Privacy Policy
Bernstein.io
Legal Disclosure
Last updated: February 11, 2026
This Privacy Policy explains the conditions under which personal data are collected, processed, and protected in connection with the use of the Bernstein.io platform (the "Platform").
The Platform is operated by IP LEVERAGED SAS, a simplified joint-stock company incorporated under French law, with registered office in Strasbourg, France (hereinafter "Bernstein" or the "Data Controller").
This Policy is governed by French law and Regulation (EU) 2016/679 (GDPR). In the event of any discrepancy, the French version shall prevail.
General Principles
Bernstein processes personal data in accordance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity and confidentiality.
Appropriate technical and organisational measures are implemented to ensure a level of security appropriate to the risks.
Categories of Data Collected
The following categories of personal data may be collected:
Identification data: name, surname, email address, organisational information.
Account and contractual data: login credentials, certification history, certification units ("credits").
Billing data: payment-related information and transaction history.
Technical data: IP address, connection logs, browser and device data.
Support data: content of communications addressed to customer support.
Due to the encryption architecture implemented, Bernstein does not access uploaded content in unencrypted form and does not have knowledge of data contained in protected files.
Purposes and Legal Bases
Personal data are processed for the purposes of:
- account management;
- certification management;
- performance of contractual obligations;
- billing and payment processing;
- fraud prevention;
- platform security;
- compliance with legal obligations;
- customer support.
Processing is based on contract performance, legal obligations, legitimate interest, or consent where required.
Recipients
Personal data may be shared with:
- technical service providers involved in hosting, infrastructure, payment processing, or maintenance;
- White-Label partners where the Platform is used through a co-branded instance, to the extent necessary;
- public authorities where legally required.
Service providers act as processors within the meaning of the GDPR.
White-Label Services
When the Platform is accessed through a White-Label instance, certain identification and account data may be accessible to the relevant partner for contractual management purposes.
The technical infrastructure remains operated and hosted by Bernstein.
The allocation of data protection responsibilities may be governed by a specific agreement between Bernstein and the White-Label partner.
International Transfers
Where personal data are transferred outside the European Union, appropriate safeguards are implemented, including standard contractual clauses adopted by the European Commission.
Retention Period
Personal data are retained only for as long as necessary for the purposes described and in accordance with applicable legal obligations.
Data Subject Rights
Individuals have the right to access, rectify, erase, restrict processing, obtain data portability, object to processing, and withdraw consent where applicable.
Requests may be addressed to: [email protected]
Complaints may be lodged with the CNIL or the competent supervisory authority.
Security
Bernstein implements appropriate technical and organisational measures to protect personal data.
However, no system can guarantee absolute security.
Cookies
The Platform uses strictly necessary cookies for its operation.
Non-essential cookies are subject to prior consent.
Modification of this Policy
This Policy may be amended at any time.
The applicable version is the one published on the Platform at the time of access.