Privacy policy

202212011 2022-12-07

1. Purpose

nPerf (hereinafter referred to as "NPERF"), will be required to process personal data about you that you provide to us when using:

  • Our web application from the following URL: (hereinafter referred to as the "Website")
  • Our free downloadable mobile apps from the Apple Store, Google Play Store and Windows Phone.
  • Our free downloadable computer applications from our Website,
  • More generally, our Website.

Mobile, computer and web applications are hereinafter collectively referred to as “Applications”.

This privacy policy (hereafter the "Policy") informs you of how NPERF collects, processes, and protects the information you provide to us on these occasions.

Please read it carefully to fully understand how we process your personal data.

Please note that the Policy may be modified or added to at any time by NPERF, including to comply with any legislative or regulatory developments.

In such a case, its updated date will be clearly identified at the top of the Policy. These modifications apply to you as soon as they are published online. Please check back frequently to see any updates or changes to this Policy.

You will also be informed of the adoption of each new version of the Policy by an explicit communication (banner, window, notification) during your first login following the adoption of the amended Policy.

For any information on the protection of personal data, you can also visit the CNIL website (National Commission for Computing and Freedom): .

2. Who is the data controller?

The data controller determines the processing purposes (why your personal data is processed) and methods (how your personal data is processed?).

The data controller is NPERF, registered with the Lyon Trade and Companies Register under number B 450 208 244, whose registered office is located at 87, rue de Sèze, 69006 LYON, France.

Tel. : + 33 (0)4 82 53 34 05

3. What type of personal data does NPERF collect?

Personal data are those which permit the designation or identification of a natural person, such as name and surname, postal address, telephone number, email address or IP address, ….

NPERF is likely to collect and process different types of data.

3.1. Data you send directly to us

When you create an account on one of our Apps, you send us

  • A username/login
  • A valid email address
  • A valid email address

This information is mandatory. Otherwise, you will not be allowed to create an account and we will not be able to provide you with the enhanced services offered by our Applications.

When you contact us via the online contact form, you send us your name, surname, email address.

3.2. Data we collect when using our Applications

When you use our Applications and Website, we collect the following technical information about your connection and browsing (hereinafter the "Technical Information"):

  • Geographical position,

    NPERF has access to this data provided that you have authorised your browser or the application to access your position when accessing the WebSite/Applications.

    NPERF informs you that allowing access to your location allows it to provide you with more relevant test results.

    For mobile devices with an Android 11 or later operating system, it is necessary to allow geolocation for proper operation of the Application.

  • Type and model of your device,
  • Version of your operating system (mobile App) or of your Internet browser (web App),
  • Technical information about your Internet network,
  • IP address,
  • Test results from Applications.

3.3. Exclusion of any sensitive data

NPERF does not collect or process any sensitive data within the meaning of the regulations on the protection of personal data.

Sensitive data are those which reveal racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation.

4. Why is your personal data processed by NPERF?

NPERF mainly uses your personal data for the following purposes:

  • Management of your user account,
  • Management of your requests for information and assistance,
  • Provision of the services offered by the Applications: throughput tests, test history, comparison of your tests with those of other users, saving of your test results on the NPERF Cloud, sharing of results at your initiative,
  • Information about various NPERF-related events, including Service updates,
  • Production and publication of maps and statistical studies on the quality of Internet connections (barometers),
  • Marketing of anonymized technical data to NPERF's professional customers (in particular to telecommunications operators),
  • As an exception to the previous point, NPERF may transmit your non-anonymized IP address to your telecommunications operator with your test results, to the exclusion of any other telecommunications operator, for the exclusive purpose of analyzing the quality of the networks and technical diagnoses, to the exclusion of any other purpose, in particular for marketing or commercial purposes.

5. On what legal basis are my personal data processed by NPERF?

The processing of your personal data is justified on different grounds (legal basis) depending on the use we make of the personal data.

You will find below the legal basis we apply to our main procedures.

Among the applicable legal basis:

The contract:

The processing of personal data is necessary for the fulfilment of the contract (provision of our services) materialized by our EULA.

The legitimate interest:

NPERF has a legitimate interest in processing your Technical Information for the purpose of publishing barometers and marketing technical data to its professional customers, telecommunications operators, that is justified, balanced and does not infringe on your privacy.

The consent:

The processing of your data is based exclusively on your free and express prior consent.

You can withdraw your consent at any time.

