Privacy policy

Last revision: 23/02/2022

At Flynt, protecting your personal data is a priority.

When you use (hereinafter the "Site") and the application (hereinafter the "Application"), we are required to collect personal data about you.

The purpose of this policy is to inform you about how we process this data in compliance with Regulation (EU) 2016/679 of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter the "GDPR").

1. Who is the Data controller?

The data controller is Flynt, SAS, registered in the Nanterre Trade and Companies Register under number 895 050 441 and whose registered office is located at 32 rue Guy Môquet 92240 MALAKOFF (hereinafter referred to as "We").

2. What data do we collect?

Personal data is data that identifies an individual directly or by cross-referencing with other data.

We collect data that falls into the following categories:

  • Identification data (including your name, first name, email address);

  • Data about your company (including company name, postal code of the head office, number of points of sale and cash register system)

  • Connection data of the Users of the Application (e.g. IP address, logs, passwords, terminal identity);

  • Visitor navigation data on the Site (including IP address, UUID, terminal information);

  • Data from recordings of telephone calls between you and our customer service department (e.g. content of calls, dates);

  • Economic and financial data (for example: RIB);

  • Data from the use of the online chat tool.

Mandatory data are indicated when you provide us with your data. They are marked with an asterisk and are necessary to provide you with our services.

3. On what legal grounds, for what purposes and for how long do we keep your personal data?


  • Provide you with a demonstration of our Application;

  • Provide our services available on our Application via your account (optimize your revenues and improve their profitability);

  • To provide access to the Application, to carry out operations related to the management of our customers concerning contracts, invoices and follow-up of the contractual relationship with our customers;

  • Build a file of customers and prospects;

  • Send newsletters, solicitations and promotional messages;

  • Comply with the legal obligations applicable to our business;

  • To elaborate statistics of navigation of the Site;

  • To compile statistics on the use of our Application;

  • Manage requests to exercise rights;

  • Provide you with technical support and customer service;

Legal basis

  • Execution of pre-contractual measures taken at your request ;

  • Performance of the contract you or your company have with Us;

  • Performance of the contract you or your company have with Us;

  • Our legitimate interest in developing and promoting our business;

  • Our legitimate interest in retaining and informing our customers and prospects of our latest news;

  • Comply with our legal and regulatory obligations;

  • Your consent;

  • Our legitimate interest in analyzing the use of our Application by our Users;

  • Our legitimate interest in responding to your requests and keeping track of them;

  • Fulfillment of the contract you or your company has with us;

Retention period

  • Your data will be kept for the duration of the demonstration;

  • Your data is kept for the duration of your account.
    In addition, your data may be archived for evidentiary purposes for a period of 5 years after the account is closed;

  • Personal data is kept for the duration of the contractual relationship.
    Connection logs are kept for a period of six months from the date of their collection.
    In addition, your data (with the exception of your bank details) are archived for evidential purposes for a period of 5 years;

  • For customers: data is kept for the duration of the contractual relationship. For prospects: the data is kept for a period of 3 years from your last contact, for prospecting purposes;

  • The data is kept for 3 years from your last contact with Us;

  • For invoices: invoices are archived for a period of 10 years. The data relating to your transactions (with the exception of banking data) are kept for 5 years;

  • Your data is kept for 25 months from the date of collection;

  • The data is kept for the duration of your account;

  • If we ask you for proof of identity: we keep it only for the time necessary to verify your identity. Once the verification is completed, the proof is deleted.
    If you exercise your right to object to receiving marketing: we keep this information for 3 years;

  • Personal data is kept for the duration of your account on the Application and up to a maximum of 90 days after its closure, the time of the effective deletion on all databases;

4. Who are the recipients of your data?

Your personal data will be accessible to:

(i) Our company's staff;
(ii) Our subcontractors: hosting service providers, newsletter sending service provider, customer management tool (CRM), online chat tool, audience measurement service provider, performance analysis tool;
(iii) If necessary: public and private bodies, exclusively to meet our legal obligations;

5. Is your data likely to be transferred outside the European Union?

Your data is kept and stored for the duration of the processing on Webflow's servers, located in the United States. Within the framework of the tools we use (see article on the recipients concerning our subcontractors), your data may be transferred outside the European Union. The transfer of your data in this context is secured by means of the following tools:

  • or the data is transferred to a country that has been the subject of an adequacy decision by the European Commission, in accordance with Article 45 of the GDPR: in this case, this country ensures a level of protection deemed sufficient and adequate to the provisions of the GDPR;

  • or the data is transferred to a country whose level of data protection has not been recognized as adequate to the RGPD: in this case these transfers are based on appropriate safeguards indicated in Article 46 of the RGPD, adapted to each provider, including but not limited to the conclusion of standard contractual clauses approved by the European Commission, the application of binding corporate rules or under an approved certification mechanism;

  • or the data is transferred on the basis of one of the appropriate safeguards described in Chapter V of the GDPR;

6. What are your rights to your data?

You have the following rights with respect to your personal data:

  • Right to information: this is precisely the reason why we have drafted this policy. This right is provided for in articles 13 and 14 of the RGPD.

  • Right of access: you have the right to access all your personal data at any time, in accordance with Article 15 of the GDPR.

  • Right of rectification: you have the right to rectify at any time your inaccurate, incomplete or obsolete personal data in accordance with Article 16 of the GDPR

  • Right to limitation: you have the right to obtain the limitation of the processing of your personal data in certain cases defined in Article 18 of the GDPR.

  • Right to erasure: you have the right to request that your personal data be erased, and to prohibit future collection of your personal data on the grounds set out in Article 17 of the GDPR

  • Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a violation of the applicable texts. (Article 77 of the GDPR)

  • The right to set up instructions for the retention, deletion and disclosure of your personal data after your death.

  • Right to withdraw your consent at any time: for purposes based on consent, Article 7 of the GDPR provides that you may withdraw your consent at any time. Such withdrawal will not affect the lawfulness of the processing carried out before the withdrawal.

  • Right to portability: under certain conditions specified in Article 20 of the GDPR, you have the right to receive the personal data you have provided to us in a standard machine-readable format and to request its transfer to the recipient of your choice.

  • Right to object: under Article 21 of the GDPR, you have the right to object to the processing of your personal data. Note, however, that we may continue to process them despite this objection, for legitimate reasons or the defense of legal rights.

You can exercise these rights by writing to us at the address below. We may ask you to provide additional information or documents to prove your identity.

7. What cookies do we use?

To learn more about cookie management, please see our Cookie Policy.

8. Contact point for personal data

Contact email :

Contact address : 32 rue Guy Môquet 92240 MALAKOFF

9. Amendments

We may modify this policy at any time, in particular to comply with any regulatory, legal, editorial or technical developments. These changes will apply as of the effective date of the modified version. You are therefore invited to regularly consult the latest version of this policy. Nevertheless, we will keep you informed of any significant changes to this privacy policy.

Entry into force: 23/02/2022