Legal information | VERTIGO LAB

In accordance with the provisions of Articles 6-III and 19 of Law No. 2004-575 of June 21, 2004 for Confidence in the Digital Economy (known as LCEN), the following legal notices are brought to the attention of users and visitors of the site VERTIGO LAB.

Site publisher

The site accessible at the address

The site accessible at https://vertigolab.eu/ is published by:

Legal representative:

Legal representative: Thomas BINET, as President
Email address: https://www.ovhcloud.com
Phone: 0646186506
APE Code: Intracommunity VAT number:
VAT identification number: Publication director

The publication director of the site is

The publication director of the site is Thomas Binet, reachable at the email address https://www.ovhcloud.com.

The site VERTIGO LAB is hosted by:

OVH SAS

Address: [[NUM]] rue Kellermann, [[NUM]] Roubaix, France
Phone: 1007
Phone: 1007
Website: Legal information Legal notices Terms of Use Cookies Legal notices In accordance with the provisions of articles [[NUM]]-III and [[NUM]] of law no. [[NUM]]-[[NUM]] of [[NUM]] June [[NUM]] for Confidence in the Digital Economy (known as LCEN), users and visitors of the site VERTIGO LAB are informed of the following legal notices. The connection...

All content on the site VERTIGO LAB (texts, images, videos, graphics, logos, icons, sounds, software, etc.) is protected by French and international intellectual property laws.

Any reproduction, representation, modification, publication, adaptation, in whole or in part, of any of these elements, by any means or process, is prohibited without prior written permission from the publisher.

Any unauthorized use of the site or any of the elements it contains will be considered as constituting an infringement and will be prosecuted in accordance with the provisions of articles L.[[NUM]]-[[NUM]] and following of the Intellectual Property Code.

Limitation of liability

The publisher of the site VERTIGO LAB strives to provide information that is as accurate as possible.

The publisher cannot be held responsible for direct or indirect damages resulting from access to or use of the site, including inaccessibility, data loss, deterioration, destruction, or viruses that may affect the user's computer equipment.

Hyperlinks

The site VERTIGO LAB may contain hyperlinks to other websites. The publisher has no means of controlling the content of these third-party sites and assumes no responsibility for this.

Personal data and cookies

The site VERTIGO LAB collects personal data as part of its operation. To learn more about how your personal data is managed and the use of cookies, please consult our

The site VERTIGO LAB collects personal data as part of its operation. To learn more about the management of your personal data and the use of cookies, please consult our Privacy Policy and our Cookie Management Policy.

These legal notices are governed by French law. In case of dispute, and after failing to find an amicable solution, French courts will have sole jurisdiction.

Last updated: [[NUM]] April [[NUM]]

[[EMAIL]]

This privacy policy aims to inform users of the site VERTIGO LAB (https://vertigolab.eu/) about the methods of collecting and processing their personal data, in accordance with the Regulation (EU) 2016/679 of April 27, 2016 (General Data Protection Regulation — GDPR) and the Law No. 78-17 of January 6, 1978 relating to data processing, files, and freedoms, as amended.

1. Data Controller

The data controller for personal data is:

VERTIGO LAB
Represented by Thomas BINET
Address: 1510 route du Stade, Lieudit Pigaillon, 47700 ANZEX, France
Email: https://www.ovhcloud.com

2. Personal Data Collected

In the context of using the site VERTIGO LAB and its services, the following categories of personal data may be collected:

First and last name
Email address
SIRET and information related to the company

3. Purposes and Legal Bases for Processing

In accordance with Article 6 of the GDPR, each processing of personal data is based on a specific legal basis. The table below details the purposes, legal bases, and retention periods applicable:

Purpose of processing	Legal basis	Data concerned	Retention period
Technical operation of the site Ensure the proper functioning, security, and technical optimization of the site	Legitimate interest of the data controller (Article 6.1.f GDPR)	IP address, connection data, browser type, pages viewed	1 year (connection logs) — 13 months maximum for audience measurement data
Management of contact requests Respond to information requests submitted via the contact form	Consent of the individual (Article 6.1.a) or pre-contractual measures at the request of the individual (Article 6.1.b)	First name, last name, email, phone, message content	3 years from the last contact (CNIL recommendation regarding prospect management)
Sending commercial communications (newsletter) Sending information, news, and offers to registered individuals	Explicit consent of the individual (Article 6.1.a GDPR and Article L.34-5 of the CPCE)	Email, first name (if applicable), open and click statistics	Until consent is withdrawn (unsubscribe), then 3 years from the unsubscription
Audience measurement and advertising tracking Analyzing site traffic, improving user experience, and, if applicable, displaying targeted advertisements	Explicit consent of the individual (Article 6.1.a GDPR and Article 82 of the Data Protection Act)	Cookie identifiers, browsing data, truncated IP address, advertising identifiers	13 months maximum from the deposit of the cookie (CNIL recommendation of 17 September 2020)
Management of downloads (lead magnet) Sending downloadable resources (ebooks, guides, etc.) to individuals who have completed the dedicated form	Consent of the individual (Article 6.1.a GDPR)	Email, first name (if applicable)	3 years from the last contact

4. Retention Periods

Personal data is retained for the strictly necessary duration for the purposes for which it is processed, as indicated in the table above. Beyond these periods, the data is deleted or anonymized irreversibly.

Certain data may be retained longer in case of legal obligation:

Billing and accounting data: 10 years from the end of the fiscal year (Article L.123-22 of the Commercial Code);
Contractual data: 5 years from the end of the contractual relationship (civil law prescription, Article 2224 of the Civil Code);
Connection data (logs): 1 year (Decree No. 2011-219 of February 25, 2011).

5. Recipients of the Data

The personal data collected is intended for the data controller and, where applicable, its subcontractors acting on its behalf and according to its instructions, in strict compliance with the GDPR.

The subcontractors currently involved in data processing are:

Address: [[NUM]] rue Kellermann, [[NUM]] Roubaix, France — hosting of the site and data
Mailchimp — management and sending of newsletters
Google LLC — audience measurement (Google Analytics), tag management (Google Tag Manager), and/or advertising (Google Ads)

Each subcontractor is bound by a processing contract in accordance with Article 28 of the GDPR, ensuring the security and confidentiality of the data processed on behalf of the data controller.

No personal data is transferred, sold, or exchanged for commercial purposes with third parties unrelated to the purposes described in this policy.

6. Data Security

The data controller implements all appropriate technical and organizational measures as defined in Article 32 of the GDPR to ensure the security, integrity, and confidentiality of personal data, and in particular to prevent them from being distorted, damaged, or accessed by unauthorized third parties.

The measures include:

Encryption of data in transit (HTTPS / TLS protocol);
Regular backups of data;
Limiting access to data to authorized personnel only;
Regular updates of software and security systems.

7. Your Rights

In accordance with Articles 15 to 22 of the GDPR and Articles 48 to 56 of the Data Protection Act, you have the following rights regarding your personal data:

Right of access (article 15 GDPR): obtain confirmation that your data is being processed and receive a copy in a structured format;
Right to rectification (article 16 GDPR): have any inaccurate or incomplete data concerning you corrected;
Right to erasure (Article 17 GDPR): request the deletion of your data under the conditions set by the regulation;
Right to restriction of processing (Article 18 GDPR): obtain the restriction of processing your data in certain cases provided by the GDPR;
Right to object (Article 21 GDPR): object to the processing of your data for reasons related to your particular situation, or object to processing for commercial prospecting purposes;
Right to data portability (Article 20 GDPR): receive the data you have provided in a structured, commonly used, and machine-readable format;
Right to withdraw consent: withdraw your consent at any time for processing based on this legal basis, without affecting the lawfulness of processing carried out before the withdrawal;
Right to set post-mortem directives: define directives regarding the retention, deletion, and communication of your data after your death (Article 85 of the Data Protection Act).

