Privacy Policy

Fixery® is committed to protecting the privacy of its users and clients. This Privacy Policy explains what information we collect, why we collect it, how we use it and what your rights are regarding your personal data, in accordance with the General Data Protection Regulation (GDPR).

The data controller for information collected on the website fixery.fr and via the client portal is:

Mr. Allan Desgranges (Fixery®)
Z.I. République – 120 rue du Porteau – 86000 Poitiers – France
Contact email for privacy matters: [email protected]

Fixery® acts as a data controller within the meaning of the GDPR for the processing operations described below.

We collect different categories of data for specific purposes, relying on legal bases that comply with the GDPR.

a. Customer relationship management and service delivery

• Data collected: First name, last name, email address, phone number, company details where applicable, history of subscribed services (tickets, invoices, quotes, interventions).
• Purpose: Provide the services set out in the contract, manage your client account, respond to your support requests and communicate on transactional aspects of our relationship.
• Legal basis: Performance of a contract (Article 6(1)(b) GDPR).

b. Billing and legal obligations

• Data collected: Billing information (company name, postal address, contact details, details of the services delivered).
• Purpose: Issue invoices, ensure accounting follow-up and comply with our legal and tax obligations.
• Legal basis: Legal obligation (Article 6(1)(c) GDPR).

c. Platform security and fraud prevention

• Data collected: IP address, connection logs, technical identifiers, information about the device and browser.
• Purpose: Prevent fraud, diagnose incidents, ensure the security of our information systems and protect your data.
• Legal basis: Legitimate interest (Article 6(1)(f) GDPR) in protecting our infrastructure and your data.

d. Marketing and informational communications

• Data collected: First name, last name, email address, history of the business relationship.
• Purpose: Send you, in a measured way, information about services similar to those already provided or about Fixery® news.
• Legal basis: Legitimate interest of Fixery® in informing its professional clients (Article 6(1)(f) GDPR), with the possibility for you to object to these communications at any time.

e. Audience measurement and website improvement

• Data collected: Aggregated and anonymised browsing data, pages viewed, technical events (errors, performance).
• Purpose: Improve the usability, performance and security of the website, without tracking visitors individually.
• Legal basis: Legitimate interest (Article 6(1)(f) GDPR), in line with CNIL recommendations on audience measurement exempt from consent when data is anonymised.

We keep your data only for as long as necessary for the purposes pursued, plus any applicable statutory limitation periods.

• Client account and contract data: retained for the duration of the contractual relationship, then archived for a maximum of 5 years from the end of the relationship, for evidential purposes.
• Billing and accounting data: retained for 10 years, in accordance with French legal obligations.
• Connection and security logs: retained for a maximum of 12 months to secure the platform and prevent malicious activity.
• Prospect data (contact form without contractual follow-up): retained for up to 3 years from the last contact initiated by you or left unanswered.

After these periods, data is deleted or irreversibly anonymised.

Fixery® does not sell, trade or transfer any of your identifiable personal data to commercial third parties. Your data may be disclosed only to the following recipients:

• Staff members and service providers involved in delivering the subscribed services.
• Hosting and technical service providers (for example, Automattic/WordPress.com, Cloudflare).
• Payment and billing service providers.
• Where required, administrative or judicial authorities when the law so demands.

All our processors are carefully selected for their GDPR compliance and are bound by contract to strict obligations of confidentiality, security and processing data solely on our instructions.

Some of these providers may be located outside the European Union. In such cases, we ensure that transfers are governed by mechanisms recognised by the GDPR (for example, adequacy decisions, participation in the Data Privacy Framework or standard contractual clauses).

We implement a range of technical and organisational measures to preserve the security of your personal information. In particular, we use up-to-date encryption (TLS 1.2/1.3) to protect sensitive information transmitted online. Data at rest is also encrypted on our cloud provider’s secure infrastructure.

Access to data is strictly limited based on the principle of least privilege. Only duly authorised individuals, bound by confidentiality obligations, may access your data in the course of their duties.

In accordance with the GDPR, you have the following rights regarding your data:

• Right of access: You can request a copy of the data we hold about you.
• Right to rectification: You can request the correction or updating of inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): You can request the deletion of your data, subject to our legal retention obligations.
• Right to restriction of processing: You can request that the use of your data be temporarily limited in certain cases.
• Right to object: You can object, on grounds relating to your particular situation, to certain processing operations based on our legitimate interests.
• Right to portability: You can request to receive the data you have provided to us in a structured format.
• Right to define post-mortem instructions: You can set instructions regarding the fate of your data after your death.

To exercise these rights, you can contact us at: [email protected]. If necessary, we may request proof of identity in order to verify your request.

We will endeavour to respond within one (1) month from receipt of your request, a period which may be extended by two (2) months in the event of complexity or a high number of requests.

If you are unable to resolve a difficulty with us, you also have the right to lodge a complaint with the competent supervisory authority, in particular the Commission Nationale de l’Informatique et des Libertés (CNIL): www.cnil.fr.

We mainly use technical cookies that are essential to the proper functioning of the website and your client area. Some audience measurement tools may be used in a strictly anonymous way to improve the quality of our services, without advertising tracking or individual profiling.

For more information about the types of cookies used and how to configure your browser, please consult our Cookies Policy.

This Privacy Policy may be updated from time to time to reflect regulatory, technical or organisational developments affecting our data processing activities. In the event of a material change, we will inform you by any appropriate means.

The “last updated” date at the top of this page allows you to identify the version currently in force.