Privacy Policy

1. Data controller

The controller of your personal data is:

• Codium SAS
• 10 Rue Cardinal Morlot, 52200 Langres, France
• Email: contact@codium.fr
• Phone: 09 50 16 03 52

2. Data collected

Codium SAS collects the following personal data:

Via the contact form

• First name and surname
• Professional email address
• Phone number (optional)
• Company name (optional)
• Subject and content of the message

Via cookies and browsing

• IP address (anonymised)
• Pages visited and visit duration
• Browser type and operating system
• Traffic source (referrer)

3. Purposes of processing

Your data is collected for the following purposes:

• Responding to your contact requests — legal basis: performance of pre-contractual measures (Art. 6.1.b GDPR)
• Improving our website via anonymised navigation statistics — legal basis: legitimate interest (Art. 6.1.f GDPR), subject to your consent for non-essential cookies
• Compliance with legal obligations — legal basis: legal obligation (Art. 6.1.c GDPR)

4. Retention period

• Contact data: retained for 3 years from the last exchange, in accordance with CNIL recommendations
• Navigation data: maximum 13 months (cookie lifetime)
• Accounting and contractual data: 10 years (legal obligation)

5. Cookies

Our website uses cookies. A cookie is a small text file placed on your device when you visit.

Essential cookies (no consent required)

• Cookie preference (codium_cookie_consent): remembers your choice to accept or decline cookies — duration: 12 months

Analytical cookies (consent required)

If you accept cookies, we may use audience analysis tools (e.g. Google Analytics or Matomo) to measure website traffic. These tools may place cookies on your device for a maximum duration of 13 months.

You can withdraw your consent at any time by resetting your cookie preferences.

6. Data sharing

Codium SAS does not sell, rent or transfer your personal data to third parties for commercial purposes. Your data may be transmitted to:

• Our hosting provider Infomaniak Network SA (Switzerland) — for website and mail server hosting, governed by standard contractual clauses compliant with GDPR
• Technical service providers strictly necessary for website operation, subject to the same confidentiality obligations

7. Your rights

In accordance with the General Data Protection Regulation (GDPR — EU Regulation 2016/679), you have the following rights:

• Right of access: obtain confirmation that data concerning you is being processed and obtain a copy
• Right of rectification: correct inaccurate or incomplete data
• Right to erasure ("right to be forgotten"): request deletion of your data, subject to legal retention obligations
• Right to restriction: request temporary suspension of processing
• Right to data portability: receive your data in a structured, machine-readable format
• Right to object: object at any time to the processing of your data, particularly for prospecting purposes

To exercise your rights, contact us at: contact@codium.fr

You also have the right to lodge a complaint with the CNIL (French Data Protection Authority): www.cnil.fr

8. Security

Codium SAS implements appropriate technical and organisational measures to protect your personal data against loss, destruction, alteration, unauthorised access or disclosure. The website is served over HTTPS (TLS encryption).

9. Transfers outside the EU

Your data is hosted in Switzerland, a country recognised by the European Commission as providing an adequate level of protection (adequacy decision). No transfers to third countries take place without appropriate safeguards.

10. Policy amendments

Codium SAS reserves the right to amend this privacy policy at any time. Any changes will be published on this page with an updated date below. We encourage you to regularly consult this page.

Last updated: March 2025