Privacy policy

Data controller

The data controller for personal data collected through the website and the RemVar services is RemVar, an individual business (EI / micro-entrepreneur regime under French law) registered under SIREN number 942 209 248. For any question, please write to contact@remvar.com.

Processing purposes

Personal data may be used for the following purposes: handling demo and contact requests, managing pre-contractual and commercial relationships, providing the RemVar services to users, improving user experience, ensuring the technical security of the service, complying with legal and accounting obligations.

Data categories

Processed data may include identification data (first name, last name), professional contact details (email, phone, role), company-related information (legal name, size, sector), technical browsing data (IP address, logs, cookies) and content voluntarily submitted through a form or through the use of the service.

Legal bases

• Performance of pre-contractual measures at your request (contact forms, demo requests)
• Performance of the contract when you use the RemVar services
• Legitimate interest of RemVar for service management, security and improvement
• Consent where required, especially for certain trackers and commercial prospecting
• Compliance with legal obligations (invoice retention, accounting)

Recipients

Data may be accessible to RemVar and to its technical processors involved in providing the service, within the strict limits of their need to know. Main processors include: OVH (hosting, France), Resend (transactional email delivery), Stripe (payment and billing), and Google services strictly necessary for website operation (anonymized analytics where applicable). No data is sold or transferred to third parties for commercial purposes.

Transfers outside the EU

Some processors may process data from countries outside the European Union. When this is the case, transfers are governed by appropriate safeguards (European Commission standard contractual clauses, compliance certifications) to ensure a level of protection equivalent to that of the GDPR.

Retention periods

Retention periods are as follows: prospect data (3 years from the last active contact), customer data (duration of the contractual relationship plus 5 years for evidentiary and accounting purposes), accounting and invoice data (10 years in accordance with legal obligations), technical browsing data (maximum 13 months). Beyond these periods, data is deleted or anonymized.

Data subject rights

Under the GDPR and the French Data Protection Act, you have the following rights over your personal data: right of access, right to rectification, right to erasure, right to restriction of processing, right to object, right to data portability, right to withdraw consent at any time, right to define directives regarding your data after your death. To exercise these rights, contact us at contact@remvar.com with proof of your identity.

Complaint to the CNIL

If, after contacting us, you believe your rights have not been respected, you may lodge a complaint with the French Data Protection Authority (CNIL), 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France, or via www.cnil.fr.

Security

RemVar implements appropriate technical and organisational measures to protect your data against loss, alteration, unauthorized access or disclosure: HTTPS encryption, access controls, regular backups, secure hosting in France.

Privacy contact

For any question relating to the protection of your personal data or to exercise your rights, please contact us at: contact@remvar.com.