Privacy Policy

Aegis IA Locale — BeamReactor
Last updated: March 2026

1. Data Controller

The data controller for your personal data is:

2. Data Collected and Purposes

For the operation of this website, we collect only strictly necessary data:

• Registration data — first name, last name, email address, username, password (hashed), avatar and bio (optional)
• Contact form — name, email address, subject and message content
• Support tickets — content of exchanges related to a support request
• Newsletter — email address (only if you opted in during registration)
• Browsing data — IP address (anonymised), browser, language, pages visited, for statistical purposes only

We collect no data for advertising or behavioural profiling purposes. No third-party tracking service is used.

3. Legal Bases for Processing

• Legitimate interest (Art. 6.1.f GDPR) — anonymised statistics, fraud prevention, IT security
• Contract performance (Art. 6.1.b GDPR) — user account management, processing support requests
• Consent (Art. 6.1.a GDPR) — newsletter (optional, revocable at any time)

4. Retention Periods

• Active customer account data: retained while the account is active
• Inactive account data: deleted 6 months after last activity (with prior notification)
• Newsletter data: retained until unsubscription
• Anonymised statistical logs: 12 months rolling
• Technical logs with identified IP: 7 days

5. Sharing of Your Data

Your data is not shared with any advertising network, social media platform, or third parties for commercial purposes.

The website is entirely self-hosted within the European Union. Your data does not leave EU territory and is not transmitted to any external provider.

6. Cookies

The BeamReactor website uses only:

• Session cookies — necessary for the proper functioning of authentication
• Preference cookies — memorising the chosen language and display skin

No advertising, tracking, or profiling cookies are placed on your device.

7. Data Security

We implement appropriate technical and organisational measures to protect your data:

• Encrypted transmission (HTTPS/TLS)
• Passwords hashed with individual salting (Argon2)
• SQL injection protection by design
• Intrusion detection and flood protection
• Regular encrypted backups

8. Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data:

• Right of access (Art. 15) — obtain a copy of data concerning you
• Right of rectification (Art. 16) — correct inaccurate or incomplete data
• Right to erasure (Art. 17) — request deletion, subject to statutory retention obligations
• Right to restriction (Art. 18) — restrict processing of your data
• Right to portability (Art. 20) — receive your data in a structured, machine-readable format
• Right to object (Art. 21) — object to processing based on legitimate interest
• Withdrawal of consent — withdraw consent at any time (newsletter)

To exercise your rights, contact us via our contact form.
We will process your request within a maximum of 30 days.

You also have the right to lodge a complaint with the CNIL (French data protection authority) at www.cnil.fr, or with your national supervisory authority.

9. Policy Updates

Any substantial changes to this policy will be announced on the site. Registered users will be notified by email within a reasonable period before changes take effect.

Document established on 2026-03-07 — Version 1.0