCerv online service platform, provision of information enabling the latter to supervise the distribution and implementation of its products or documents, and technical support.

The nature of the operations carried out on the data is the analysis of the information in order to correct erroneous information, the performance of computer maintenance tasks to ensure the availability of the service, and the provision of functional advice on the use of data entry and exploitation software. 

Prooftag undertakes to comply with the provisions of the GDPR within the framework of its obligations.

The Processing Manager undertakes to define the data collected in compliance with the GDPR.

The legal basis of the processing operation is the execution of the service contract.

The categories of data subjects are the customers of the Processing Manager.

For the execution of the service, which is the object of the present clauses, the Processing Manager provides Prooftag with the following necessary information:

  1. Name and contact details of the Data Processing Manager Representative.
  2. Name and contact details of the Data Protection Officer of the Processing Manager (if applicable).
  3. For a support request: file reference, last name and first names of the relevant person.

Obligations of Prooftag regarding to the Processing Manager:

Prooftag undertakes to: 

  1. Process the data only for the purpose(s) that is/are the subject of the service.
  2. Process the data in accordance with the documented instructions of the Processing Manager. If Prooftag considers that an instruction constitutes a breach of the European Data Protection Regulation or of any other provision of Union law or of the law of the Member States relating to data protection, it shall immediately inform the Processing Manager. Furthermore, if Prooftag is required to transfer data to a third country or to an international organization, by virtue of Union law or the law of the Member State to which it is subject, it must inform the Processing Manager of this legal obligation prior to the processing, unless the law concerned prohibits such information for important reasons of public interest.
  3. Guarantee the confidentiality of the personal data processed in the framework of this contract.
  4. Ensure that the persons authorized to process personal data under this contract:
  • Undertake to respect confidentiality or are subject to an appropriate legal obligation of confidentiality.
  • Receive the necessary training in the protection of personal data.
  1. Consider, with respect to its tools, products, applications or services, the principles of data protection from the design stage, and data protection by default

Rights to Information of the persons concerned

It is the responsibility of the Processing Manager to provide information to the persons concerned by the processing operations at the time of data collection.

Exercise of individual rights

As far as possible, Prooftag must help the Processing Manager to fulfil its obligation to respond to requests to exercise the rights in relation of data: right of access, rectification, deletion and opposition, right to limit processing, right to portability of the data, right not to be subject to an automated individual decision (including profiling). When the concerned persons make requests to Prooftag to exercise their rights, Prooftag must send these requests upon receipt by e-mail to the Data Protection Officer of the Processing Manager or  to the representative of the Processing Manager.  

Notification of personal data breaches

Prooftag notifies the Processing Manager, as soon as possible after becoming aware of it, of any violation of personal data for which it is responsible, by e-mail to the Processing Manager . This notification shall be accompanied by any useful documentation to enable the Processing Manager, if necessary, to notify the competent supervisory authority of the breach.

Support from Prooftag in the context of the Compliance of the Processing Manager with his obligations

Prooftag may assist the Processing Manager in carrying out impact analyses relating to data protection. Prooftag may assist the Processing Manager in carrying out any prior consultation of the control authority system.

Security measures

In application of article 32.1 of the GDPR, the Processing Manager and Prooftag acknowledge that they implement the appropriate technical and organizational measures in order to guarantee a level of security appropriate to the risks.

Prooftag is responsible for the security of the outsourced processing only for those aspects falling within its control. The Processing Manager remains responsible for the security and confidentiality of its information systems and its internal policy for access to the Software, particularly in the definition and allocation of functional roles. It is the responsibility of the Processing Manager to ensure that the uses and configuration choices of the ProoftagCerv online service platform at his disposal meet the requirements of the Regulation. Prooftag has no obligation to protect personal data that is stored or transferred by the Processing Manager outside the Software provided by Prooftag:

Data output:

At the end of the provision of services relating to the processing of this data, Prooftag undertakes, at the choice of the parties: 

a.         To destroy all personal data or 

b.         To return all personal data to the Processing Manager, or 

c.         To send the personal data to the processor designated by the Processing Manager .

The return must be accompanied by the destruction of all existing copies in the Subcontractor’s information systems. Once they have been destroyed, Prooftag must justify the destruction in writing. 

