Langue de navigation

Home/Data Processing Agreement

This English version is provided for international readers. Permyn is a commercial brand operated by Axializ, a French company. The GDPR / European privacy framework applies where legally required or contractually agreed.

Permyn legal

Data Processing Agreement

Version du 2026-07-02 - Ce document peut etre mis a jour.

Telecharger ce document

Data Processing Agreement

Version 1.2 - July 2, 2026

Recitals

This DPA applies where Axializ processes personal data on behalf of a professional customer through the Permyn SaaS platform.

Permyn is a commercial brand operated by Axializ.

Axializ is a French SAS, simplified joint-stock company, with share capital of EUR 500.00, registered with the Montpellier Trade and Companies Register under number 792 809 931.

Registered office: 371 rue de la Begude, 34070 Montpellier, France. Headquarters SIRET: 792 809 931 00027. VAT number: FR87792809931.

Legal representative: Alain Iozzino, President of Axializ.

Permyn general contact: contact@permyn.com. Legal and privacy contact: legal@permyn.com.

Application servers are hosted by OVH SAS, 2 rue Kellermann, 59100 Roubaix, France.

1. Roles

The customer acts as controller, or processor for its own clients, and Axializ acts as processor or sub-processor for customer-managed operational data.

2. Processing scope

Processing includes hosting, storage, retrieval, display, export, deletion and security logging of access management data, collaborators, QR codes, permissions, documents and scan logs.

3. Categories of data subjects

Data subjects may include customer administrators, internal users, collaborators, contractors, visitors, final customers and other persons whose access or documents are managed by the customer.

4. Categories of personal data

Data may include identity data, professional contact details, role and access data, site or agency attachment, authorization status, document metadata, QR code tokens, scan timestamps and technical logs.

5. Processor obligations

Axializ processes personal data only on documented customer instructions, ensures confidentiality, applies appropriate security measures, assists the customer with data subject requests and deletes or returns data at the end of the service subject to legal retention duties.

6. Security

Security measures include TLS encryption, role-based access control, customer data isolation, logging of sensitive actions, backups, limited administrative access and incident response procedures.

7. Sub-processors

Current known sub-processors include OVH SAS for hosting in France and Stripe for payment processing. The list of e-mail, monitoring and support providers must be completed and maintained by Axializ.

8. International transfers

Application data is hosted in France by OVH. Where a technical provider involves transfers outside the EEA, Axializ implements appropriate safeguards required by applicable data protection law.

9. Incident notification

Axializ will notify the customer without undue delay after becoming aware of a personal data breach affecting customer data, and will provide available information to help the customer meet its own obligations.

10. Contact

Data protection and DPA contact: legal@permyn.com.

GDPR Data Processing Agreement

This DPA is the English GDPR data processing agreement for international readers. The contractual framework remains French law / GDPR unless otherwise agreed in writing.

Request signed DPA