← Back to home

PRIVACY POLICY — CYFYN

Last updated: 16/12/2025

This Privacy Policy explains how CYFYN (the "Company", "we") collects and processes personal data when you browse our website, contact us, request a demo, and (if applicable) use our Platform.

1. Controller / Processor Roles

  • Website: we act as data controller for website-related processing (contact/demo requests).
  • Platform (if applicable): when processing personal data on behalf of a business Customer through the Platform, we typically act as data processor and the Customer acts as data controller. A DPA may apply.

2. Data We Collect

Depending on your interaction:

  • Contact and identity data: name, business email, company, job title, phone number (if provided).
  • Communications: messages you send via forms or email.
  • Technical data: IP address, timestamps, basic logs for security and troubleshooting.
  • Platform account data (if applicable): user identifiers, roles/permissions, login events.
  • Customer Content (if applicable): data uploaded or generated in the Platform which may include personal data if the Customer includes it.

3. Purposes and Legal Bases

We process personal data to:

  • Respond to demo/contact requests (legitimate interest and/or pre-contractual steps).
  • Provide and secure the Services (performance of a contract and legitimate interest in security).
  • Handle support requests (legitimate interest and/or contract).
  • Meet legal obligations (legal obligation).

We do not use marketing/analytics tools at this stage (to update if this changes).

4. Recipients

Personal data may be accessed by:

  • authorised Company personnel (need-to-know basis),
  • hosting and infrastructure providers strictly for operating the Services.

5. Hosting and Transfers

Our infrastructure is hosted on AWS (Ireland region). The AWS contracting entity for EMEA is Amazon Web Services EMEA SARL (Luxembourg).

If personal data is transferred outside the EEA in the future (e.g., due to new vendors), we will implement appropriate safeguards (such as Standard Contractual Clauses) where required.

6. Retention

  • Contact/demo requests: retained for [● months] after last interaction.
  • Security logs: retained for [● days/months].
  • Platform account data (if applicable): retained for the duration of the customer relationship, then archived/deleted per legal and contractual requirements.

7. Your Rights

Subject to applicable law, you may have the right to access, rectify, delete, restrict or object to processing, and to lodge a complaint with the relevant authority (e.g., CNIL in France).

Where we act as processor for Platform data, requests should typically be directed to the Customer (controller), and we will assist as required.

8. Security

We implement reasonable technical and organisational measures to protect personal data (access controls, encryption in transit, logging, backups, etc.). No system is perfectly secure, but we continuously work to reduce risk.

9. Contact

Privacy inquiries: contact@cyfyn.com

Postal address: Appartement B21, 9 Rue Benoît Sourigues, 64100 Bayonne, France

10. Updates

We may update this Privacy Policy from time to time. The latest version is the one published on this page with the "Last updated" date.