1. Data Controller
The data controller is Loïc Gasiorowski, publisher of analyseurdce.fr, reachable at loic@gasiorowski.fr.
2. Data We Collect
2.1 Contact Form
When you submit the contact form (custom offer request), we collect:
- Your name
- Your email address
- The type of need selected
- Your message (optional)
Purpose: responding to your business inquiry.
Legal basis: consent (GDPR Article 6.1.a).
Retention period: 12 months from receipt.
2.2 DCE Files
The DCE files (PDF, DOCX) you upload for analysis are processed in memory by our AI system. No files are stored on our servers. Content is sent to the AI model for information extraction, then deleted once the report is generated.
2.3 Browsing Data
We use Google Analytics 4 with advanced consent mode (Consent Mode v2) to measure website traffic. Collected data is anonymized and does not allow personal identification.
3. Cookies
| Cookie | Purpose | Duration | Type |
|---|---|---|---|
| _ga / _ga_* | Audience measurement (Google Analytics 4) | 13 months | Analytics |
| theme | Dark/light mode preference | Session | Functional |
No advertising or third-party tracking cookies are used.
4. Sub-processors
| Sub-processor | Service | Location |
|---|---|---|
| Hostinger International Ltd | Web hosting | Lithuania (EU) |
| Google LLC | Analytics (GA4) | United States (Standard Contractual Clauses) |
| n8n GmbH | Webhook processing (contact form) | Germany (EU) |
| OpenAI | AI model for DCE analysis | United States (DPA in place) |
5. Your Rights
Under GDPR, you have the following rights:
- Right of access — obtain a copy of your data
- Right to rectification — correct your data
- Right to erasure — request deletion of your data
- Right to object — object to data processing
- Right to portability — receive your data in a structured format
To exercise these rights, contact us at: loic@gasiorowski.fr
You may also file a complaint with the French data protection authority (CNIL) at cnil.fr.
6. Security
We implement technical and organizational measures to protect your data: HTTPS encryption, security headers (CSP, HSTS), and rate limiting on forms.
Last updated: March 1, 2026