AdminVanguard Studio

Privacy Policy

Effective: 11 Aug 2025 · Last Updated: 11 Aug 2025 · Controller: FORGERON INE (FR)

1) Scope & Who We Are

Ine Forgeron - AdminVanguard Studio (“we”, “us”, “our”) designs AI systems and operations for regulated, customer-facing teams. This policy covers our public websites, email communications, AI assistants, knowledge consoles, document automation, and—where used—SMS/WhatsApp channels.

Data Controller (EU/EEA)

Forgeron INE — AdminVanguard Studio
SIREN 517855722 • SIRET 51785572200016 • TVA FR4651785572
Bouteville (16120), Charente, France
[email protected]

Regulatory Alignment

GDPR / CNIL ePrivacy CCPA/CPRA (as applicable) TCPA (SMS, if applicable)

2) Declaration of Data Stewardship

We do not sell, rent, trade, or license your personal data. We operate on minimal collection, explicit purposes, consent where required, and documented governance. Your data is a trust—never an ad inventory.

3) Data We Collect (Minimal, Purpose-Bound)

May Collect

Identity & contact: name, email, phone (if you provide them)
Professional metadata (role, company) when you request proposals
Operational context you submit (use cases, documents for builds)
Consent logs, preference choices, language
Technical logs (IP, user agent) for security & abuse prevention

We Do Not Collect

Sensitive categories unless you explicitly provide for a lawful purpose
Payment details on our servers (handled by PCI-compliant processors)
Behavioral tracking without notice/consent
Third-party ad IDs for profiling

Sources

Directly from you (forms, email, discovery calls, contracts)
Operational systems you connect (e.g., CRM, helpdesk) with your authorization
Security systems (rate-limit, fraud/abuse detection)

4) How We Use Data

Purpose	Examples
Provide services you request	Discovery/proposal, pilots, builds, training, support
Communications	Transactional emails, critical updates, opt-in newsletters
Security & compliance	Access control, audit trails, incident response
Governance & documentation	DPIA notes, SoW/contract execution, consent records
Legal obligations	Tax, accounting, regulatory requests

5) No Selling • No Unconsented Sharing • No SMS Surveillance

We do not sell, rent, or trade personal data.
We do not inject third-party trackers into SMS/WhatsApp.
We share data only with vetted processors necessary to deliver the service, under contract and documented in our records of processing.

6) Legal Bases (GDPR Articles 6 & 49)

Contract — to deliver proposals, pilots, and services you request.
Consent — newsletters, optional cookies, or specific data uses.
Legal obligation — tax, accounting, regulatory retention.
Legitimate interests — security, service improvement, fraud prevention (balanced against your rights).
Explicit consent / appropriate safeguards — for any exceptional categories or cross-border needs.

7) Data Retention

We retain personal data only for the period necessary to fulfill the stated purposes, then delete or irreversibly anonymize it. Contractual and legal records may be retained for statutory periods (e.g., tax/audit). You may request deletion at any time; where retention is required by law, we will restrict processing.

8) Security

Encryption in transit (TLS) and at rest (where supported by the processor)
Least-privilege access, role-based controls, credential rotation
Environment segregation, logging, incident playbooks, vendor reviews
Change management and approvals for regulated builds

9) Your Rights

EU/EEA (GDPR)

Access, rectification, erasure
Restriction and objection (including to legitimate interests)
Portability (structured, commonly used format)
Withdraw consent at any time (does not affect prior processing)
Lodge a complaint with your authority — in France: CNIL

California (CCPA/CPRA) — if applicable

Know, access, delete, correct
Opt-out of sale/share (we do not sell/share)
Non-discrimination for exercising rights

How to exercise: email [email protected]. We may verify identity to protect your data.

10) Opt-Out (Email & SMS)

Email: use the unsubscribe link or write to us.
SMS/WhatsApp (if used): reply STOP to cease messages. We will cease outreach and update preferences promptly, subject to lawful retention of minimal opt-out evidence.

11) Cookies & Similar Technologies

We operate on a consent-first model. We avoid advertising cookies. Functional cookies may be necessary for security and session continuity. Where optional analytics are used, they are only activated with your consent. You can change preferences anytime.

Manage Cookie Preferences

12) International Transfers

Where data moves outside the EEA/UK (e.g., to the U.S. for specific processors), we rely on valid transfer tools such as adequacy decisions, the EU-U.S. Data Privacy Framework participation of the processor, or Standard Contractual Clauses with supplemental measures.

13) Processors & Integrations (Illustrative)

Depending on your engagement, we may use vetted processors strictly for the intended service:

Category	Vendors (examples)	Purpose
Communications	Email (e.g., Google Workspace), SMS (e.g., Twilio)	Transactional notices, support, OTP
CRM/Automation	HubSpot/Salesforce, GoHighLevel, Make/n8n/Zapier	Lead ops, workflow execution with your authorization
Meetings	Calendly, Zoom	Scheduling and calls
Payments	Stripe (if used)	Payment processing (PCI; we do not store card data)
Docs & Storage	Notion, Airtable, Google Drive	Project documentation and collaboration
Hosting	Reputable EU/US cloud providers	Website and service hosting

A current list can be provided under NDA upon request for enterprise procurement and DPIA review.

14) Children’s Data

Our services target professional users. We do not knowingly collect data from children. If you believe a child has provided data, contact us to remove it.

15) Changes to This Policy

Substantive changes will be announced with a clear summary and an opportunity to review preferences before they take effect. Version history is available upon request.

16) Contact

Privacy Desk — AdminVanguard Studio
Bouteville (16120), Charente, France
[email protected]

For EU matters you may lodge a complaint with the CNIL (France) or your local authority. We prefer to resolve issues quickly and transparently—please email us first.