UltimCert Brand Policy from LEVEL21.IO

LEVEL21.IO is a limited liability company with a share capital of €1024, registered under SIREN 888247061 with the Registry of the Paris Commercial Court. The company is headquartered at 28 rue Desaix 75015 PARIS and is represented by its director, Mr. Émile PRÉVOT.

LEVEL21.IO is committed to safeguarding the personal data of its users ("Users"). This Privacy Policy describes the types of personal data we collect through our services ("Services") and our online presence.

This policy also explains how we use personal data, with whom we share it, your rights and choices, and how you can contact us regarding our privacy practices. Please note that this policy does not apply to third-party websites, products, or services, even if they are linked to our Services or Sites. We recommend reviewing the privacy practices of those third parties carefully.

If you have any questions regarding your privacy or wish to exercise your rights, you can contact us.

By using our Sites or Services, Users agree to comply with and be bound by this Privacy Policy. This policy may be modified or updated from time to time without notice, except for provisions that require User's consent. In such cases, the updates will be displayed on the Site.


Capitalized words and phrases not defined herein shall have the same definitions as in the General Data Protection Regulation (GDPR) of the European Parliament and the Council (EU) 2016/679. Capitalized words, terms, or phrases not defined herein or in the GDPR shall be considered typographical errors, unless context or custom dictates otherwise.

I. Nature and Processing of Personal Data

LEVEL21.IO obtains personal data about Users from our site ULTIMCERT.COM. We collect and process these data in a fair and lawful manner, respecting the rights of the individuals.

LEVEL21.IO is the entity responsible for processing User's personal data (Data Controller). It is based in France and is therefore subject to the authority of the French Data Protection Authority (CNIL) regarding the processing of personal data.

To access our Services, Users need to open an Account and provide LEVEL21.IO with the following minimum Personally Identifiable Data: email. The customer's webcam videos can be recorded during the exam. Users may also choose to provide additional personal data in their profile, such as full name, country, username, address, or phone number. This data can be used to train machine learning algorithms and is kept for a maximum of two years.

In addition, our Sites use cookies and other technologies to function effectively and keep you logged in. No other use is made of it.

LEVEL21.IO collects and processes these data to provide access to the Sites and Services. The purposes of these data processing are:

The legal basis for the processing of personal data is:

LEVEL21.IO will never collect or process personal data related to User's race, health, sexual orientation, political opinions, philosophical beliefs, religious views, or other special categories of personal data within the meaning of the GDPR.

III. Cookies

LEVEL21.IO uses "Cookies" (small files stored in User's browsers) in accordance with our general Privacy Policy for several purposes:

In accordance with the Directive 2002/58/EC of the European Parliament (ePrivacy), the use of cookies for authentication and e-commerce carts does not require consent from the User. For all other cookies, LEVEL21.IO's legal basis is Consent.

LEVEL21.IO may authorize its partners to place cookies on User's devices to collect User's data:

The validity period of cookies is 7 days.

IV. Retention of User's Personal Data

1. Security

The Personal Data that Users communicate to LEVEL21.IO are hosted by OVH (France). LEVEL21.IO undertakes to take all necessary precautions to preserve the security of the Personal Data and prevent unauthorized access, alteration, or disclosure.

2. Term

Without prejudice to the following paragraph, the personal data processed by LEVEL21.IO will be deleted immediately after cancellation of the user's account, unless otherwise provided by law.

LEVEL21.IO is under the duty to keep the following personal data for two (2) years from the creation, change, or deletion of User's Content:

3. Cancellation of Account

At any time, Users may request the cancellation of their Account (without prejudice to the above article).

V. Communication from LEVEL21.IO

LEVEL21.IO may send emails to Users at the address associated with their account for technical or administrative purposes or to inform Users about the evolution of its Service. LEVEL21.IO will not send Users commercial offers unrelated to LEVEL21.IO.

LEVEL21.IO will never send commercial emails to Users if they have refused to receive them.

VI. Transfer of User's Personal Data

LEVEL21.IO undertakes not to share User's Personal Data with or transfer them to third parties unless such sharing or transfer is:

  1. To provide technical support or specific services (such as Stripe);
  2. Necessary for the use of the Services; or
  3. To analyze and report

LEVEL21.IO undertakes not to share User's Personal Data with or transfer them to third parties unless Users have given prior consent. LEVEL21.IO will never share User's Personal Data with third parties that do not guarantee adequate protection.

LEVEL21.IO may provide User's Personal Data if required by law or compelled by a court of law.

VII. Right to Access, Modify, and Delete User's Personal Data

Pursuant to French and European law, Users have the right to freely access their data, rectify them if they are inaccurate, request their deletion in certain circumstances, limit their processing, object to the processing, and exercise their right to data portability. Users can exercise these rights by contacting LEVEL21.IO's at contact@ultimcert.com

This GDPR Register is established in accordance with the requirements of the General Data Protection Regulation (GDPR) of the European Union. It is regularly updated and internally documented to ensure compliance with data protection principles.