SStudio S.

Privacy Policy

Preamble

This Policy describes how SEMMEL CONSULTING ("Studio S.") collects, uses, and protects your personal data in accordance with Regulation (EU) 2016/679 of April 27, 2016 (GDPR) and French Act No. 78-17 of January 6, 1978 as amended.

1. Data Controller

SEMMEL CONSULTING — SAS with share capital of €1,000
21 rue Jean-Baptiste Dumas, 75017 Paris, France
Represented by: Charles Semmel, President
GDPR contact: semmelconsulting@gmail.com

2. Data Collected

Studio S. may collect:

  • Identification data: last name, first name, email, phone
  • Appointment data: time slot, message
  • Technical data: IP, browser, pages visited (anonymized)
  • Payment data: processed exclusively by Stripe, never stored by Studio S.
  • Cookies (see section 7)

3. Purposes

  • Respond to inquiries and schedule calls
  • Issue quotes and conclude contracts
  • Issue invoices and manage commercial follow-up
  • Improve the website (anonymized analytics)
  • Communicate news (with consent only)

4. Legal Bases

  • Contract performance (Art. 6.1.b GDPR)
  • Consent (Art. 6.1.a GDPR) for newsletter and non-essential cookies
  • Legal obligation (Art. 6.1.c GDPR) for invoicing and accounting
  • Legitimate interest (Art. 6.1.f GDPR) for service improvement

5. Retention Period

  • Prospect data: 3 years from last contact
  • Client data: 10 years (accounting obligation)
  • Connection data: 13 months maximum
  • Cookies: 13 months maximum

6. Recipients

Your data is never sold. It may be shared with:

  • Stripe (payment)
  • Calendly (call scheduling)
  • Resend (transactional emails)
  • Supabase (database)
  • Lovable (hosting)
  • Plausible Analytics (anonymized statistics, no cookie)
  • Meta / Google (only if you clicked on an ad)

7. Cookies

The website uses:

  • Functional cookies (language, preferences) — no consent required
  • Plausible Analytics — no tracking cookie, no consent required
  • Meta Pixel and Google Tag Manager — subject to prior consent via the cookie banner

8. Your Rights

You have the following rights (GDPR):

  • Right of access (Art. 15)
  • Right of rectification (Art. 16)
  • Right to erasure (Art. 17)
  • Right to restriction of processing (Art. 18)
  • Right to portability (Art. 20)
  • Right to object (Art. 21)
  • Right to withdraw consent at any time

To exercise these rights: semmelconsulting@gmail.com

You may file a complaint with the CNIL: https://www.cnil.fr

9. Security

Technical measures: HTTPS encryption, strong authentication, regular backups, restricted access to authorized personnel.

10. Changes

This policy may be modified at any time.

Last updated: June 3, 2026.