GDPR · Règlement européen 2016/679

Privacy policy

DFI Labs SAS respects your privacy and is committed to protecting personal data in accordance with the EU General Data Protection Regulation (GDPR) and the French Data Protection Act.

Last updated: April 2026

Data controller

DFI Labs SAS, 14 Avenue du Général-de-Gaulle, 94160 Saint-Mandé, France, is the data controller for any personal data collected through dfi-labs.com.

Personal data we collect

Contact data you voluntarily provide when you email us or request a call: name, professional email address, company, role, and the content of your message.
Technical data necessary to deliver the website: truncated IP addresses, browser type, referrer, and timestamp. No persistent identifier is stored in your browser.
Aggregated analytics via Plausible Analytics, a cookie-free, GDPR-compliant service that does not collect personal data or use tracking cookies.

Purpose and legal basis

Responding to your inquiries — legal basis: pre-contractual steps taken at your request (GDPR Art. 6.1.b) or legitimate interest (Art. 6.1.f).
Operating and securing the website — legal basis: legitimate interest (Art. 6.1.f).
Audience measurement (aggregated, anonymous) — legal basis: legitimate interest (Art. 6.1.f). No consent required under CNIL guidelines for cookie-free analytics.

Cookies and similar technologies

dfi-labs.com does not use advertising or tracking cookies. We use Plausible Analytics, which does not set cookies, does not use fingerprinting, and does not collect any personal data.

Data retention

Contact correspondence is retained for up to 3 years from the last contact, after which it is archived or deleted. Aggregated analytics are retained indefinitely in anonymised form.

Data recipients

Personal data are processed by DFI Labs employees on a need-to-know basis and by our technical processors: Amazon Web Services (hosting, EU region), Plausible Analytics (EU), and our email provider. No personal data are sold or shared with third parties for marketing purposes.

International transfers

Personal data are processed within the European Union. Where a transfer outside the EU is unavoidable, it is governed by Standard Contractual Clauses approved by the European Commission.

Your rights

Under GDPR, you may exercise at any time your right of access, rectification, erasure, restriction, portability, and objection, and the right to lodge a complaint with the CNIL (cnil.fr). To exercise these rights, please write to hello@dfi-labs.com.

Security

DFI Labs implements reasonable technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, including TLS encryption in transit and access controls.

Changes

We may update this policy from time to time. Substantive changes will be announced on this page with a revised effective date.