Skip to main content

Privacy Policy (GDPR)

1) Who is responsible for your data?

The data controller is KURYBEES (SASU), registered office: 6 rue d’Armaillé, 75017 Paris, France.
Contact: contact@kurybees.com

2) What data do we collect?

We only collect data that is necessary depending on how you use the website:

  • Identification and contact data: name, surname, company, email address, message (when you contact us via a form or by email).
  • Technical browsing data: IP address, browser type, technical logs, pages viewed (data generally collected via hosting and/or analytics tools if enabled).
  • Cookies and trackers: depending on your choices (see Cookie Policy).

We never request “sensitive” data (health, political opinions, etc.). Please do not send us any.

3) Why do we use your data?

We use your data to:

  • Respond to your requests (contact, information, quotes, appointments).
  • Manage the business relationship (follow-up discussions, proposals, contracts where applicable).
  • Ensure website security and proper operation (fraud/attack prevention, logs).
  • Improve the website and measure audience (only if you accept it when consent is required).

4) What is the legal basis?

Depending on the situation, processing is based on:

  • Your consent (e.g., non-essential cookies, certain analytics, if enabled).
  • Our legitimate interests (e.g., website security, handling B2B requests, service improvement).
  • Pre-contractual/contractual measures (e.g., quote requests, service delivery).

5) Who has access to your data?

Your data may be accessed by:

  • Authorized personnel at KURYBEES (strictly on a need-to-know basis).
  • Our technical service providers acting as processors, including:
    • OVH (website hosting),
    • WEB MEDIA Agency (website development/maintenance),
    • and, where applicable, tools used for email, analytics, forms, appointment booking, etc.

We do not sell your data. We only share it with providers necessary to deliver the service.

6) Where is your data stored? Transfers outside the EU

We prioritize hosting and service providers located in the European Union.
If a provider processes data outside the EU, we implement appropriate safeguards (e.g., Standard Contractual Clauses approved by the European Commission).

7) How long do we keep your data?

We apply proportionate retention periods:

  • Contact form / email enquiries (prospects): up to 3 years after the last contact.
  • Contractual relationships: for the duration of the contract, then archived as required by law (accounting, disputes).
  • Technical/security logs: limited period (generally up to 12 months maximum, depending on the type of logs).
  • Cookies: see Cookie Policy.

8) Your rights

You have the following rights: access, rectification, erasure, objection, restriction, data portability (where applicable), and the right to withdraw consent at any time for relevant processing.

To exercise your rights: contact@kurybees.com
We may request proof of identity in case of reasonable doubt.

You may also lodge a complaint with the French Data Protection Authority (CNIL).

9) Security

We implement appropriate security measures: access control, limited authorizations, secure services and hosting, backups and technical monitoring (depending on the services enabled).

10) Updates

This policy may change to reflect website, service, or legal updates. The online version is the applicable version.