Privacy policy

1. Data controller

CURSORIO, a French société par actions simplifiée à associé unique (SASU) with share capital of €1,000, registered with the RCS of Cannes under number 913 138 640 (SIREN), with registered office at 21 rue des Muriers, 06110 Le Cannet, France.

Legal representative: the President.
General contact: [email protected]
Data protection contact: [email protected]

2. Data collected and purposes

When you fill in a contact or beta access form, we collect the information you voluntarily provide:

• —Identity (first name, last name)
• —Contact details (email, phone)
• —Professional information (company, vessel, role)
• —Content of your message

This information is used exclusively to process your request, respond to it and, where applicable, send you a commercial proposal. It is never sold or shared with third parties without your explicit consent.

Providing the data marked as mandatory in the form is necessary to process your request. Failing this, we will not be able to respond.

2 bis. Recipients and sub-processors

Data collected via the forms is accessible only to authorised Cursorio personnel.

To operate the site and process your request, we rely on the following sub-processors:

• — Cloudflare, Inc. (United States) — hosting (Cloudflare Pages), anti-bot protection (Cloudflare Turnstile), content delivery network. See §7 on transfers.
• — Google LLC / Google Ireland Limited (EU / United States) — Google Workspace, Cursorio's professional email. Receives form submissions. Transfers governed by Standard Contractual Clauses and EU-U.S. Data Privacy Framework certification.

Cursorio does not sell or commercially transfer your data to any third party.

3. Legal basis

Processing of your data via the contact and beta access forms is based on Article 6(1)(b) GDPR: performance of pre-contractual measures taken at your request.

When you contact us for a non-commercial reason (a question about a published insight, a spontaneous application), we rely on our legitimate interest in replying (Article 6(1)(f) GDPR).

4. Retention period

Your data is kept for the time needed to process your request, and for a maximum of 3 years from our last interaction, unless our commercial relationship leads to a management mandate (in which case the legal retention periods applicable to the maritime and accounting sectors apply).

5. Cookies and trackers

In compliance with article 82 of the French Data Protection Act and EU ePrivacy directive, cursorio.com does not use any cookie requiring prior consent. Only strictly necessary or functional cookies are used:

• — Cookie lang-preference: stores your language choice (FR / EN / IT / ES) if you manually select a language via the switcher. Duration: 1 year. Purpose: avoid re-triggering auto-detection on every visit. User preference cookie, exempt from consent.
• — Cloudflare cookies (notably __cf_bm and cf_clearance): automatically placed by our host Cloudflare for security purposes (anti-bot, anti-DDoS). Short duration, strictly necessary. Exempt from consent.
• — Cloudflare Turnstile: anti-spam protection used on our forms. Does not set any cookie and does not collect any personal identifying data.

No advertising cookies, no third-party tracking cookies, no marketing cookies are placed. If a privacy-friendly analytics solution (Plausible Analytics) is activated in the future, it will also run without cookies and without personal identifier collection.

6. Your rights

Under the GDPR, you have the following rights over your data:

• —Right of access, rectification and erasure
• —Right to restriction of processing
• —Right to object
• —Right to portability
• —Right to withdraw consent at any time

To exercise these rights, contact [email protected]. You may also lodge a complaint with the French supervisory authority, the CNIL (cnil.fr).

No fully automated decision-making, including profiling, producing legal effects or similarly significantly affecting individuals, is carried out on this site.

7. Hosting and security

The site is hosted by Cloudflare Pages. Data transits through the Cloudflare network, primarily via its European points of presence. All communications are encrypted over HTTPS (TLS 1.3). Form data is forwarded to our Cursorio email addresses and is not stored on the site itself.

Cloudflare, Inc. is a U.S. company (San Francisco, California). Transfers of personal data to Cloudflare are governed by the Standard Contractual Clauses adopted by the European Commission (Implementing Decision (EU) 2021/914 of 4 June 2021) incorporated into Cloudflare's Data Processing Addendum. Cloudflare, Inc. is also certified under the EU-U.S. Data Privacy Framework (dataprivacyframework.gov). A copy of the applicable safeguards can be obtained on request from [email protected].