Privacy policy

Last update, September 28 2020

Protecting your personal data is a major concern at HINFACT. This privacy policy explains as clearly and as accurately as possible how HINFACT collects and processes your personal data when you are visiting the website to offer you the best service.


Our commitment to data privacy

When you are visiting the website, HINFACT SAS, an “SAS” company registered at the Trade Register of Toulouse under number 843 408 022 with a share capital of 20,000 euros, represented by Thomas Bessière, its CEO (“HINFACT”), acts as data controller according to article 4 of GDPR.

As data controller, HINFACT determines the means by which and the purposes for which personal data is processed, to offer its users its services. HINFACT and its teams care about data protection. That’s why we explain in this document in fully transparent manner how we process personel data, in accordance with GDPR.


What personal data is collected ?

As a reminder, personal data means any information relating to an identified or identifiable individual.

In the framework of our services, HINFACT collects data related to :

  • Identification data (firstname, lastname, email address, phone number).
  • Data related to you professional situation (company name, job title).
  • Login details with cookies.
  • Other information you may share with us during our exchanges.

At Hinfact, we want to collect as few information as possible to protect your privacy. Data that is necessary to use our services are clearly identified.


How is Hinfact using your personal data ?

Personal data mentionned above is collected and processed for one or several of the following purposes:

  • Answer your request for information or demo (including the whitepaper)
  • Follow customer relationship
  • Build a client and prospect database
  • Develop statistics
  • Respect our legal obligations


Processing legal basis

Hinfact respects the law and the processing are based on :

  • our legitimate interest to develop and promote our business
  • respect our legal obligations


Who may analyze your data ?

For processing, your personal data may be communicate to :

  • HINFACT authorized staff
  • Third parties service providers we are working with :
    • Hubspot (audience measurement, consents collection and CRM)
    • Google Analytics (audience measurement)
  • In this context, your personal data stay under our responsibility and HINFACT requires from its partners to apply strong means of confidentiality and data protection and to enforce the legislation concerning personal data processing.
  • If necessary: services in charge of company controls (auditors, etc.), public organisations, exclusively to fulfill our legal obligations, court and judicial officers.

Except situations detailed above, HINFACT commits to not give access to your personal data to other third parties without your explicit consent, unless compelled to do so for a legitimate reason (legal obligation, fight against fraud or any other illegal activity, purpose of the right of defence, etc.)


Data retention time

Analytics keeps the data of Google signals for a maximum of 26 months. By default, this data about logged-in users expires automatically after 26 months.

Hinfact will keep your collected data for a period of 14 month after your visit.


May my personal data be transferred outside the EU?

Yes, your personal data can be transferred outside the European Union within our relations with our subcontractors and our use of their tools (refer to “Who may analyze your data?”).

This transfer is secured by means of:

  • The data are transferred to a country that has proven an appropriate level of data protection by a decision of the European Commission;
  • A specific agreement that controls the transfer of personal data outside the European Union on a legal basis approved by the Europe Commission has been contracted between HINFACT and its subcontractors.


How do we protect your data ?

At HINFACT, we care about data protection and security. We set in place several means to protect your personal data.

The whole HTTP trafic from and to is encrypted (HTTPS / TLS). You can evaluate our configuration here.

IONOS hosts the domain and uses DDoS advanced protection againt interruption, malwares and cyberattacks.

In addition, HINFACT has put in place organizational measures to ensure data protection and security. All HINFACT employees was trained to data protection and securiy purposes when they join the compnay. They use strong passwords – protected by a password keeper – and multi-factor authentification on every tools we use to work.


Your rights ?

Right to be informed

Art 13 GDPR
This is the main goal of this privacy policy : give you all information about where your personal data are collected

Right to access

Art 15 GDPR
You have the right to be informed and to access to your personal data at any time, sending an email to

Right to rectification

Art 16 GDPR
In addition to your right to access, you can ask us to modify or update inacurate or incomplete personal data.

Right to be forgotten (right to erasure)

Art 17 GDPR
If you consider that we do not have any reason to collect or process your personal data to offer you our services, you can ask us to permanently delete your personal data by sending an email to

Right to data portability

Art 20 GDPR
You own your personal data, these are yours. For this reason, you can ask us a copy of your personal data in a structured and machine-readable format in order to get them or to hand it over to a third party.

Right to restriction of processing

Art 18 GDPR
You have the right to ask us to stop temporarily the processing or the access to all or a part of your personal data.

Right to object

Art 21 GDPR
In addition to the right to restriction, you have the right to object at any time to the processing of your personal data having as its legal basis the pursuit of a legitimate interest.

Right to file a complaint with the supervisory authority

Art 77 GDPR
If you consider that your personal data are misused or for any other claim, you can file a complaint with the French supervisory authority, the Commision National Informatique et Libertés (CNIL), using this form.

You can consult your right in details on the CNIL website

Right to define guidelines about conservation, erasure and transfer of your personal data after your death

Art.40-1 “Loi Informatique et Libertés” (French)
You can contact us by email to the following address to exercise these rights. On this occasion, we can ask you to give us information and additional documents to identify yourself.


Contact our Data Protection Officer

To exercise your rights or to ask any question, please send your request to our Data Protection Officer (DPO) at :

55 avenue Louis Breguet, La Cité


Policy amendments

This privacy policy can be updated from time to time depending on HINFACT’s needs or if the law requests it, to ensure total transparency on all processing operations. We encourage you to consult regularly this document to be informed of any changes – we may notify you directly by email if you have already used our services.

Retour en haut