To exercise any of these rights, send your request along with proof of identity to:

Email: https://www.ovhcloud.com
Mail: VERTIGO LAB — 1510 route du Stade, Lieudit Pigaillon, 47700 ANZEX, France

The data controller commits to responding to your request within a maximum period of one month from its receipt, in accordance with Article 12.3 of the GDPR. This period may be extended by an additional two months in case of complexity of the request.

8. Complaint to the CNIL

If you believe, after contacting us, that your rights regarding your personal data are not being respected, you have the option to file a complaint with the National Commission for Information Technology and Freedoms (CNIL):

Address: 3, place de Fontenoy — TSA 80715 — 75334 PARIS CEDEX 07
Phone: 01 53 73 22 22
Website: www.cnil.fr

[[EMAIL]]

This policy aims to inform users of the site VERTIGO LAB (https://vertigolab.eu/) about how cookies and other trackers are used, in accordance with the Article 82 of the Data Protection Act, the Directive 2002/58/EC (ePrivacy), and the CNIL guidelines of September 17, 2020 regarding cookies and other trackers.

1. What is a cookie?

A cookie is a small text file placed and/or read on the user's terminal (computer, tablet, smartphone) when visiting a website. Cookies can be placed by the site itself ("first party" cookies) or by third-party services integrated into the site ("third party" cookies).

2. Strictly Necessary Cookies (exempt from consent)

Some cookies are essential for the functioning of the site and do not require your prior consent, in accordance with Article 82 of the Data Protection Act. These include cookies:

For session management (authentication, shopping cart);
For remembering user preferences related to the interface (language, accessibility);
For security (CSRF tokens, anti-bot protection);
For server load balancing.

These cookies are placed as soon as you arrive on the site. Refusing them may prevent the use of certain essential features.

3. Cookies Subject to Your Consent

All other cookies — including audience measurement cookies, personalization cookies, targeted advertising cookies, and social media sharing cookies — are only placed after obtaining your free, specific, informed, and unequivocal consent.

No cookies subject to consent are placed or read on your terminal until you have given your agreement. Refusing these cookies does not prevent navigation on the site.

Tool	Purpose	Publisher	Duration	Consent
Google Analytics 4 (GA4)	Audience measurement: tracking the number of visitors, pages viewed, duration of visits, and traffic sources	Google LLC (United States)	14 months	Consent required
Google Tag Manager	Tag manager: technical tool for deploying tracking scripts	Google LLC (United States)	No specific cookie	Consent required (triggers cookies subject to consent)

4. Managing Your Consent

When you first visit the site, an information banner allows you to accept or refuse the placement of each category of cookies.

You can at any time modify your preferences:

By clicking on the cookie management link present in the footer of the site;
By deleting cookies directly from your browser settings.

In accordance with CNIL recommendations, your consent is retained for a maximum period of 13 months. At the end of this period, your choice will be requested again.

Refusing cookies is as simple as accepting them: a "Reject All" or "Continue without Accepting" button is available at the same reading level as the acceptance button, in accordance with CNIL guidelines.

5. Managing Cookies via Your Browser

Regardless of our consent management tool, you can configure your browser to accept, refuse, or delete cookies:

Google Chrome: Settings → Privacy and security → Cookies and other site data
Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data
Apple Safari: Preferences → Privacy → Manage Website Data
Microsoft Edge: Settings → Cookies and site permissions → Manage and delete cookies

Deleting or blocking certain cookies may degrade the browsing experience and prevent access to certain features of the site.

6. Learn More

To learn more about cookies and your rights, you can visit the CNIL website: www.cnil.fr/fr/cookies-et-autres-traceurs.

For any questions regarding this policy, please contact us at: https://www.ovhcloud.com.