Privacy policy

1. Data controller

CURSORIO, a French société par actions simplifiée à associé unique (SASU) with share capital of €1,000, registered with the RCS of Cannes under number 913 138 640 (SIREN), with registered office at 21 rue des Muriers, 06110 Le Cannet, France.

Legal representative: the President.
General contact: [email protected]
Data protection contact: [email protected]

2. Data collected and purposes

When you fill in a contact or beta access form, we collect the information you voluntarily provide:

• —Identity (first name, last name)
• —Contact details (email, phone)
• —Professional information (company, vessel, role)
• —Content of your message

This information is used exclusively to process your request, respond to it and, where applicable, send you a commercial proposal. It is never sold or shared with third parties without your explicit consent.

Providing the data marked as mandatory in the form is necessary to process your request. Failing this, we will not be able to respond.

2 bis. Recipients and sub-processors

Data collected via the forms is accessible only to authorised Cursorio personnel.

To operate the site and process your request, we rely on the following sub-processors:

• — Cloudflare, Inc. (United States) — hosting (Cloudflare Pages), anti-bot protection (Cloudflare Turnstile), content delivery network. See §7 on transfers.
• — Google LLC / Google Ireland Limited (EU / United States) — Google Workspace, Cursorio's professional email. Receives form submissions. Transfers governed by Standard Contractual Clauses and EU-U.S. Data Privacy Framework certification.

Cursorio does not sell or commercially transfer your data to any third party.

3. Legal basis

Processing of your data via the contact and beta access forms is based on Article 6(1)(b) GDPR: performance of pre-contractual measures taken at your request.

When you contact us for a non-commercial reason (a question about a published insight, a spontaneous application), we rely on our legitimate interest in replying (Article 6(1)(f) GDPR).

4. Retention period

Your data is kept for the time needed to process your request, and for a maximum of 3 years from our last interaction, unless our commercial relationship leads to a management mandate (in which case the legal retention periods applicable to the maritime and accounting sectors apply).

5. Cookies and trackers

In compliance with article 82 of the French Data Protection Act and EU ePrivacy directive, cursorio.com does not set any consent-based cookie without your explicit agreement, collected via the dedicated banner. The following strictly necessary or functional cookies are set in all cases:

• — Cookie lang-preference: stores your language choice (FR / EN / IT / ES) if you manually select a language via the switcher. Duration: 1 year. Purpose: avoid re-triggering auto-detection on every visit. User preference cookie, exempt from consent.
• — Cloudflare cookies (notably __cf_bm and cf_clearance): automatically placed by our host Cloudflare for security purposes (anti-bot, anti-DDoS). Short duration, strictly necessary. Exempt from consent.
• — Cloudflare Turnstile: anti-spam protection used on our forms. Does not set any cookie and does not collect any personal identifying data.
• — Google Analytics 4 (audience measurement and advertising performance): set only if you accept via the consent banner (_ga cookies, maximum duration 13 months). Purposes: measuring site audience and the effectiveness of our campaigns. Your choice, acceptance or refusal, is stored for 6 months and can be changed at any time via the "Cookie settings" link in the footer. Data processed by Google Ireland Ltd; transfers outside the EU covered by the Data Privacy Framework.

Apart from Google Analytics audience measurement, which is subject to your explicit consent, no advertising cookies and no third-party tracking cookies are placed. Declining the banner has no impact on your browsing.

6. Your rights

Under the GDPR, you have the following rights over your data:

• —Right of access, rectification and erasure
• —Right to restriction of processing
• —Right to object
• —Right to portability
• —Right to withdraw consent at any time

To exercise these rights, contact [email protected]. You may also lodge a complaint with the French supervisory authority, the CNIL (cnil.fr).

No fully automated decision-making, including profiling, producing legal effects or similarly significantly affecting individuals, is carried out on this site.

7. Hosting and security

The site is hosted by Cloudflare Pages. Data transits through the Cloudflare network, primarily via its European points of presence. All communications are encrypted over HTTPS (TLS 1.3). Form data is forwarded to our Cursorio email addresses and is not stored on the site itself.

Cloudflare, Inc. is a U.S. company (San Francisco, California). Transfers of personal data to Cloudflare are governed by the Standard Contractual Clauses adopted by the European Commission (Implementing Decision (EU) 2021/914 of 4 June 2021) incorporated into Cloudflare's Data Processing Addendum. Cloudflare, Inc. is also certified under the EU-U.S. Data Privacy Framework (dataprivacyframework.gov). A copy of the applicable safeguards can be obtained on request from [email protected].