AldenSync respects your privacy. This policy explains what personal data we collect, why we collect it, and your rights under GDPR.
1. Data Controller
AldenSync — hello@aldensync.com
2. Data We Collect
- Contact form & qualification form data: name, email, company, role, project context.
- Technical data: IP address, browser, device type, pages visited (via privacy-friendly analytics).
- Communication history: emails and messages exchanged with our team.
3. Why We Collect It
- Respond to your inquiries and qualify projects.
- Send you proposals, contracts, and project updates.
- Improve our website and services.
- Comply with legal and accounting obligations.
4. Legal Basis
We process your data based on: your consent (forms), legitimate interest (analytics, prospecting), contract execution (clients), and legal obligations (invoicing, tax).
5. Retention
- Prospect data: 3 years after last contact.
- Client data: duration of contract + 10 years (legal accounting).
- Analytics: 13 months maximum.
6. Sharing
We never sell your data. We share data only with sub-processors necessary for service delivery (hosting, email, analytics), all GDPR-compliant.
7. Your Rights (GDPR)
- Access, rectification, erasure of your data.
- Portability and restriction of processing.
- Object to processing (including direct marketing).
- Lodge a complaint with the CNIL (French data protection authority).
To exercise these rights: hello@aldensync.com.
8. Security
We implement technical and organizational measures (encryption in transit and at rest, access controls, RLS on databases) to protect your data.
9. International Transfers
Some of our sub-processors are located outside the EU. In such cases, we use Standard Contractual Clauses (SCCs) to ensure adequate protection.