Privacy Policy
1. Data Controller
The controller of your personal data is:
- Company Name: [COMPANY NAME]
- Address: [COMPLETE ADDRESS]
- Email: privacy@inyx.io
2. Data Collected
2.1 Via the Contact Form
| Data | Required | Purpose |
|---|---|---|
| First and Last Name | Yes | Identification and personalization of response |
| Email Address | Yes | Sending response to your inquiry |
| Message Subject | Yes | Qualification and routing of inquiry |
| Message Content | Yes | Processing your inquiry |
| IP Address (server log) | Auto | Security, spam prevention |
2.2 Via Your Client Area (ClientExec)
| Data | Required | Purpose |
|---|---|---|
| Name and First Name | Yes | Identification, billing |
| Email Address | Yes | Communication, service alerts |
| Postal Address | Yes | Legal billing |
| Payment Information | Yes | Payment processing (via secure provider) |
| Service Usage Data | Auto | Resource management, billing |
| Login Logs | Auto | Security, audit, technical support |
2.3 Automatically Collected Technical Data
During your navigation on the website, we automatically collect:
- IP address (anonymized after 30 days)
- Browser type and version
- Operating system
- Pages visited and viewing duration
- Referral URL
This data is collected for security and performance purposes, and is not used for marketing profiling.
3. Purposes and Legal Basis of Processing
| Purpose | Legal Basis (GDPR) |
|---|---|
| Responding to your contact requests | Legitimate interest (Art. 6.1.f) |
| Execution of hosting contract | Contract performance (Art. 6.1.b) |
| Billing and accounting | Legal obligation (Art. 6.1.c) |
| Security and fraud prevention | Legitimate interest (Art. 6.1.f) |
| Service update communications | Legitimate interest / Consent (Art. 6.1.a) |
| Service improvement | Legitimate interest (Art. 6.1.f) |
4. Retention Periods
| Data Category | Retention Period |
|---|---|
| Contact Data (contact form) | 3 years from last contact |
| Client Account Data | Contract duration + 3 years (legal limitation period) |
| Billing Data | 10 years (legal accounting requirement) |
| Server Logs | 12 months (French regulation) |
| Client Area Login Data | 6 months rolling |
| Backups | 30 days rolling |
5. Recipients of Data
Your personal data is intended exclusively for:
- inyx.io's Internal Teams (support, billing, technical)
- Payment Provider: secure processing of bank transactions โ only payment tokens are stored, never raw card data
- Infrastructure Provider (European datacenters) โ limited access to technical operations data
We never sell, rent, or transfer your personal data to third parties for commercial purposes.
6. Non-EU Transfers
No transfer of your personal data outside the European Union is performed.
Our entire infrastructure (servers, backups, logs) is hosted in datacenters located in France, Italy, Netherlands, and Poland, all subject to European law and the GDPR.
Our service providers are also selected based on their location in Europe or the existence of adequate legal safeguards (Standard Contractual Clauses approved by the European Commission).
7. Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access (Art. 15): obtain a copy of your data
- Right to Rectification (Art. 16): correct inaccurate data
- Right to Erasure (Art. 17): request deletion of your data ("right to be forgotten"), subject to legal retention obligations
- Right to Restriction (Art. 18): temporarily restrict processing
- Right to Portability (Art. 20): receive your data in a structured, machine-readable format
- Right to Object (Art. 21): object to processing based on legitimate interest
- Right to Withdraw Consent: at any time, for processing based on consent
How to Exercise Your Rights
Send your request by email to privacy@inyx.io specifying:
- The right you wish to exercise
- A copy of your ID (for access or deletion requests)
We will respond within one month maximum (this period may be extended by two additional months for complex requests, with prior notification).
Complaint to Data Protection Authority
If you believe your rights are not being respected, you may lodge a complaint with the competent data protection authority in your jurisdiction. For EU residents, you may file a complaint with your national data protection authority.
8. Data Security
inyx.io implements appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, alteration, or disclosure:
- Encryption of data in transit (TLS 1.3)
- Encryption of data at rest
- Data access limited to authorized personnel by principle of least privilege
- Two-factor authentication (2FA) for access to management systems
- Encrypted daily backups
- Real-time security monitoring and alerts
- Security updates applied within 48 hours of publication
In the event of a personal data breach likely to result in high risk to your rights and freedoms, we undertake to notify you as soon as possible, in accordance with GDPR Article 34.
9. Cookies
Strictly Necessary Cookies (no consent required)
| Name | Duration | Purpose |
|---|---|---|
PHPSESSID | Session | Contact form protection (anti-spam, rate limiting) |
We use no third-party advertising, analytics, or tracking cookies. If we deploy any in the future, your explicit consent would be obtained in advance.
10. Minors
Our services are intended for adults (18 years or older). We do not knowingly collect personal data concerning minors. If you believe a minor has provided us with their data, contact us at privacy@inyx.io to request its deletion.
11. Policy Changes
inyx.io reserves the right to modify this Privacy Policy at any time, particularly to comply with legal, regulatory, or technical developments. The update date is indicated at the top of this document.
In the event of substantial modifications affecting your rights, we will inform you by email at least 30 days before the modifications take effect.
12. Contact โ Data Protection Officer
For any questions relating to the protection of your personal data:
- Email: privacy@inyx.io
- Mail: [COMPANY NAME] โ Data Protection Officer โ [ADDRESS]
Other documents: Legal Notice ยท Terms of Service