At Tilkee, the security of our customers’ data has always been a priority. Tilkee is certified Afaq – personal data protection.

What is GDPR?

The General Data Protection Regulation (GDPR) is a European regulation enacted on 27 April 2016 which comes into force on 25 May 2018. It is the culmination of a policy promoting the protection of the personal data of all users, with a view to respecting their privacy.


Our team works continuously to manage the company’s defence systems, to develop the security review process, to design the security infrastructure and to implement the security rules necessary to ensure the compliant management of our customers’ personal data. In particular, we have successfully passed several of our “Enterprise” sized clients’ security audits.

While GDPR stipulates several very specific requirements, the authorities must still approve every certification mechanism pursuant to article 42, which would enable companies to easily demonstrate compliance to their customers. At Tilkee we have made the decision to get out in front of jurisprudence, with a view to adopting the most restrictive rules governing the management of private data. We have been working on data protection for a long time, being guided by GDPR, and we are happy to be able to provide you with an overview of what we have achieved and what we intend to do in the near future, in order to ensure compliance with European standards.

Which data collected by TILKEE is affected by GDPR?

Only data of a “personal” nature is concerned. What is currently referred to as “personal data” is all information relating, directly or indirectly, to an identified or identifiable physical person, in particular by means of reference to an identifier such as a name, an identification number, location data or an online ID in the case of TILKEE.

Why collect personal data?

Each piece of data is collected for specific and identified purposes, so as to enable the proper functioning of the services provided by the various digital TILKEE platforms. TILKEE will ensure that, in a fair and lawful manner, it only collects relevant data and will ensure that it is kept up to date and therefore complete and accurate.

Who processes your personal data?

TILKEE is the primary recipient of your personal data. This data will never be transmitted or divulged with a view to enabling third parties to prospect you. However, in order to enable the proper functioning of our services, some of your personal data will be transmitted to sub-contractors.

TILKEE undertakes to only entrust your personal data to quality sub-contractors who have already undergone an audit inspection.

How long is it held of?

Each type of data has its own specific storage period. By way of example: Cookies are accepted for 13 months, and their renewal must be consented to once this time has lapsed once more. Personal data provided on the Digital Platforms is retained for 3 years from your last login.

Where is it held?

The data is stored, maintained and encrypted by leading hosting providers in Europe (AWS, Microsoft Azure, OVH).

What are yout responsabilities?

The law states that, for the purpose of commercial prospecting, the informed consent of the prospective customer is a mandatory requirement prior to any sending of emails. Furthermore, in order to guarantee a duty of information, TILKEE allows you to configure your account in order to help you inform your customer/s of the nature of the sent link.

Our commitment


The personal data required for the proper functioning of the tool is encrypted (database and flat files) and their access is audited. The data belonging to prospective customers (IP address, login details) is stored and pseudonymised.

TILKEE endeavours to protect and secure the personal data that you have elected to communicate to it, with a view to ensuring it remains confidential and to prevent it from being altered, damaged, destroyed or divulged to unauthorised third parties.

Respect de vos droits

Even if you choose to share your personal data, you still have the right to ask us which data we have in our possession, to have it corrected, to request that we delete it, to request that we limit its use and to oppose to it being collected or converted.

To find out more, please have a look at our Privacy Center. We must, however, inform you that in the case of opposition or limitation on your part, TILKEE cannot guarantee the proper functioning of its services.