Introduction
Personal data protection is a structural commitment for Xpert IT Conseil. This policy aims to inform site users about the nature of the data collected, the processing purposes and the rights granted to them.
It applies to data submitted via site forms, email exchanges and any subscription to editorial communications.
Data Collected
Only data strictly necessary for the purposes described below is collected. No sensitive data is requested through the site.
- Professional identity: last name, first name, role when communicated.
- Contact details: professional email address, organization, phone number if voluntarily provided.
- Request context: nature of the project, professional environment, indicative scope, mentioned constraints.
- Minimal technical data related to browsing (see Cookie Policy).
Processing Purposes
The data collected is used solely to respond to user requests and maintain a structured professional relationship.
- Respond to requests for information, audits, quotes or appointments.
- Qualify the technical context before an exchange with our teams.
- Ensure the operational follow-up of ongoing exchanges.
- Send, where applicable, editorial publications the user has subscribed to.
Contact Forms and Technical Requests
Information submitted via contact forms, audit requests, quote requests (RFQ) or exchange scheduling is used exclusively to process the relevant request.
It is not subject to any commercial transfer to third parties and is not used for commercial prospecting operations outside Xpert IT Conseil.
Legal Basis
The processing operations are based on the following legal bases, depending on the relevant purpose:
- User consent, for editorial subscriptions.
- Legitimate interest of Xpert IT Conseil, to respond to incoming professional requests.
- Performance of pre-contractual or contractual measures, for the processing of audit, quote or operational support requests.
- Compliance with applicable legal obligations, for the retention of certain necessary elements.
Data Retention
Personal data is retained for the duration necessary for the purpose for which it was collected, extended where applicable by the retention periods imposed by applicable legal obligations.
Beyond that, data is either deleted or irreversibly anonymized.
Security
Xpert IT Conseil implements reasonable technical and organizational measures aimed at protecting personal data against loss, alteration or unauthorized access.
As no information system can guarantee absolute security, users are invited to transmit only the information necessary for their request.
User Rights
In accordance with the GDPR, each user has the following rights regarding their personal data:
- Right of access to the data concerning them.
- Right of rectification of inaccurate or incomplete data.
- Right of erasure, under the conditions provided for by the regulations.
- Right of opposition to processing, on legitimate grounds.
- Right to limit processing.
- Right to portability of the data provided.
- Right to lodge a complaint with the French data protection authority (CNIL) or the relevant supervisory authority.
GDPR Contact
Any request relating to the exercise of GDPR rights can be sent to legal@xpert-it.com.
To enable an appropriate response, it is useful to specify the nature of the request and the context (form concerned, approximate period, purpose).
Policy Evolution
This policy may evolve to reflect regulatory, technical or organizational changes at Xpert IT Conseil. The date of the last update is indicated at the top of the page.
Any substantial modification will be made clearly visible on the site.
Navigate between legal pages and the dedicated contact entry point.