INEYA Privacy Policy
Data protection
Privacy Policy
What data we process on ineya.studio, why, with whom, for how long, and what your rights are.
1. Data controller
INEYA Studio is committed to protecting your personal data. This policy explains what data we process on the INEYA Studio website (https://ineya.studio), why, on what legal basis, with whom it is shared, how long it is kept, and what your rights are.
The data controller is INEYA Studio, a simplified joint-stock company with a sole shareholder (SASU) with share capital of €500, registered office at 36 rue de Wattignies, 75012 Paris, France, registered with the Paris Trade and Companies Register under number 107 137 994.
For any data-related request: contact@ineya.studio (or by post to the registered office).
2. Data we process
ineya.studio is a showcase website. Depending on your use, we may process:
- Contact data: the information you send us spontaneously when you write to us (name, e-mail address, message content);
- Technical and browsing data: IP address, browser type, pages viewed, timestamps, security logs;
- Audience measurement: aggregated, anonymous traffic statistics collected without cookies (see section 7);
- Cookies and trackers: see section 7.
The site offers neither user accounts nor online payment, so we process no login credentials or bank details. We do not collect special-category data (Article 9 GDPR) unless you voluntarily include it in a message.
3. Purposes and legal bases
We process your data for the following purposes, each relying on a legal basis under Article 6 GDPR:
- Respond to your enquiries and correspond with you — pre-contractual measures or legitimate interest;
- Ensure the security of the site, prevent fraud and abuse — legitimate interest;
- Measure audience and improve the site — legitimate interest (anonymous, aggregated measurement);
- Comply with our legal obligations — legal obligation.
4. Recipients and processors
Your data is accessible to authorised INEYA Studio staff and to our processors, selected for their security guarantees and bound by contract under Article 28 GDPR:
- OVH SAS (Roubaix, France — EU) — infrastructure hosting;
- Proprietary, cookieless, self-hosted audience measurement (France — EU) — anonymous traffic statistics, with no transmission to any advertising third party;
- Sentry (Functional Software, Inc., USA) — technical monitoring and error tracking to ensure the site's reliability.
We never sell or rent your personal data. It may be disclosed to an authority where required by law.
5. Transfers outside the EU
Our servers and hosting are located in the European Union. Technical error tracking may involve a transfer to the United States (Sentry); this transfer is governed by appropriate safeguards (European Commission Standard Contractual Clauses and/or the EU-US Data Privacy Framework), a copy of which is available on request.
6. Retention periods
- Contact messages: up to 3 years from the last exchange;
- Technical data and logs: up to 12 months;
- Audience measurement: aggregated, anonymous data kept in a form that no longer identifies you.
Beyond these periods, your data is deleted or anonymised. Data we must keep to comply with a legal obligation is retained for the period required by law.
7. Cookies and trackers
Our audience measurement is cookieless and anonymous: it sets no tracker on your device and cannot identify you. The site uses only strictly necessary cookies (for example to remember your language), which do not require your consent.
Should any non-essential trackers be added in future, they would only be set after your consent, which you could accept, refuse or withdraw at any time. Refusing non-essential trackers does not prevent access to the site.
8. Security
INEYA Studio implements appropriate technical and organisational measures to protect your data against loss, unauthorised access, disclosure or alteration: encrypted communications (HTTPS/TLS), access control, logging and regular backups.
9. Your rights
Under the GDPR and the French Data Protection Act, you have the rights of access, rectification, erasure, objection, restriction, portability, withdrawal of consent at any time, and to set directives regarding your data after your death.
To exercise them, e-mail contact@ineya.studio; we may request proof of identity in case of reasonable doubt. You may also lodge a complaint with the CNIL (French data protection authority — 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — www.cnil.fr).
10. Minors
The site is not intended for children under 15. We do not knowingly collect their data without parental consent.
11. Changes
This policy may be updated to reflect changes to the site or regulations. The version in force is the one published on this page.