Privacy Policy for Hyperion Consulting

Last updated: July 1st, 2025

Quick Navigation

1Website Publisher Information
2Data Controller
3Information Collection and Use
4Data Retention
5Data Recipients
6International Data Transfers
7Your Rights
8Data Security
9Cookie Policy
10Automated Decision-Making
11Children's Privacy
12Links to Other Sites
13Changes to This Privacy Policy
14Contact Us

1. Website Publisher Information

Website Publisher:

Hyperion Consulting (SASU)

SIRET: 94804171000013

TVA: FR73948041710

126 Avenue du General Leclerc, 92100 Boulogne-Billancourt, France

contact@hyperion-consulting.io

Director: Mohammed Cherifi

Website Host:

OVHcloud

2 rue Kellermann, 59100 Roubaix, France

Data Centers: France

www.ovhcloud.com

AI Service Provider:

Mistral AI

15 Rue des Halles, 75001 Paris, France

www.mistral.ai

2. Data Controller

For the purposes of the General Data Protection Regulation (GDPR), the data controller is:

Hyperion Consulting

Email: contact@hyperion-consulting.io

3. Information Collection and Use

3.1 Types of Data Collected

We collect several categories of information:

Personal Data

Information that can directly or indirectly identify you:

  • Identity data: First name, last name
  • Contact data: Email address, phone number (if provided)
  • Technical data: IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform
  • Usage data: Information about how you use our website and services
  • Marketing and communications data: Your preferences in receiving marketing from us

Cookies and Similar Technologies

We use cookies and similar tracking technologies. See Section 9 for detailed information.

3.2 Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Consent: When you have given clear consent for us to process your personal data for specific purposes
  • Contract: Processing necessary for the performance of a contract to which you are party
  • Legal obligations: Processing necessary for compliance with legal obligations
  • Legitimate interests: Processing necessary for our legitimate interests or those of third parties, provided those interests are not overridden by your rights and interests

3.3 Purpose of Data Collection

We use your personal data for the following purposes:

  • To provide and maintain our Service
  • To manage your account and provide customer support
  • To notify you about changes to our Service
  • To send you marketing communications (with your consent)
  • To analyze and improve our Service
  • To comply with legal obligations
  • To detect, prevent, and address technical issues
  • To protect our rights and property

3.4 Mandatory vs Optional Data

When collecting data, we will indicate whether providing certain information is:

  • Mandatory: Required to provide our services (marked with an asterisk *)
  • Optional: Additional information that helps us improve our services

Consequences of not providing mandatory data: We may not be able to provide certain services to you.

4. Data Retention

We retain your personal data only for as long as necessary for the purposes set out in this Privacy Policy:

Customer data

Duration of the business relationship plus 2 years

Marketing data

Until you withdraw consent or 2 years after last interaction

Technical logs

3 months

Cookie data

See cookie policy (Section 9)

5. Data Recipients

Your personal data may be shared with:

  • Internal recipients: Authorized employees who need access to perform their duties
  • Service providers: Third-party companies that provide services on our behalf (hosting, email services, analytics)
  • Legal authorities: When required by law or legal proceedings
  • Business transfers: In case of merger, acquisition, or sale of assets

We do not sell, trade, or rent your personal information to third parties.

6. International Data Transfers

Your information, including Personal Data, may be transferred to and maintained on computers located outside of your state, province, country, or other governmental jurisdiction where data protection laws may differ.

If we transfer data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place:

  • Standard contractual clauses approved by the European Commission
  • Adequacy decisions
  • Your explicit consent

You have the right to obtain information about these safeguards by contacting us.

7. Your Rights

Under GDPR, you have the following rights regarding your personal data:

Right of access

Obtain confirmation whether we process your data and access to it

Right to rectification

Correct inaccurate or incomplete data

Right to erasure ('right to be forgotten')

Request deletion of your data under certain circumstances

Right to restriction of processing

Request limitation of processing under certain circumstances

Right to data portability

Receive your data in a structured, commonly used format

Right to object

Object to processing based on legitimate interests or for direct marketing

Right to withdraw consent

Where processing is based on consent, you can withdraw it at any time

Right not to be subject to automated decision-making

Including profiling

To exercise these rights, contact us at: contact@hyperion-consulting.io

You also have the right to lodge a complaint with the supervisory authority:

Commission Nationale de l'Informatique et des Libertés (CNIL)

3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07

Tel: +33 (0)1 53 73 22 22

www.cnil.fr

8. Data Security

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of data in transit and at rest
  • Regular security assessments
  • Access controls and authentication measures
  • Employee training on data protection

However, no method of transmission over the Internet or electronic storage is 100% secure.

9. Cookie Policy

9.1 What Are Cookies

Cookies are small text files placed on your device when you visit our website. We use the following types of cookies:

Essential cookies

Necessary for the website to function

Analytical cookies

Help us understand how visitors use our website

Functional cookies

Remember your preferences

Marketing cookies

Used to deliver relevant advertisements

9.2 Consent

We will request your consent before placing non-essential cookies on your device. You can withdraw consent at any time through your browser settings or our cookie management tool.

9.3 Third-Party Cookies

Some of our pages may contain content from third-party services (e.g., Google Analytics) which may set their own cookies. We do not control these cookies.

10. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you.

11. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children under 18.

12. Links to Other Sites

Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these external sites. We encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by:

  • Posting the new Privacy Policy on this page
  • Updating the "Last updated" date
  • Sending you an email notification (for significant changes)

You are advised to review this Privacy Policy periodically. Continued use of our Service after changes constitutes acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Mail

126 Avenue du General Leclerc

92100 Boulogne-Billancourt, France

Response time: We will respond to your requests within one month of receipt, as required by GDPR.

This Privacy Policy is governed by French law and complies with the General Data Protection Regulation (EU) 2016/679.