Privacy policy
This Site collects some Personal Data from its Users.
We at Byzaneo SAS (“Byzaneo”, “we”, “us”, or “our”) created this Privacy
Policy because we know that you care about how information you provide to
us is used and shared. This Privacy Policy relates to the information
collection and use practices of Byzaneo in connection with our online
services, which are made available to you through our Site located at
h8l.io.
Data Controller and Owner
Section titled “Data Controller and Owner”Byzaneo SAS, 1 rue Guillaume Puy, 84000 Avignon, France.
Owner contact email: privacy@byzaneo.com.
Types of Data collected
Section titled “Types of Data collected”Among the types of Personal Data that this Site collects, by itself or through third parties, there are: email address, password, first name, last name, picture, Cookies and Usage Data.
Complete details on each type of Personal Data collected are provided in the dedicated sections of this Privacy Policy or by specific explanation texts displayed prior to the Data collection. The Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using this Site.
All Data requested by this Site is mandatory and failure to provide this Data may make it impossible for this Site to provide its services. In cases where this Site specifically states that some Data is not mandatory, Users are free not to communicate this Data without any consequences on the availability or the functioning of the service.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Owner. Any use of Cookies, or of other tracking tools, by this Site or by the Owners of third-party services used by this Site serves the purpose of providing the service required by the User, in addition to any other purposes described in the present document and in the Cookie Policy, if available.
Users are responsible for any third-party Personal Data obtained, published or shared through this Site and confirm that they have the third party’s consent to provide the Data to the Owner.
Mode and place of processing the Data
Section titled “Mode and place of processing the Data”Methods of processing
Section titled “Methods of processing”The Data Controller processes the Data of Users in a proper manner and shall take appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of the Data. The Data processing is carried out using computers and IT-enabled tools, following organizational procedures and modes strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessible to certain types of persons in charge, involved with the operation of the Site (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Owner. The updated list of these parties may be requested from the Data Controller at any time.
The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved with the processing are located. For further information, please contact the Data Controller.
Retention time
Section titled “Retention time”The Data is kept for the time necessary to provide the service requested by the User, or stated by the purposes outlined in this document, and the User can always request that the Data Controller suspend or remove the Data.
Use of the collected Data
Section titled “Use of the collected Data”The Data concerning the User is collected to allow the Owner to provide its services, as well as for the following purposes: analytics, registration and authentication, handling payments, communication and transactional emails, interaction with external social networks and platforms.
The Personal Data used for each purpose is outlined in the specific sections of this document.
Detailed information on the processing of Personal Data
Section titled “Detailed information on the processing of Personal Data”Personal Data is collected for the following purposes and using the following services:
Analytics: Google Analytics (Google Inc.)
Section titled “Analytics: Google Analytics (Google Inc.)”Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Site, to prepare reports on its activities and share them with other Google services. Google may use the Data collected to contextualize and personalize the ads of its own advertising network.
- Personal Data collected: Cookies and Usage Data.
- Place of processing: United States, transfer governed by Standard Contractual Clauses (SCC) of the European Commission. See Google’s Privacy Policy and the opt-out tool.
Registration and authentication: Auth0 (Auth0, Inc.)
Section titled “Registration and authentication: Auth0 (Auth0, Inc.)”Auth0 is a registration and authentication service provided by Auth0, Inc. To simplify the registration and authentication process, Auth0 can make use of third-party identity providers and save the information on its platform.
- Personal Data collected: Cookies, email address, first name, last name, password, picture and various types of Data as specified in the Privacy Policy of the service.
- Place of processing: United States, transfer governed by Standard Contractual Clauses (SCC). See Auth0’s Privacy Policy.
Handling payments: Stripe (Stripe Inc.)
Section titled “Handling payments: Stripe (Stripe Inc.)”Stripe is a payment service provided by Stripe Inc. Payment processing services enable this application to process payments by credit card, bank transfer or other means. To ensure greater security, this application shares only the information necessary to execute the transaction with the financial intermediaries handling the transaction.
- Personal Data collected: various types of Data as specified in the Privacy Policy of the service.
- Place of processing: United States, transfer governed by Standard Contractual Clauses (SCC). See Stripe’s Privacy Policy.
Communication and transactional emails: Brevo (Sendinblue SAS)
Section titled “Communication and transactional emails: Brevo (Sendinblue SAS)”Brevo is an email platform provided by Sendinblue SAS, a French company. Byzaneo uses it to send transactional emails and service notifications (onboarding, billing notifications, technical alerts, service communications).
- Personal Data collected: email address, first name, last name, and email usage data (opens, clicks).
- Place of processing: European Union (France). See Brevo’s Privacy Policy.
Interaction with external social networks and platforms
Section titled “Interaction with external social networks and platforms”This type of services allows interaction with social networks or other external platforms directly from the pages of this application. The interaction and information obtained through this application are always subject to the User’s privacy settings for each social network.
