​​

Last updated: 09.09.2025
 

This Privacy Policy explains how we collect, use, disclose and protect personal data in connection with our website and services (the “Services”). It applies to Moulin des Reines, a company registered in France, acting as data controller.

1. Data we collect
Identity and contact: name, job title, company, email, phone, country, postal address.
Business information: project brief, SoW details, purchase orders, billing contacts, approvals.
Payment-related info: invoice data, payer name and references, last four digits/transaction IDs from our payment processors (we do not store full card numbers).
Communications and support: emails, forms, meeting notes, attachments.
Website data: cookies and similar technologies (pages viewed, device/browser, IP, time zone) for basic analytics and site security.

2. Sources
Directly from you or your organization.
Third parties you authorize (vendors, partners).
Payment providers and banks for reconciliation, fraud prevention and compliance checks.

3. How we use data (purposes)
Provide and administer the Services; draft SoWs, manage suppliers, deliverables and reports.
Billing and collections; processing card payments or bank transfers.
Due diligence, compliance and audit trail (including sanctions/AML screening where required).
Respond to requests and provide customer support.
Improve our methodologies and website (aggregated, anonymized analytics).
Comply with legal obligations and enforce agreements.

4. Legal bases (where applicable, incl. GDPR)
Contract performance (to deliver the Services you request).
Legitimate interests (operate and protect our business, prevent fraud, improve services), balanced against your rights.
Consent (where required for certain marketing or cookies).
Legal obligations (record-keeping, tax, compliance).

5. Sharing of data
We may share personal data with:
Service providers under contract (IT hosting, email, analytics, payment processors, accounting).
Professional advisors (legal, tax, audit) under confidentiality.
Vendors and contractors involved in your SoW, strictly on a need-to-know basis.
Authorities or third parties where legally required, to respond to legal process, or to protect rights and safety.
We do not sell personal data.

6. International transfers
We operate internationally. Where personal data is transferred outside the EU/EEA/UK, we use appropriate safeguards such as contractual clauses or other mechanisms permitted by applicable data protection law, or rely on adequacy decisions where available.

7. Retention
We keep data only as long as necessary for the purposes above: typically the term of the engagement plus 7 years for invoices and records, unless a longer period is required by law or needed to establish, exercise or defend legal claims.

8. Security
We use administrative, technical and physical safeguards appropriate to the type of data and risk (access controls, encryption in transit, need-to-know access, vendor due diligence). No method of transmission or storage is 100% secure, but we aim for a reasonable level of protection.

9. Your rights
Subject to applicable law (including GDPR where relevant), you may have rights to access, correct, delete, restrict or object to processing, and to data portability. You may also have the right to lodge a complaint with your local data protection authority.
To exercise your rights, contact: info@moulindesreines.com. We will respond within a reasonable time.

10. Cookies
We use essential cookies for site operation and optional analytics cookies. You can manage cookies via your browser settings or the site banner. Disabling cookies may affect site functionality.

11. Changes
We may update this Policy from time to time. The “Last updated” date reflects the current version. Material changes will be highlighted on the website for a reasonable period.