Sinequa Augments Companies with Release of New Generative AI Assistants. Learn more

Privacy Policy

Purpose and scope of the policy

Sinequa attaches the greatest importance and care to the protection of privacy and personal data, as well as to the respect of the provisions of the applicable Legislation.

The General Data Protection Regulation (EU) 2016/679 (hereinafter “GDPR”) states that Personal Data must be processed lawfully, fairly, and transparently. Thus, this privacy policy (hereinafter the “Policy”) aims to provide you with simple, clear information on the Processing of Personal Data concerning you in the context of your browsing and the operations carried out on our website.


Data Controller

In the course of your activity on the website, we collect and use personal data relating to you, an individual (hereinafter “Data Subject”).

For all the Processing activities, SINEQUA, a simplified joint-stock company organized under French laws, with a share capital of 714 908,83 €, registered with the Paris Trade Companies’ Register under the number 442 599 213 and having its registered offices at 24, rue de la Pépinière – 75008, Paris, France, determines the means and purposes of the Processing. Thus, we act as a Processor, within the meaning of the Regulation on Personal Data, and in particular Regulation (EU) 2016/679 on the protection of individuals with regard to the Processing of Personal Data and on the free movement of such Data.


What Personal Data do we collect, and how?

By using our website or by subscribing to our services, you provide us with a certain amount of information about yourself, some of which may identify you (“Personal Information”). This is the case when you browse our site when you fill in online forms, or simply when you become a customer.

The nature and quality of the Personal Data collected about you will vary depending on the relationship you have with SINEQUA, the main ones being:

  • Identification data: This includes all information that would allow us to identify you, such as your name, first name, and telephone number. We may also collect your e-mail address and your postal address (in case of payment, the postal address will be necessary to generate an invoice).
  • Browsing information: by browsing our website, you interact with it. As a result, some information about your browsing is collected.


Why do we collect your Personal Information, and how?

We collect your Personal Data for specific purposes and on different legal grounds.

On the basis of your consent, your Data is processed for the following purposes:

  • Carrying out commercial and marketing prospecting operations.
  • Management of the newsletter.
  • Management of cookies requiring your consent.

In the framework of the legitimate interest of Sinequa, your Data are processed for the following purposes:

  • Establishment of statistics for the improvement of products and services.
  • Carrying out satisfaction surveys and polls.
  • Management of pre-litigation and litigation.


Do we share your personal data?

Your Data are intended for the authorized Sinequa collaborators in charge of the management and the execution of the contracts and legal obligations, according to the purposes of the collection and within the limits of their respective attributions.

It may be transmitted for certain tasks related to the purposes and within the limits of their respective missions and authorizations to the following recipients:

  • Entities of the SINEQUA Group within the framework of an outsourcing of activity to another entity of the group.
  • Duly authorized public authorities (judicial, control…), in the framework of our legal and regulatory obligations.
  • Regulated professions (lawyers, bailiffs, etc…) who may intervene in the context of the implementation of guarantees, collection or litigation.

When your Data is provided to our service providers and subcontractors, they are also required not to use the Data for purposes other than those originally intended. We make every effort to ensure that these Third Parties maintain the confidentiality and security of your Data.

In all cases, only the necessary Data is provided. We make every effort to ensure the secure communication or transmission of your Data.

We do not sell your Data.


Is your Personal Data transferred to third countries?

Sinequa strives to keep the Personal Data in France, or at least within the European Economic Area (EEA).

However, it is possible that the Data we collect when you use our platform or services may be transferred to other countries. This is for example the case if some of our service providers are located outside the European Economic Area.

In the event of such a transfer, we guarantee that it will be carried out:

  • To a country ensuring an adequate level of protection, i.e. a level of protection equivalent to what the European Regulations require.
  • Within the framework of standard contractual clauses.
  • Within the framework of internal company rules.


How long do we keep your Personal Data?

We retain your Personal Data only for as long as is necessary to fulfill the purpose for which we hold the Data and to meet your needs or our legal obligations.

Retention times vary depending on several factors, such as:

  • SINEQUA business needs.
  • Contractual requirements.
  • Legal requirements.
  • Recommendations from regulatory authorities.

The retention periods for your Data are as follows:

  • Carrying out sales and marketing prospecting operations: Twelve months
  • Newsletter management: Twelve months
  • Managing cookies that require your consent:  Twelve months
  • Establishing statistics for product and service improvement: Twelve months
  • Conducting satisfaction surveys and polls: Twelve months
  • Management of pre-litigation and litigation: Twelve months

How do we ensure the security of your Personal Information?

Sinequa is committed to protecting the Personal Data we collect, or that we process, from loss, destruction, alteration, unauthorized access, or disclosure.

Thus, we implement all appropriate technical and organizational measures, depending on the nature of the Data and the risks that their Processing entails. These measures must preserve the security and confidentiality of your Personal Data. They may include practices such as limited access to Personal Data by persons authorized by their functions, pseudonymization or encryption.

In addition, our practices, and policies and/or physical and/or logical security measures (secure access, authentication process, backup, software, etc.) are regularly reviewed and updated as necessary.


What are your rights?

The GDPR provides Data Subjects with rights that they can exercise. Thus, are provided:

    1. Right to information: the right to have clear, precise, and complete information on the use of Personal Data by Sinequa.
    2. Right of access: the right to obtain a copy of the Personal Data that the Data Controller holds on the applicant.
    3. Right to rectification: the right to have Personal Data rectified if they are inaccurate or obsolete and/or to complete them if they are incomplete.
    4. Right to erasure / right to be forgotten: the right, under certain conditions, to have the Data erased or deleted, unless Sinequa has a legitimate interest in keeping it.
    5. Right of opposition: the right to object to the Processing of Personal Data by Sinequa for reasons related to the particular situation of the applicant (under conditions).
    6. Right to Withdraw Consent: the right at any time to withdraw Consent where Processing is based on Consent.
    7. Right to restriction of processing: the right, under certain conditions, to request that the Processing of Personal Data be temporarily suspended.
    8. Right to Data Portability: the right to request that Personal Data be transmitted in a reusable format that allows it to be used in another database.
    9. Right to Avoid Automated Decision-Making: the right of the applicant to refuse fully authorized decision-making and/or to exercise the additional safeguards offered in this regard.
    10. Right to define post-mortem directives: the right for the applicant to define directives concerning the fate of Personal Data after his/her death.

Additional rights may be granted by the Local Regulations to affected Persons.

To this end, Sinequa has implemented a procedure for the management of individuals’ rights in accordance with the requirements of the applicable Legislation. This procedure establishes:

  • The standards to be respected to ensure the transparent information of the data subject.
  • Legal requirements that must be met.
  • The authorized means of applying for each right, depending on the category of Persons concerned.
  • The business processes for handling these requests in accordance with the above requirements.
  • The stakeholders involved in these processes, their roles and responsibilities.

To exercise your rights, you may contact the Data Protection Officer (DPO): – 24 Rue de la Pépinière, 75008 Paris.

When you send us a request to exercise a right, you are asked to specify as far as possible the scope of the request, the type of right being exercised, the Personal Data Processing concerned, and any other useful information, in order to facilitate the examination of your request. In addition, in case of reasonable doubt, you may be asked to prove your identity.

You also have the right to complain to the Commission Nationale de l’Informatique et des Libertés (CNIL), 3 Place de Fontenoy – TSA 80715 – 75334 PARIS CEDEX 07, about the way in which Sinequa collects and processes your data.


Updating of this policy

This Policy may be updated from time to time to reflect changes in the Personal Data Regulations.

Date of last update 01/09/2023.