6. Summary table

Purposes of processing Data processed Legal basis Retention period
Management of your user account Username/ID, email address, password Contract Until your account closes
Information about various NPERF-related events, including Service updates Username/ID, email address Consent Until your account closes
Management of your requests for information and assistance Last name, first name, email address, content of your message Contract
Provision of the services offered by the Applications: throughput tests, test history, comparison of your tests with those of other users, saving of your test results on the NPERF Cloud, sharing of results at your initiative Technical Information Contract 5 years from collection and then anonymization
Publication of barometers & marketing of anonymized data to professional clients Technical Information Legitimate interest
Communication of technical data to your telecommunications operator for the exclusive purpose of technical diagnosis, to the exclusion of all other purposes (in particular for marketing and commercial purposes) Technical Information Legitimate interest

7. Who are the recipients of your personal data processed by NPERF?

The following are likely to have access to your personal data:

  • Some NPERF technical department staff filter your data before sending it to NPERF business customers.
  • The sub-contractors that NPERF uses in its activities to:

    • Host NPERF data on servers exclusively based in Europe.
    • Sending electronic messages - emails (subcontractor based outside the European Economic Area).
    • Manage certain functionalities of NPERF applications such as reverse geocoding, bug reports or statistical analysis (subcontractor based outside the European Economic Area).

Your personal data may also be transmitted to NPERF’s customers or business partners:

  • Telecom operators
  • Telecom partners
  • Private companies
  • Public institutions

NPERF markets the data collected, anonymisées, through service contracts, to telecommunications operators so that they can assess themselves against the competition and improve the performance of their networks.

By exception, your collected IP addresses may be communicated not anonymized to your telecommunications operator alone on the express condition that these IP addresses are used by the latter only for exclusive technical diagnostic purposes, to the exclusion of all other purposes (including marketing and commercial purposes).

8. What are your rights in respect of your personal data?

In accordance with the regulations in force, you have the following rights in respect of your personal data:

8.1 Right of access and communication

You have the right to know whether personal data concerning you is processed by NPERF and, if so, to obtain a copy in an understandable format.

In order to respond to your request, we are legally required to verify your identity. We may also be required to ask you to provide us with more information in order to respond to your request.

8.2 Right of correction and deletion

You have the right to have your inaccurate data corrected and your incomplete data completed, as well as to obtain, in accordance with the regulations in force, the deletion of your personal data.

8.3. Right to restrict processing

You have the right to temporarily suspend the partial or total use of your personal data.

This is the right to have processing suspended while an audit can take place in the cases provided for by the regulations (thus to check the accuracy of the data, to check whether the legitimate reasons pursued by the data controller prevail over those invoked by the person concerned in case of opposition etc.).

8.4 Right to object

You have the right to object, on grounds relating to your particular situation, at any time to the processing of your Personal Data having as legal basis the legitimate interest of NPERF, as well as the right to oppose the processing of your personal data for commercial prospecting purposes.

8.5. Right to portability

You also have the right to the portability of your data, that is to say the right to receive the personal data that you have provided us in a structured, commonly used and machine-readable format and the right to transmit this data to another data controller.

This right only applies to data collected with your agreement or under a contract.

8.6. Guidelines in case of death

You have the right to set general or specific guidelines regarding the fate of your personal data after your death

You may change or revoke these instructions at any time.

8.7. Exercise of rights

You can exercise your rights by mail by writing to us at NPERF, 87, rue de Sèze, 69006 LYON, France or send us your request via the internet link: .

8.8. Referral to the competent supervisory authority

If you feel that NPERF does not respect its obligations regarding the protection of your Personal Data, you can contact the competent authority. In France, the competent authority is the CNIL that you can contact by logging on to its website .

9. Is your personal data transmitted outside the European Union?

Some of our subcontractors are established outside the European Economic Area, and in a country not recognised by the European Commission as providing an adequate level of protection, and are likely to have access to some of your personal data. NPERF ensures that this transfer is carried out in compliance with the applicable regulations and guarantees a sufficient level of protection of your personal data (in particular, on a case-by-case basis, by the regularisation of contractual clauses based on the European Commission's model).

10. Security of your personal data

NPERF undertakes to take all necessary measures, in view of the nature of the data and the risks associated with their processing, to protect the security of your personal data and, in particular, to prevent their corruption, damage, or use by unauthorised third parties.

For example, NPERF uses physical, electronic and administrative security measures.

Our safeguards include firewalls, physical access controls, and data access authorisation checks.

11. Cookies

Please find our Cookies Policy .