FR EN
Free audit
Personal data

Privacy policy

How we collect, use and protect your personal data.

Data controller

The controller of personal data collected on this site is Doveaia (Parc Lorans — Bâtiment 1G, Rue Jean-Marie Huchet, 35000 Rennes, France).

Contact: [email protected].

Data collected

We only collect data necessary for the purposes described below:

  • Booking form (/en/book/): name, company, work email, phone (optional), training and session, format, number of attendees, free-text notes.
  • Scheduling: if you use the Microsoft Bookings calendar via /en/contact/, the data you provide to Microsoft is governed by the Microsoft privacy statement.
  • Technical data: standard HTTP requests are logged by our host Cloudflare for security purposes (IP address, user-agent, requested URL, timestamp). No third-party analytics cookie is placed on this site.
  • Cloudflare Turnstile: an anti-bot challenge may appear on the booking form. Cloudflare collects technical signals (no tracking cookie) to distinguish a human visitor from a bot, as documented in its privacy reference.

Purposes

  • Answer your booking, quote and contact requests.
  • Issue training agreements, quotes and invoices for our services.
  • Preserve site security and prevent abuse.
  • Comply with our legal and accounting obligations.
  • Performance of pre-contractual measures or of the contract (GDPR art. 6.1.b) for request forms.
  • Legitimate interest (GDPR art. 6.1.f) for site security and fraud prevention.
  • Legal obligation (GDPR art. 6.1.c) for accounting retention.

Recipients

Your data is intended exclusively for Doveaia. It may be shared with our technical processors (Cloudflare host, email provider, billing service), bound by a data-processing agreement and confidentiality.

No data is sold, transferred or shared for third-party prospecting purposes.

Retention period

  • Unconverted contact / booking requests: 12 months from the last exchange.
  • Contractual data (customers, quotes, trainings): 10 years from the end of the relationship, in accordance with legal and accounting obligations.
  • Security logs: 12 months maximum.

Your rights

Under the GDPR and the French Data Protection Act, you have the following rights: access, rectification, erasure, restriction, objection, portability, withdrawal of consent at any time.

To exercise these rights, contact us at [email protected]. We reply within one month.

If you believe your rights have not been respected, you may lodge a complaint with the French data-protection authority CNIL (www.cnil.fr) or your local supervisory authority.

Security

We implement reasonable technical and organizational measures to preserve the integrity and confidentiality of data: HTTPS required, restricted access, at-rest encryption at our subprocessors, access monitoring.

Changes

This policy may change to reflect legal or technical updates. The version in force is the one published on this page.

Version in force as of 9 May 2026.