Privacy Policy
Effective from January 1, 2024 - last modified on February 15, 2026.
Data Hosting
Your data is hosted in France, on secure servers located within French territory, operated by OVHcloud (OVH SAS, Roubaix, France). This hosting ensures that your information remains subject to European data protection legislation, in particular the General Data Protection Regulation (GDPR - EU Regulation 2016/679).
Data Controller
The data controller for personal data collected through the Sedestral platform is the company Sedestral, reachable at contact@sedestral.com. Any questions regarding the protection of your personal data may be directed to this address.
Information Collection
We collect the information you provide when creating your account and using our platform: name, email address, login information, content you submit to our AI agents, data related to your website (URLs, page content, metadata), and information you provide when communicating with our support team. As part of our SEO optimization services, we use the APIs of artificial intelligence providers (Anthropic/Claude and OpenAI) to generate and optimize content. The data transmitted to these providers is limited to what is strictly necessary for the operation of the requested service.
Google Search Console Integration
When you connect your site to Sedestral through one of our integrations (WordPress, Shopify, PrestaShop, Wix, etc.), we automatically connect your Google Search Console account whenever possible, in order to provide you with personalized SEO analyses from the outset. You can also connect Google Search Console manually from your dashboard. The retrieved data (impressions, clicks, rankings, queries) is used exclusively to deliver our services. It is never transferred, sold, or shared with third parties. You can revoke this access at any time from your account.
Legal Basis for Processing
The processing of your personal data is based on the following legal grounds: (a) performance of the contract between you and Sedestral, for processing necessary to provide our services; (b) your consent, particularly for sending marketing communications and the use of non-essential cookies; (c) our legitimate interest, for improving our services, fraud prevention, and platform security; (d) compliance with legal obligations, for data retention required by law (invoicing, fraud prevention).
Use of Information
We use the information collected to: provide our SEO optimization and content generation services; improve and personalize your experience on the platform; perform performance analyses and usage statistics; respond to your support requests; ensure platform security and prevent abuse. If you have consented, we may also use this information to send you marketing communications about our services.
Subcontractors and Service Providers
In the course of providing our services, we use the following subcontractors: OVHcloud (data hosting, France); Stripe (payment processing, PCI-DSS certified); Anthropic (Claude API, AI content generation); OpenAI (GPT API, AI content generation); Google (Search Console API, SEO data). These providers only access the data strictly necessary for the performance of their tasks and are bound by contractual obligations of confidentiality and security in compliance with the GDPR.
Information Sharing
We never sell your personal information to third parties. We may be required to share information if the law requires it, if it is necessary to protect our rights, property, or safety, or in the context of a merger, acquisition, or asset transfer (in which case you will be informed in advance).
Data Transfers Outside the European Union
Some of our subcontractors (notably Anthropic and OpenAI) are established in the United States. These transfers are governed by appropriate safeguards in accordance with Articles 46 et seq. of the GDPR, including standard contractual clauses adopted by the European Commission and, where applicable, the EU-US Data Privacy Framework. You may obtain a copy of these safeguards by contacting us at contact@sedestral.com.
Data Retention Period
Your personal data is retained for the duration of your use of our services. If you delete your account, your data will be erased within 30 days, except for data we are required to retain under legal obligations (in particular invoicing data, retained for 10 years in accordance with the French Commercial Code). Connection logs are retained for 12 months in accordance with applicable legislation.
Your Rights
In accordance with the GDPR, you have the following rights over your personal data: Right of access: obtain confirmation that your data is being processed and receive a copy. Right of rectification: correct inaccurate or incomplete data. Right to erasure: request the deletion of your data, subject to our legal retention obligations. Right to data portability: receive your data in a structured, commonly used, and machine-readable format. Right to restriction of processing: obtain the restriction of processing of your data in the cases provided by law. Right to object: object to the processing of your data based on our legitimate interest. To exercise these rights, contact us at contact@sedestral.com. We will respond to your request within a maximum of 30 days. In case of disagreement, you may file a complaint with the CNIL (Commission nationale de l'informatique et des libertes).
Cookies and Similar Technologies
We use cookies and similar technologies to ensure the proper functioning of the platform and analyze the use of our services. Cookies are text files stored on your device that identify your browser. Essential cookies: necessary for the operation of the platform (authentication, session preferences). They do not require your consent. Analytical cookies: allow us to measure traffic and performance of our platform. You can disable non-essential cookies in your browser settings. Disabling essential cookies may limit certain features of the platform.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, modification, disclosure, or destruction. These measures include encryption of data in transit (TLS) and at rest, strict access controls, and regular security audits.
Privacy Policy Changes
We may modify this privacy policy at any time by publishing an updated version on our website. We recommend that you regularly review this page to stay informed of any changes. In the event of a substantial modification, we will notify you by email or through a notification in your dashboard.
Contact Us
If you have any questions or concerns about this privacy policy or how we handle your personal data, contact us at: contact@sedestral.com. We are committed to responding to all requests within 30 days.