- X button and social widgets (X Corp., formerly Twitter, Inc.): Personal Data collected: Cookies and Usage Data. Place of processing: United States, SCC. See X’s Privacy Policy.
- LinkedIn button and social widgets (LinkedIn Corporation): Personal Data collected: Cookies and Usage Data. Place of processing: United States, SCC. See LinkedIn’s Privacy Policy.
Additional information about Data collection and processing
Section titled “Additional information about Data collection and processing”Legal action
Section titled “Legal action”The User’s Personal Data may be used for legal purposes by the Data Controller, in court or in the stages leading to possible legal action arising from improper use of this Site or the related services. The User declares to be aware that the Data Controller may be required to reveal Personal Data upon request of public authorities.
Additional information about User’s Personal Data
Section titled “Additional information about User’s Personal Data”In addition to the information contained in this Privacy Policy, this Site may provide the User with additional and contextual information concerning particular services or the collection and processing of Personal Data upon request.
System logs and maintenance
Section titled “System logs and maintenance”For operation and maintenance purposes, this Site and any third-party services may collect files that record interaction with this Site (system logs) or use for this purpose other Personal Data (such as IP address).
Information not contained in this Privacy Policy
Section titled “Information not contained in this Privacy Policy”More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.
The rights of Users (GDPR)
Section titled “The rights of Users (GDPR)”Under Regulation (EU) 2016/679 (GDPR), Users have the following rights over their Personal Data, which may be exercised at any time by contacting the Data Controller at the address indicated above:
- Right of access (Art. 15): obtain confirmation that data is being processed and receive a copy.
- Right to rectification (Art. 16): have inaccurate or incomplete data corrected.
- Right to erasure (Art. 17): request deletion of data (“right to be forgotten”), subject to Byzaneo’s legal retention obligations.
- Right to restriction of processing (Art. 18): request a temporary suspension of data processing.
- Right to data portability (Art. 20): receive data in a structured, machine-readable format and transfer it to another controller.
- Right to object (Art. 21): object to processing of data on legitimate grounds.
- Right to define post-mortem directives: define instructions for the processing of data after death.
Users also have the right to lodge a complaint with the relevant supervisory authority. In France: Commission Nationale de l’Informatique et des Libertés (CNIL), www.cnil.fr.
This Site does not support “Do Not Track” requests. To determine whether any of the third-party services it uses honor the “Do Not Track” requests, please read their privacy policies.
Changes to this Privacy Policy
Section titled “Changes to this Privacy Policy”The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to its Users on this page. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom. If a User objects to any of the changes to the Policy, the User must cease using this Site and can request that the Data Controller remove the Personal Data. Unless stated otherwise, the then-current Privacy Policy applies to all Personal Data the Data Controller has about Users.
Legal basis for processing
Section titled “Legal basis for processing”Personal data processing carried out by Byzaneo is based on the following legal grounds under Article 6 GDPR:
- Performance of a contract: processing necessary to provide the h8lio Solution (identification data, billing, support).
- Legitimate interest: web traffic analysis (Google Analytics) and system security.
- Consent: non-essential cookies and social network interactions.
- Legal obligation: retention of billing data (statutory period of 10 years).
Definitions and legal references
Section titled “Definitions and legal references”Personal Data (or Data)
Section titled “Personal Data (or Data)”Any information regarding a natural person, a legal person, an institution or an association, which is, or can be, identified, even indirectly, by reference to any other information, including a personal identification number.
Usage Data
Section titled “Usage Data”Information collected automatically from this Site (or third-party services employed in this Site), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Site, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server’s answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit and the details about the path followed within the Site with special reference to the sequence of pages visited.
The individual using this Site, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refers.
Data Subject
Section titled “Data Subject”The legal or natural person to whom the Personal Data refers.
Data Processor (or Data Supervisor)
Section titled “Data Processor (or Data Supervisor)”The natural person, legal person, public administration or any other body, association or organization authorized by the Data Controller to process the Personal Data in compliance with this Privacy Policy.
Data Controller (or Owner)
Section titled “Data Controller (or Owner)”The natural person, legal person, public administration or any other body, association or organization with the right, also jointly with another Data Controller, to make decisions regarding the purposes, and the methods of processing of Personal Data and the means used, including the security measures concerning the operation and use of this Site. The Data Controller, unless otherwise specified, is the Owner of this Site.
This Site
Section titled “This Site”The hardware or software tool by which the Personal Data of the User is collected.
Cookies
Section titled “Cookies”Small piece of Data stored in the User’s device.
Legal information
Section titled “Legal information”This Privacy Policy has been prepared in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR) and the French Law n°78-17 of 6 January 1978 on data processing, files and freedoms (“Loi Informatique et Libertés”), as amended.
This Privacy Policy relates solely to this Site.
Version 2.0 (2026-04-01)