Menu
This Privacy Policy is intended to inform any natural person (“User”) accessing the dataforethic.com website about how Data For Ethic collects, uses, stores, and protects their personal data, in accordance with the provisions of Regulation (EU) 2016/679 of 27 April 2016 (“GDPR”) and the amended French Data Protection Act. It applies to all personal data processing carried out in connection with the use of our website and services. Fields marked with an asterisk (*) in our forms are mandatory. Failure to complete these fields will prevent us from processing your request.
The controller responsible for processing your personal data is:
| Company Name | Data For Ethic |
| Legal Form |
SASU (Simplified Joint-Stock Company with a Sole Shareholder) |
| Registered Office | 11 Avenue du Val de Fontenay, 94120 Fontenay-sous-Bois, France |
| Email Address | contact@dataforethic.com |
| Telephone | +33 1 42 83 97 70 |
| Website | dataforethic.com |
2.1 Voluntarily provided data
When you complete a contact form or request a demonstration, the following data may be collected:
• First and last name *
• Email address *
• Phone number
• Company / Institution
• Job title
• Free-text message
Fields marked with an (*) are mandatory in order to process your request. The other fields are optional and are used solely to improve the quality of our response.
2.2 Automatically collected data
When you browse the website, certain technical data is automatically collected:
• IP address
• Browser type and version
• Operating system
• Pages visited and browsing duration
• Connection data (date, time)
• Cookie data (see Section 6)
2.3 Sensitive data
Data For Ethic does not intentionally collect sensitive data within the meaning of Article 9 of the GDPR (such as racial or ethnic origin, political opinions, health data, etc.). If such data were voluntarily provided through a free-text message, it would be immediately deleted.
The table below sets out all processing activities carried out, their legal basis, and their retention period, in accordance with Article 13 of the GDPR.
| Purpose | Data concerned | Legal basis | Retention period |
| Management of contact and support requests | First name, last name*, email*, phone number, company, message | Legitimate interest (Art. 6.1.f): to respond to incoming requests | 3 years from the last contact |
| Provision and improvement of services offered | Browsing data, connection logs | Legitimate interest (Art. 6.1.f): to improve user experience | Strictly necessary duration (maximum 13 months) |
| Sending commercial information (newsletter) | Email, first name, last name | Consent (Art. 6.1.a) — withdrawable at any time | Until unsubscribe or 3 years of inactivity |
| Audience measurement and statistical analysis | IP address (anonymised), analytics cookies | Consent (Art. 6.1.a) via cookie banner | Maximum 13 months |
| Website security and fraud prevention | IP address, technical logs | Legitimate interest (Art. 6.1.f): system security | Maximum 13 months |
| Performance of pre-contractual or contractual measures | Contact data, contractual data | Contract performance (Art. 6.1.b) | Duration of contract + legal obligations (10 years) |
4.1 Internal recipients
• The sales, marketing, and support teams of Data For Ethic, strictly within the limits of their respective responsibilities.
4.2 Technical service providers
Data For Ethic uses technical service providers acting as processors within the meaning of Article 28 of the GDPR, bound by contractual obligations ensuring the protection of your data:
• Website hosting provider (hosting, maintenance)
• Email marketing tool (newsletter)
• Analytics tool (audience measurement)
• Customer relationship management (CRM) solution
A detailed list of processors is available upon request sent to contact@dataforethic.com.
4.3 Administrative or judicial authorities
• Administrative or judicial authorities when required by law or in the context of legal proceedings.
Your data will never be sold, rented, or exchanged to third parties for commercial purposes.
In principle, personal data collected via the website dataforethic.com is hosted and processed within the European Union.
Some of our subprocessors may be established outside the EU (notably in the United States). In such cases, Data For Ethic ensures that the transfer is subject to appropriate safeguards in accordance with Chapter V of the GDPR:
• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decision of the European Commission (where applicable)
• Any other transfer mechanism compliant with the GDPR
To obtain information regarding the safeguards applicable to a specific transfer, you may contact our GDPR department at: contact@dataforethic.com
.
The website dataforethic.com uses cookies to ensure its proper functioning and to improve the user experience.
| Cookie type | Purpose | Legal basis |
| Technical cookies (essential) | Website operation, security, user session | Legitimate interest / Exempt from consent |
| Audience measurement cookies | Anonymous traffic statistics | Consent (Art. 6.1.a) |
| Functional cookies | Storing your preferences | Consent (Art. 6.1.a) |
7.1 Your rights
In accordance with Articles 15 to 22 of the GDPR and the French Data Protection Act, you have the following rights:
• Right of access (Art. 15 GDPR): to obtain confirmation as to whether your personal data is being processed and to receive a copy of it.
• Right to rectification (Art. 16 GDPR): to request correction of inaccurate or incomplete data.
• Right to erasure / “right to be forgotten” (Art. 17 GDPR): to obtain deletion of your data in the cases provided for by law.
• Right to restriction of processing (Art. 18 GDPR): to request suspension of processing under certain circumstances.
• Right to data portability (Art. 20 GDPR): to receive your data in a structured, commonly used format and transmit it to another controller.
• Right to object (Art. 21 GDPR): to object to processing based on legitimate interest or for direct marketing purposes.
• Right to withdraw consent: to withdraw your consent at any time, without affecting the lawfulness of processing carried out prior to withdrawal.
• Right to define post-mortem instructions: to provide directives regarding the fate of your data after your death.
7.2 How to exercise your rights
To exercise any of these rights, you may contact the data controller using one of the following methods:
By email: contact@dataforethic.com
(subject: “GDPR Rights Request”)
By postal mail: Data For Ethic — GDPR Department, 11 Avenue du Val de Fontenay, 94120 Fontenay-sous-Bois, France
We undertake to respond to your request within one month of receipt (this period may be extended by two additional months in the case of complex requests). We may require proof of identity.
If you believe that the processing of your personal data does not comply with applicable regulations, you have the right to lodge a complaint with the competent supervisory authority:
| Organization | Commission Nationale de l’Informatique et des Libertés (CNIL) |
| Postal address | 3 Place de Fontenoy — TSA 80715 75334 Paris Cedex 07, France |
| Telephone | +33 1 53 73 22 22 |
| Website | [CNIL website](https://www.cnil.fr?utm_source=chatgpt.com) |
| Online form | [CNIL complaints form](https://www.cnil.fr/fr/plaintes?utm_source=chatgpt.com) |
Data For Ethic does not carry out profiling within the meaning of Article 22 of the GDPR, nor any fully automated decision-making that produces legal effects or significantly affects you.
If such practices were to be implemented in the future, this policy would be updated accordingly and you would be informed in accordance with the requirements of the GDPR.
Data For Ethic implements appropriate technical and organisational measures to protect your personal data against any loss, destruction, alteration, unauthorized access, or disclosure, including:
• HTTPS security protocols
• Strict access control to systems and databases
• Intrusion and cyberattack protection systems
• Regular data backups
• Confidentiality and security clauses in contracts with our processors
This Privacy Policy is governed by the following legal and regulatory provisions, in particular:
• Regulation (EU) 2016/679 of 27 April 2016 (General Data Protection Regulation – GDPR)
• French Data Protection Act No. 78-17 of 6 January 1978, as amended (Loi Informatique et Libertés)
• Guidelines and recommendations issued by the French Data Protection Authority (CNIL)
• Any other applicable European or national regulations relating to personal data protection
