CinQ acts as a Data Controller for the personal data we collect and process. If you have any questions regarding your data, you can contact our Data Protection Officer (DPO):

We collect personal data to enhance our education, training, and coaching services. Specifically, we use data to:

• Provide personalized learning experiences and coaching programs.

• Maintain accurate records for ongoing or future training needs.

• Communicate relevant updates, resources, and opportunities aligned with your interests.

• Improve our platform, services, and user experience.

• Comply with legal and regulatory requirements.

Under GDPR, we process personal data based on:

• Consent: When you provide explicit consent for specific processing activities.

• Contractual Necessity: To fulfill agreements related to our services.

• Legal Obligations: To comply with applicable laws and regulations.

• Legitimate Interests: To enhance services, ensure security, and support business operations.

We collect and process the following categories of personal data:

• Contact Information: Name, email, phone number, organization details.

• Targeted Interaction Data: Page visits with timestamps for users accessing the site via personalized links.

• Learning & Professional Data: Training history, progress, feedback, employer/company, job/role.

• Usage Data: IP addresses, browser type, activity logs, and interactions with our services.

• Financial Data: If payments are required for services, we securely process transaction-related data.

We collect personal data from:

• Direct interactions (e.g., registration forms, surveys, consultations, and event attendance).

• Navigation history for targeted visitors, under the condition of explicit tracking consent.

• Online contact forms when users reach out to us.

• Course sign-ups, where users provide employer/company and job/role information.

• Professional platforms where you have shared information (e.g., LinkedIn).

• Corporate clients who provide data for team training or coaching engagements.

• Third-party service providers supporting our operations.

We implement strict security measures to safeguard your data:

• Cloud Security: Data is stored and processed using secure platforms with multi-layered security.

• Encryption & Network Protection: SSL/TLS certificates secure our websites and data transmissions.

• Access Controls: Only authorized personnel have access to your personal data.

• Staff Training: Our team undergoes regular training on data security and GDPR compliance.

We retain your personal data for as long as necessary to fulfill its intended purpose. If there is no meaningful interaction for seven years, we securely delete your information unless legally required to retain it longer.

We may share your data with:

• Corporate Clients: For organizational training and coaching engagements.

• Service Providers: Vendors supporting operational and marketing activities.

• Event Partners: Sponsors of industry events, white papers, or research initiatives you have engaged with.

• Operational Service Providers: Trusted vendors who support our website hosting and internal communication platforms used by our team to coordinate and respond to your requests.

Where possible, we anonymize or tokenize data before sharing and only share the necessary information to fulfill service obligations.

If personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards, such as Standard Contractual Clauses (SCCs) or equivalent GDPR-compliant measures.

As a data subject, you have the following rights:

• Access: Request details about the data we hold.

• Rectification: Correct any inaccurate or incomplete data.

• Erasure: Request deletion of your data, unless legal obligations require retention.

• Restriction: Limit how your data is processed.

• Objection: Object to processing based on legitimate interests.

• Data Portability: Receive your data in a structured, machine-readable format.

You can submit a Subject Access Request (SAR) by contacting our Data Protection Officer:

Your request should include:

• Your full name as per our records.

• A description of your request and the rights you are exercising.

• Valid photo identification for verification.

We will acknowledge SARs within 72 hours and aim to resolve them within 30 days upon verifying your identity.

CinQ employs minimal automated processing, such as text or keyword analysis, to personalize learning experiences. However, human oversight is always maintained to ensure fairness and prevent biases.

In the event of a data breach, we will notify affected individuals and the relevant supervisory authority within 72 hours, in accordance with GDPR requirements.

As a company registered in France, CinQ falls under the jurisdiction of the Commission Nationale de l'Informatique et des Libertés (CNIL). If you believe your data protection rights have been violated, you may contact CNIL:

Our website takes a minimal approach to cookies to respect your privacy.

For general visitors browsing the site, we do not use tracking or marketing cookies. You can browse our public pages without the need to manage complex cookie consents.

If you access the website via a unique, personalized link sent by us, we may request your consent to log your navigation history to better tailor our services to your needs using a basic tracking cookie.

• Consent Required: This tracking is only active after you have given direct consent via a dedicated modal window.

• Managing Consent: If you have previously consented to tracking, a link will appear in the website footer allowing you to withdraw consent at any time.

This policy may be updated to reflect changes in legal requirements or our data practices. Updates will be communicated via our website or directly to affected individuals.