Data & Privacy Policy

Who controls this data?

TIONA acts as the data controller for information submitted through this request form. For privacy questions or GDPR rights requests, use the same TIONA request form and clearly state that your message concerns a privacy request.

Data Nature

By checking the consent box and submitting the form, you declare that the information provided is professional in nature and relates to a legitimate business request.

Please do not submit private consumer information, special-category personal data, or confidential third-party information unless you are authorised and it is strictly necessary.

Data we collect

• Company name
• Work email address
• Phone number
• First name and last name
• Point of Sale or business system name
• SKU volume range
• Request type and submission timestamp
• Technical metadata needed for security and abuse prevention, such as IP address, user agent, and reCAPTCHA verification context
• Consent evidence linked to your email address: policy version (2026-04-16), consent status, and consent timestamp

Why we use it

• To qualify and respond to your request for TIONA
• To contact you for business, commercial, and promotional follow-up related to TIONA
• To organise demos, onboarding, and related sales conversations
• To protect the form and service against spam, fraud, or automated abuse
• To keep an auditable record of consent

Legal basis

The main legal basis for this request flow is your consent, captured through the mandatory checkbox. We also rely on legitimate interest for technical security and anti-abuse controls.

Applicable law and hosting locations

Personal data submitted through this form is handled only under Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR) and French law, including Loi n° 78-17 du 6 janvier 1978 relative à l'informatique, aux fichiers et aux libertés, as amended.

TIONA may use one or more servers operated by its infrastructure or hosting providers, and those servers may be located in different countries depending on provider availability, capacity, resilience, or operational needs at a given time.

How long we keep it

Lead data submitted through this form is retained for up to 1 year in the TIONA lead database from the submission date or the last related business interaction.

For the same purposes, the submitted information may also be relayed in business emails when handling or following up the request. Those operational email copies are kept only as needed for the same purposes, unless a longer legal obligation applies.

Who can receive it

TIONA does not sell submitted lead data.

• TIONA team members and contractors who need the information to process the request and conduct the related commercial follow-up
• Business email recipients involved in the handling of the request when follow-up requires email exchange for the purposes listed above
• External service providers acting as processors or service providers for email delivery and anti-spam protection

International transfers

Some hosting or external providers may process or store data outside your country or outside the European Economic Area. When that happens, TIONA and those providers must rely on the safeguards required by applicable data protection law for the relevant transfer or access scenario.

Your GDPR rights

• Access the data we hold about you
• Rectify inaccurate or incomplete data
• Erase data when no longer needed or when consent is withdrawn, in France.
• Restrict certain processing
• Request portability of the data you provided, in France.
• Withdraw consent at any time for future processing
• Object at any time to commercial or promotional follow-up
• Lodge a complaint with the CNIL (Commission nationale de l'informatique et des libertés)
• Seek a judicial remedy under Articles 78 and 79 GDPR, in France.

How to exercise your rights

Use the same TIONA request form and clearly mention that you are making a privacy request. We may ask for reasonable proof of identity before acting on that request.

If you believe your request was not handled correctly, you may also contact the CNIL.

Security and minimisation

We ask only for the business information needed to qualify a request and secure the form. Access to stored data is restricted, and the form is protected by technical controls including reCAPTCHA, CSRF protection, and rate limiting.

Business disputes and jurisdiction

Because this form is intended only for professional and business-related exchanges, by submitting it you expressly agree that this policy and the handling of data submitted through this form are governed only by the GDPR and French law.

Any dispute relating specifically to this policy or to the handling of data submitted through this form must be brought before the competent courts nearest to or having territorial jurisdiction over the registered office of the company that owns TIONA, in France.