Privacy policy

Saur, a simplified joint-stock company (société par actions simplifiée), registered with the Nanterre Trade and Companies Register under number 339 379 984, with its registered office located at 11, chemin de Bretagne, 92130 Issy-les-Moulineaux, France, acts as the data controller, within the meaning of the GDPR, for all processing activities described in this policy.

We may process the following categories of personal data:

• Identity (first name, last name, title, etc.)
• Contact details and communication preferences (email, telephone, etc.)
• Professional situation (function)
• Connection and browsing data (cookies and trackers, etc.)
• Any other data voluntarily submitted through our contact or application forms

We collect and process your data for the following purposes:

• Management of the customer and prospect base
• Prospection
• Lead generation via marketing campaigns and blog interactions
• Responding to contact requests (forms, events, etc.)
• Organization of events (trade fairs, webinars, etc.)
• Prospective study and satisfaction surveys
• Management of the newsletter on our activities, services and events

Data is processed on the following legal grounds: our legitimate interest (Article 6-1-f of the GDPR)

The data is stored and processed for the following periods:

• Data relating to customer prospects: For the duration of the commercial relationship, unless opposed
• Data relating to non-customer prospects: For 3 years from the collection or last contact of the prospect, unless opposed

Beyond this period, the data is either deleted or kept in an anonymised format.

Personal data is intended for authorised persons within our internal departments or with our service providers, involved in our marketing and sales activities.

When you browse this site, this policy applies.

Saur implements enhanced security measures to protect your personal data, particularly against theft, unauthorized access, use, or disclosure. These measures comply with industry standards and the regulatory requirements applicable to us.

As part of the provision of our services, we may use subcontractors located outside the EU solely for the maintenance of our tools. For these subcontractors, we exercise strict control over data transfers and ensure the existence of adequate safeguards to protect individuals’ privacy and fundamental rights.

In particular, we legally regulate such data transfers by entering into contracts that incorporate the standard contractual clauses adopted by the European Commission, in accordance with Article 46 of the GDPR.

As a data controller, we take all necessary measures to preserve the security and confidentiality of your data, and in particular to prevent it from being damaged or accessed by unauthorised third parties.

To protect your data, we have put in place technical and organisational security measures consisting of:

• Manage data security
• Define a framework for users
• Engage and train users
• Authenticate users
• Manage authorizations
• Secure workstations
• Secure Mobile Computing
• Protect the computer network
• Secure servers
• Securie Websites
• Supervise IT developments
• Protect the premises
• Secure exchanges with third parties
• Manage subcontracting
• Supervise the maintenance and end-of-life of hardware and software
• Trace operations
• Manage backups
• Plan for business continuity and recovery
• Manage incidents and breaches
• Analyze the risks
• Encrypt, chop, sign
• Secure the Cloud
• Design and develop mobile applications in a secure way
• Secure the use of artificial intelligence (design and training)
• Secure APIs (Application Programming Interfaces)

In accordance with the GDPR, you have the following rights:

• Right of access : obtain information about the processing of your data and receive a copy of it
• Right to rectification : request the correction of inaccurate or incomplete data
• Right to erasure : request the deletion of your data under certain conditions
• Right to restriction of processing : temporarily restrict the use of your data
• Right to portability : receive your data in a structured and commonly used format
• Right to object : to object to the processing of your data
• Right to withdraw your consent at any time, where the processing is based on this legal basis

To exercise these rights, you can contact our DPO at the following address: dpo@saur.com. If you believe that your rights are not respected, you can file a complaint with the CNIL.

Saur reserves the right to update this privacy policy at any time to reflect legal, technical or organisational developments affecting the processing of personal data. We encourage all our customers, partners and prospects to regularly consult this policy in order to stay informed of how their data is protected.

Any substantial changes will be the subject of appropriate communication (website, email, notification), in particular by publishing the new version on this page. In the event of significant changes affecting your rights or the purposes of the processing, Saur may inform you directly, for example by e-mail or by any other means of communication usually used in the context of our relationship.

Last update: 06/30/2025