Privacy Policy

The personal data controller is: SigmaCore SAS with a capital of €1,000 Registered with the Paris RCS under number 101 304 616 Head Office: 26 rue Bosquet, 75007, Paris Contact email: [email protected]

In the context of using the Service, the following categories of personal data may be processed: - identification data (last name, first name, email address, user ID); - professional data (company, role, professional contact details); - connection and technical data (IP address, logs, browser type, operating system); - Service usage data (actions performed, settings, preferences); - data voluntarily transmitted by the user while using the Service's features, including artificial intelligence features. The Service is designed based on the principle of data minimization: only data strictly necessary for providing the Service is processed.

Personal data is processed for the following purposes: - provision, operation, and improvement of the Service; - management of user accounts and customer relations; - technical assistance and support; - security, prevention of fraud and misuse; - compliance with legal and regulatory obligations.

Processing is based on the following legal grounds: - the execution of a contract or pre-contractual measures; - compliance with legal obligations; - the legitimate interest of the data controller, particularly for the security and reliability of the Service; - user consent, when required by regulations.

5.1 General Principles The Service integrates features based on artificial intelligence technologies. SigmaCore attaches particular importance to the confidentiality of data processed in this context. Data provided by users when using artificial intelligence services: - is processed exclusively to provide the requested Service; - is not used for training, improving, or reusing models; - is not viewed or read by human beings, except for legal obligations or technical intervention strictly necessary for Service security. 5.2 Encryption and Automated Processing Data is processed automatically and is subject to appropriate security measures, including: - data encryption in transit and at rest, according to current security standards; - strict access control mechanisms; - limited and secure logging for technical purposes. Where applicable, processing is carried out locally or isolated, without exposure to unauthorized external databases. In certain specific cases, anonymous external requests may be made to enrich the service (for example, to search for logos or public elements associated with an entity). These requests do not transmit any identifiable personal data of the client. The client is informed of the activation of these features; if this does not suit them, this service can be deactivated upon request. 5.3 Data Isolation User data is processed in a strictly isolated manner. No pooling, interaction, or reuse of data between different users is performed. One user's data is never used to produce results intended for another user.

The company's personal data is hosted on servers located within the European Union. This hosting ensures that the data benefits from a level of protection compliant with the General Data Protection Regulation (GDPR). The choice of this hosting is based on: - high standards in terms of security and confidentiality; - a robust legal framework regarding data protection; - anticipation of future needs related to the evolution of the company's activities.

Personal data is accessible only to: - authorized persons within SigmaCore; - technical service providers acting as subcontractors, strictly within the limits of their missions and in accordance with contractual commitments of confidentiality and security. Data is neither sold, rented, nor transferred to third parties for commercial purposes.

Personal data is retained for limited periods, proportionate to the purposes pursued: - account data: during the contractual relationship, then limited archiving; - technical and security data: strictly necessary duration; - data from artificial intelligence services: duration strictly limited to the technical needs of processing.

SigmaCore implements appropriate technical and organizational measures to guarantee: - confidentiality; - integrity; - availability of personal data; - prevention of unauthorized access, alteration, loss, or disclosure.

In accordance with applicable regulations, users have the following rights: - right of access; - right to rectification; - right to erasure; - right to restriction of processing; - right to object; - right to data portability; - right to withdraw their consent at any time when processing is based on it. These rights can be exercised by contacting: [email protected]

We use a privacy-respecting audience analysis tool to measure the use of our website and improve the user experience. The data collected is anonymized and aggregated, does not allow individuals to be personally identified, and does not result in any tracking cookies being placed or the use of advertising tracking technologies. This data is hosted on our own servers, is accessible only to our teams, and is not transferred to any third party or country outside the European Union.

The site uses session cookies strictly necessary for its proper functioning. These cookies do not allow users to be tracked for advertising purposes and are automatically deleted at the end of the session.

Users may lodge a complaint with the competent supervisory authority, particularly the CNIL, if they believe that the processing of their personal data violates applicable regulations.

This privacy policy may be modified at any time to reflect legal, regulatory, or technical changes. The applicable version is the one published on the Service on the date of consultation.