Privacy Policy

The data controller is Cybersyncnodefr SAS, registered with the Paris Trade and Companies Register under number B 912 847 563, with its registered office at 24 Rue de Rivoli, 75004 Paris, France. For any questions regarding the protection of your data, you may contact our Data Protection Officer (DPO) at: dpo@cybersyncnodefr.com.

We collect the following categories of data: • Identification data: name, first name, email address, provided when submitting our contact form. • Browsing data: IP address, browser type, pages viewed, visit duration, collected via analytics cookies (subject to your consent). • Consent data: your cookie choices and communication preferences, stored in your browser's local storage. We do not collect any sensitive data within the meaning of Article 9 of the GDPR (ethnic origin, political opinions, health data, etc.).

Our data processing is based on the following legal grounds: • Your consent (Article 6.1.a of the GDPR): for analytics and advertising cookies, as well as for sending marketing communications. • Performance of a contract or pre-contractual measures (Article 6.1.b): for processing your consultation request via the contact form. • Our legitimate interest (Article 6.1.f): for improving our services and ensuring the security of our website.

Your data is processed for the following purposes: • Responding to your information and consultation requests. • Analyzing site traffic to improve ergonomics and content. • Sending you information about our services (only with your prior consent). • Ensuring the security and proper functioning of our platform.

Your personal data is retained for a period proportionate to the purpose of processing: • Contact form data: 24 months from the last interaction. • Browsing data (cookies): maximum 13 months in accordance with CNIL recommendations. • Consent data: retained for the duration of consent validity, then 5 years for evidentiary purposes. Upon expiration of these periods, your data is deleted or irreversibly anonymized.

Your data may be shared with the following categories of recipients: • Our internal team of advisors, as part of processing your request. • Our technical subcontractors: hosting provider (OVHcloud, France), analytics tools (Google Analytics, subject to your consent). • Competent authorities, in case of legal obligation. We do not sell or rent your personal data to third parties.

Some of our service providers may be located outside the European Economic Area. In such cases, we ensure that appropriate safeguards are in place: standard contractual clauses approved by the European Commission, or adequacy decisions (Article 45 of the GDPR). Google LLC adheres to the EU-U.S. Data Privacy Framework.

In accordance with the GDPR and the French Data Protection Act, you have the following rights: • Right of access: obtain confirmation of processing and receive a copy of your data. • Right to rectification: correct inaccurate or incomplete data. • Right to erasure: request deletion of your data under conditions provided by law. • Right to restriction of processing: temporarily restrict use of your data. • Right to data portability: receive your data in a structured, machine-readable format. • Right to object: object to processing based on our legitimate interest. • Right to withdraw consent: withdraw your consent at any time, without affecting the lawfulness of prior processing. To exercise these rights, contact us at: dpo@cybersyncnodefr.com. We will respond within one month. You also have the right to lodge a complaint with the French Data Protection Authority (CNIL): www.cnil.fr.

We implement appropriate technical and organizational measures to protect your data: TLS/SSL encryption, strict access control, regular security audits, and staff training in data protection best practices.

We reserve the right to modify this policy at any time. Any substantial change will be communicated via a notice on our website. We encourage you to regularly review this page. The last update date is indicated at the top of this document.