This site uses cookies strictly necessary for its operation and audience measurement cookies (Matomo, hosted in France). No data is shared with third parties.

Privacy Policy

IRICE – Independent Reference Infrastructure for Certification and Evaluation
Last updated: 01/01/2025

1. Preamble

IRICE places particular importance on the protection of personal data and respect for privacy.

This privacy policy aims to inform users of the website www.irice-certification.com (hereinafter "the Website") about the processing of personal data carried out during their browsing.

2. Data Controller

The data controller is:
IRICE – Independent Reference Infrastructure for Certification and Evaluation
SAS with a share capital of €20,000
Registered office: 10 rue du Lieutenant Parayre, Espace Wagner Building A2, 13290 Aix-en-Provence, France
Email: contact@irice-certification.com

3. Data Collected

The following data may be collected on the Website:

  • Identification data: surname, first name, position, organisation, email address, telephone number
  • Certification-related data: project information, site address, technical documents
  • Browsing data: IP address, browser type, consultation time, pages visited (via cookies)

IRICE collects only the data strictly necessary for the purpose of the processing.

4. Purposes of Processing

Personal data is collected for the following purposes:

  • Responding to enquiries submitted through contact forms
  • Processing certification requests submitted via the Website
  • Sending communications related to IRICE activities (regulatory information, framework updates)
  • Ensuring the proper functioning of the Website and improving user experience

IRICE does not sell any personal data.

5. Legal Basis for Processing

Processing carried out by IRICE is based on the following grounds:

  • Performance of a contract or pre-contractual measures (certification requests)
  • Compliance with a legal or regulatory obligation (Cofrac Accreditation No. 5-0655, Product, process and service certification, scope available at www.cofrac.fr)
  • Legitimate interest of IRICE (service improvement, fraud prevention)
  • User consent, where required (cookies, forms)

6. Data Retention Period

Personal data is retained:

  • For the duration necessary to process the request or contractual relationship
  • Then archived in compliance with legal and regulatory obligations
  • Browsing data is retained for a maximum period of 13 months

7. Data Recipients

Collected data is processed only by authorised IRICE internal teams. It may be shared with technical service providers (hosting, maintenance), strictly within the scope of their assignment. IRICE does not transfer any data outside the European Union.

8. Data Security

IRICE implements appropriate technical and organisational measures to protect data against loss, alteration, unauthorised access, or disclosure.

Hosting is provided by Infomaniak, recognised for its security standards and GDPR compliance.

9. User Rights

In accordance with the GDPR, each user has the following rights:

  • Right of access to their data
  • Right of rectification
  • Right to erasure (within legal limits)
  • Right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to lodge a complaint with the CNIL (www.cnil.fr)

To exercise these rights, a request may be sent to: contact@irice-certification.com. Proof of identity may be required.

10. Cookies

The Website uses cookies strictly necessary for the operation of the site, as well as audience measurement cookies (Matomo).

Users are informed about the use of cookies via a consent banner on their first visit. They may manage their preferences at any time via this banner or their browser settings.

11. Policy Updates

IRICE reserves the right to modify this privacy policy at any time, in particular to adapt it to regulatory changes. The applicable version is that available online at the date of browsing.