VN ConseilVN ConseilLe Cabinet Augmenté

Legal information

Privacy policy

How VN Conseil collects, uses and protects your personal data when you browse the site and submit contact requests.

Last updated: 22 June 2026. This policy applies to all personal data processing carried out by VN Conseil SAS via the vn-conseil.com site.

Data controller

The data controller is VN Conseil SAS, a French simplified joint-stock company registered with the Créteil RCS under SIREN 987 514 361, with its registered office at 4 rue de Budapest, 94140 Alfortville.

Given the size of the company and the nature of the processing carried out, VN Conseil is not required to appoint a Data Protection Officer (DPO) under article 37 of the GDPR. Any data protection question can be sent to contact@vn-conseil.com.

Personal data collected

The only personal data collected via the site is the data you voluntarily provide by filling in the contact form available on the /contact :

  • First and last name
  • Email address
  • Phone number (optional)
  • Company name (optional)
  • Practice concerned and package considered (optional)
  • Free-text content of your message

No sensitive data within the meaning of article 9 of the GDPR (health, political or religious opinions, etc.) is collected. No advertising tracker, profiling or analytics cookie is used: browsing the site does not generate automatic collection of personal data beyond technical server logs (IP address, timestamp, URL called, user-agent), retained for security and fraud prevention purposes.

Purposes and legal bases

PurposeLegal basis
Respond to your contact or quote requestPre-contractual measures at your request (GDPR art. 6.1.b)
Keep the history of business exchangesLegitimate interest of VN Conseil in following up its prospection (GDPR art. 6.1.f)
Site security and fraud preventionLegitimate interest (GDPR art. 6.1.f)
Compliance with legal and accounting obligationsLegal obligation (GDPR art. 6.1.c)

No processing is based on consent within the meaning of the GDPR: the acceptance box on the contact form is a transparency formality reminding you of the processing terms and enabling data submission, not a revocable prior consent.

Retention periods

  • Prospects with no follow-up: data from a visitor who made contact but did not become a client is retained for 3 years from the last meaningful exchange, in line with CNIL recommendations on commercial prospection.
  • Clients: contractual data is retained for 5 years from the end of the contractual relationship (civil limitation period applicable to commercial contracts).
  • Accounting documents and invoices: 10 years in accordance with article L. 123-22 of the French Commercial Code.
  • Technical site access logs: maximum 12 months, in accordance with article L. 34-1 of the French Post and Electronic Communications Code.

Data recipients

The data collected is accessible only to VN Conseil partners and collaborators who need it to respond to your request, strictly within the scope of their duties.

Two technical processors within the meaning of article 28 of the GDPR act on behalf of VN Conseil:

  • Microsoft Ireland Operations Limited (Microsoft Azure) — site hosting and data storage. Data centre located in the European Union (Westeurope region — Netherlands). Microsoft is certified ISO 27001, 27017, 27018 and SOC 2.
  • Microsoft Ireland Operations Limited (Microsoft 365 / Exchange Online) — routing of emails between the site and our professional mailboxes.

No data is sold, rented or transferred to third parties for commercial purposes. Your data may be transmitted to the competent authorities in the event of a legally founded judicial or administrative requisition.

Transfers outside the European Union

The Azure servers used by VN Conseil are located in the European Union. No transfer to a third country is made as part of routine hosting and processing. Microsoft, as an international group, may occasionally need to access certain data for technical support purposes from a third country, under appropriate safeguards (standard contractual clauses adopted by the European Commission).

Security

The site is exposed exclusively over HTTPS (TLS 1.2 or above). Lead submission to our professional mailboxes is performed via the Microsoft Graph API using an Azure managed identity, with no secret stored in clear. Access to data is restricted by state-of-the-art authentication and authorisation controls.

Your rights

Under articles 15 to 22 of the GDPR and the French Data Protection Act as amended, you have the following rights regarding your data:

  • Right of access: obtain confirmation that your data is being processed and obtain a copy.
  • Right of rectification: have inaccurate or incomplete data corrected.
  • Right to erasure ("right to be forgotten"): obtain the deletion of your data, within the limits allowed by law (in particular accounting retention obligations).
  • Right to restriction: suspend the processing of your data in certain situations.
  • Right to portability: retrieve your data in a structured, machine-readable format.
  • Right to object: object, on grounds relating to your particular situation, to processing based on our legitimate interest.
  • Right to issue post-mortem directives: organise the fate of your data after your death.

To exercise these rights, send an email to contact@vn-conseil.com specifying your request and attaching, if necessary, proof of identity. We commit to respond within one month from receipt of your request.

If you consider that your rights are not respected, you have the right to lodge a complaint with the CNIL: cnil.fr/fr/plaintes.

Updates to this policy

This policy may be updated to reflect changes in our practices, our processors or applicable regulation. The current version is always available at https://www.vn-conseil.com/en/politique-confidentialite. The last update date is shown at the top of the page.