Ethics & Data

Our commitments to privacy, consent, and legal compliance (France/EU).

Privacy by Design

We operate under GDPR and CNIL guidance. All processing is purpose-limited, data-minimized, and secured. We do not sell personal data.

Consent Requirements

  • Explicit written consent from the data subject or lawful representatives.
  • Right to withdraw consent at any time, with deletion guarantees.
  • Clear documentation of sources and transformations.

Lawful Basis & Rights

  • Lawful basis: consent and legitimate interest where applicable.
  • Access, rectification, deletion, portability, and objection rights.
  • Data Protection Impact Assessment (DPIA) for sensitive projects.

Security & Retention

  • Encryption at rest and in transit; restricted access.
  • Retention schedules with automatic deletion.
  • Audit trails for all processing events.

Additional Commitments

  • We respect post-mortem directives; otherwise, written agreement from heirs is required.
  • We maintain a processing register and can sign a Data Processing Addendum (DPA).
  • Deletion of data within 72 hours after a validated request.
  • Each deliverable includes an explicit statement that it is AI-assisted.

Contact DPO

For data rights requests, contact our Data Protection Officer at dpo@resurrection-numerique.example.