Privacy Policy

CyberFlair (https://www.cyberflair.net) helps you assess the reliability of a website. This page explains what data we process, why, and what your rights are.

Last updated : 06/04/2026

1) Introduction

CyberFlair is a service that helps you check the reliability of a website and identify risk signals before signing up, entering personal data, or making a purchase.

2) Data Controller

The data controller is the company:

STUDIUM — SARL

SIREN : 903 101 749 — SIRET : 903 101 749 00013

VAT : FR05903101749

RCS : 903 101 749 R.C.S. Cusset

Contact : --

We have not appointed a DPO. For any questions regarding your data, you can contact us at the address above.

3) Data collected

Depending on your use, we may process the following categories of data:

User account

  • First name / Last name
  • Email
  • Registration via form or Google OAuth (name, email)

Site analyses

  • Tested URL
  • IP address (security, anti-abuse, statistics)
  • Analysis result (summary and scores)

Forms

  • Messages sent via contact / feedback
  • Context data (date/time, origin page)

Statistics & monetization

  • Google Analytics / Google Tag Manager (audience measurement)
  • Google AdSense (advertising)

We do not sell any data. Information is used for the operation, improvement and security of the platform.

4) Purposes & legal bases

Purpose Data concerned Legal basis (GDPR)
Create / manage an account Name, email Performance of a contract (requested service)
Analyze a URL and display a report URL, IP, results Legitimate interest (security, improvement) + performance of the service
Respond to a request (contact/feedback) Message, email, context Legitimate interest
Audience measurement Navigation data (via Google tools) Legitimate interest (statistics) — subject to cookie rules
Advertising (AdSense) Advertising data/cookies Legitimate interest / consent depending on configuration and obligations

Depending on your country and cookie settings, some processing (especially advertising) may require consent.

Go to the "Cookies" page

5) OpenAI (analysis)

The reliability analysis may be assisted by an API (OpenAI). We transmit only information from the tested website (e.g., URL, public content elements, public metadata). No user personal data is sent to OpenAI (name, email, IP, etc.).

We remind you that the analyzed content comes from a public web page. Results are provided for informational purposes and do not constitute proof.

6) Google AdSense / Google Analytics / Google Tag Manager

We use Google services:

  • Google AdSense: to lightly monetize the service.
  • Google Analytics and Google Tag Manager: for statistics and platform improvement.

Important: at this stage, these services may be loaded directly during your navigation. A "Cookies" page will explain in more detail the categories of cookies/trackers and their purposes, as well as a more comprehensive management system.

7) Retention periods

GDPR requires that data be kept for a <span class="font-semibold text-foreground">limited</span> period, proportionate to the purpose. We apply the following durations (subject to change):

User account

Kept as long as the account is active. The user can request deletion from their profile; we execute deletion within 24h after the request (except legal obligations).

Analyses (URL, IP, results)

Retained for statistics, improvement and anti-abuse purposes: up to 24 months, then deleted or anonymized when possible.

Forms (contact/feedback)

Message and exchanges kept for 12 months after last contact, unless extension is needed to handle a dispute.

Newsletter (to come)

Email kept until unsubscription or at most 3 years after last active contact.

Some data may be kept longer when required by law (e.g., accounting obligations) or in case of a dispute, to the extent necessary.

8) Recipients & subprocessors

Data is accessible to:

  • Authorized personnel of STUDIUM (administration and support).
  • Our host Infomaniak (website and database hosting).
  • Technical providers necessary for operation: OpenAI (analysis), Google (Analytics, GTM, AdSense).

Hosting: platform data (including database) is hosted by Infomaniak.

9) Transfers outside the European Union

Some providers (notably Google and OpenAI) may process data from countries outside the European Union. If applicable, these transfers are governed by the mechanisms provided for by the regulations (e.g., standard contractual clauses), according to the terms of these providers.

Important: for OpenAI, we do not send user personal data. The information sent concerns only the tested site (public content).

10) Your rights (GDPR)

In accordance with the GDPR, you have the following rights in particular:

  • Right of access
  • Right to rectification
  • Right to erasure (deletion)
  • Right to object
  • Right to restriction
  • Right to data portability (in certain cases)

To exercise your rights, contact us at --. We may ask you for proof of identity if necessary, to prevent fraudulent disclosure.

11) Security

We implement reasonable technical and organizational measures to protect data: access control, restricted administrator access, and secure communications.

No system is infallible, so we invite you to use a strong password and remain vigilant on your own devices.

12) Cookies

Cookies and similar technologies may be used, especially for audience measurement and advertising (Google).

Go to the "Cookies" page

13) Contact & complaint

For any questions about this policy or your data: --.

If, after contacting us, you believe your rights are not respected, you can lodge a complaint with the CNIL (French supervisory authority).

We use cookies to improve your experience

You can accept or refuse audience measurement and advertising cookies. Necessary cookies (session, security) always remain active. See the Cookies page to refine your choices.

Your choice is stored for approximately 6 months. If the legal texts are updated, we may ask you to choose again.