Data Protection Officer:

  1. Any communication to the DPO should be addressed to:

    GDPR Service

    PROOFTAG SAS, 1100 av de l’Europe – 8200 Montauban – France


Register of categories of processing activities

Prooftag declares that it keeps in writing a register of all categories of processing activities carried out on behalf of the Processing Manager, including: 

  1. The name and contact details of the Processing Manager on whose behalf he or she acts, any subcontractors and, where applicable, the Data Protection Officer.
  2. The categories of processing operations carried out on behalf of the Processing Manager .
  3. Where applicable, transfers of personal data to a third country or to an international organization, including the identification of that third country or international organization and, in the case of the transfers referred to in the second subparagraph of Article 49(1) of the European Data Protection Regulation, the documents attesting to the existence of appropriate safeguards.


Upon request, Prooftag will provide the Processing Manager with the documentation necessary to demonstrate compliance with all its obligations and to enable audits, including inspections, to be carried out by the Processing Manager or another auditor that it has mandated, and to contribute to these audits. 

Obligations of the Processing Manager vis-à-vis Prooftag

The Processing Manager undertakes to:

  1. Provide Prooftag with the data referred to in chapter 1 of the present clauses.
  2. Document in writing any instruction concerning the processing of data by Prooftag.
  3. Ensure, beforehand and throughout the duration of the processing, that the obligations provided for by the European Data Protection Regulation are respected.

Application of the general conditions for the management of personal data

The general conditions set out above are applicable from the signature of the contract and during the entire period of execution of the contract between, in accordance with the European Data Protection Regulation. 

Product details

Prooftag cerv

  • Add product details and characteristics directly on the Prooftag CERV interface
  • Add additional information such as origin or composition
  • Register the languages available for viewing your products
  • Define the safety data associated with the product


Prooftag cerv

  • Connectivity and serialisation
  • Track & trace your products and identify the distribution channels of your products
  • Create shipping or product return events
  • Certitrack integration allows you to manage the users and applications that have access to your products


Prooftag cerv

Build customer loyalty by rewarding them for each seal scan


Prooftag cerv

  • Get an alert each time a seal is consulted
  • Receive product location information


Prooftag cerv

Consult the consultation statistics in real time by

  • country
  • consultation language
  • product type


Prooftag cerv
Monitor your markets in real time
and adapt your strategies in real time

Détails produit

Prooftag cerv

  • Ajouter les détails et les caractéristiques du produit directement sur l'interface Prooftag CERV
  • Ajouter des informations supplémentaires telles que l'origine ou la composition
  • Enregistrer les langues disponibles pour la visualisation de vos produits
  • Définir les données de sécurité associées au produit


Prooftag cerv

  • Connectivité et sérialisation
  • Assurez le suivi et la traçabilité de vos produits et identifiez les canaux de distribution de vos produits
  • Créer des événements d'expédition ou de retour de produits
  • L'intégration de Certitrack vous permet de gérer les utilisateurs et les applications qui ont accès à vos produits


Prooftag cerv

Fidélisez vos clients en les récompensant pour chaque scan de sceau


Prooftag cerv

  • Recevez une alerte chaque fois qu'un sceau est consulté
  • Recevoir des informations sur la localisation des produits


Prooftag cerv

Consultez les statistiques de consultation en temps réel par

- Pays

-  Langue de consultation

-  Type de produit


Prooftag cerv
Suivez vos marchés en temps réel
et adaptez vos stratégies en temps réel


Prooftag cerv

  • Konnektivität und Serialisierung
  • Verfolgen und verfolgen Sie Ihre Produkte und identifizieren Sie die Vertriebskanäle Ihrer Produkte
  • Erstellen Sie Versand- oder Produktrückgabeereignisse
  • Die Certitrack-Integration ermöglicht es Ihnen, die Benutzer und Anwendungen zu verwalten, die Zugang zu Ihren Produkten haben


Prooftag cerv

  • Hinzufügen von Produktdetails und -merkmalen direkt über die Prooftag CERV-Schnittstelle
  • Fügen Sie zusätzliche Informationen wie Herkunft oder Zusammensetzung hinzu
  • Registrieren Sie die verfügbaren Sprachen für die Anzeige Ihrer Produkte
  • Definieren Sie die mit dem Produkt verbundenen Sicherheitsdaten


Prooftag cerv

Binden Sie Ihre Kunden, indem Sie sie für jeden Siegelscan belohnen


Prooftag cerv

  • Erhalten Sie jedes Mal eine Warnung, wenn ein Siegel eingesehen wird
  • Erhalten Sie Informationen zum Produktstandort


Prooftag cerv

Konsultieren Sie die Konsultationsstatistiken in Echtzeit nach

  • Land
  • Sprache der Konsultation
  • Produkttyp


Prooftag cerv
Controle sus mercados en tiempo real
y ajustar sus estrategias en tiempo real