Privacy
Privacy policy
Last updated : 2026-06-11
This Privacy Policy explains how GRAY, a French EURL registered under SIREN 922 508 965, with registered office at 25 rue Rennequin, 75017 Paris, France ("Hackisition", "we", "us"), collects, uses, stores and protects personal data when you visit this website or use our services. We act as the data controller under the EU General Data Protection Regulation (GDPR) and the French Data Protection Act.
1. Data we collect
We may collect the following categories of data:
- Identity & contact data — name, email, phone, company, job title.
- Commercial data — proposals, contracts, billing and payment details.
- Communications — messages you send us by email, Slack, WhatsApp or any other channel.
- Technical data — IP address, browser type, device, and basic usage data when you browse the site.
- Any other data you voluntarily provide to us.
2. How we collect it
We collect data directly from you (forms, email, calls, contracts), automatically when you use the site (cookies and similar technologies, where applicable), and occasionally from third parties such as referrals or publicly available business sources.
3. Why we use it (legal bases)
- To provide, manage and improve our services — performance of a contract.
- To respond to your requests and communicate with you — legitimate interest.
- To issue invoices and meet accounting, tax and legal obligations — legal obligation.
- For marketing where you have opted in — consent, which you can withdraw at any time.
- To secure the site, prevent fraud and enforce our terms — legitimate interest.
4. Sharing & processors
We never sell your personal data. We share it only with trusted service providers acting on our behalf, including, where relevant : Notion (CRM), DocuSign (e-signature), Stripe (payments), Pennylane (accounting), Google Workspace (email and files), and our hosting provider. Each is bound by appropriate data-processing terms. We may also disclose data where required by law or to protect our rights.
5. International transfers
Some providers are located outside the European Economic Area. Where that is the case, we rely on appropriate safeguards such as the EU Standard Contractual Clauses or an adequacy decision to protect your data.
6. Retention
We keep personal data only as long as necessary for the purposes above. Accounting and contractual records are retained for 10 years as required by French law. Other data is deleted or anonymised once it is no longer needed.
7. Your rights
Subject to applicable law, you have the right to access, rectify, erase, restrict or object to the processing of your data, the right to data portability, and the right to withdraw consent at any time. You may also lodge a complaint with the French supervisory authority (CNIL, www.cnil.fr). To exercise any right, email gary@hackisition.io.
8. Cookies
This site uses only strictly necessary cookies required for it to function and, where applicable, a short-lived session token. We do not use advertising cookies. If analytics or other non-essential cookies are introduced, we will request your consent first.
9. Security
We apply reasonable technical and organisational measures to protect personal data against loss, misuse and unauthorised access. No method of transmission or storage is completely secure, but we work to safeguard your information.
10. Children
Our services are intended for businesses and professionals. We do not knowingly collect data from children under 16.
11. Changes
We may update this policy from time to time. The latest version is always available on this page, with the "last updated" date above.
12. Contact
For any privacy question or to exercise your rights : gary@hackisition.io.