Privacy Policy

Data controller

The controller for personal data collected on this website is:

• Galea SAS — 84 rue Marcel Dassault, 92100 Boulogne-Billancourt, France
• RCS Nanterre B 929 476 471 — SIRET 929 476 471 00016
• Contact: contact@phishia.fr

Data collected

We collect the following data only when you actively provide it to us:

• Contact / demo request form: first name, last name, business email, phone (optional), company, job title, free-text message, primary need selected.
• Newsletter signup: email address only.
• Resource downloads: email address and company.
• Technical data: IP address (kept for 12 months), pages visited, traffic source — for aggregated statistical purposes only.

Purposes and legal basis

Purpose	Legal basis (GDPR art. 6)	Retention
Responding to your contact / demo request	Legitimate interest (art. 6.1.f)	3 years after last contact
Sending the newsletter	Consent (art. 6.1.a)	Until unsubscription
Delivery of requested resources	Pre-contractual performance (art. 6.1.b)	3 years after last contact
Anonymised audience measurement	Legitimate interest (art. 6.1.f)	13 months

Recipients & processors

Your data is accessible only to the sales and marketing teams of Galea SAS and to our technical processors:

• OVHcloud SAS (Roubaix, France) — hosting of the site and database. GDPR compliant, ISO 27001 & HDS certified.
• Google Analytics — anonymised audience measurement (anonymised IP, no advertising sharing).
• Sendinblue / Brevo (France) — sending of the newsletter and transactional emails.

No data is transferred outside the European Union.

Your GDPR rights

You have the following rights regarding your personal data at any time:

• Right of access — obtain a copy of the data held
• Right to rectification — correct inaccurate data
• Right to erasure — request deletion of your data
• Right to portability — recover your data in an open format
• Right to object and to restriction of processing
• Right to withdraw consent at any time (newsletter)
• Right to lodge a complaint with the CNIL (www.cnil.fr)

To exercise these rights, contact us at contact@phishia.fr specifying the subject of your request. We respond within 30 days maximum.

Cookies

The website uses two categories of cookies:

• Strictly necessary cookies for the operation of the site (session, CSRF security). They do not require consent.
• Audience measurement cookies from Google Analytics, placed only after your explicit consent. You can refuse them at any time via your browser settings.

No advertising cookies, no commercial profiling cookies, no third-party social network pixels.

Security

Galea SAS applies state-of-the-art technical and organisational measures to protect your data: TLS 1.3 encryption in transit, encryption at rest, strict access control, access logging, continuous staff training, ISO 27001 compliance of the ISMS.

DPO contact

For any question relating to data protection, contact our Data Protection Officer: contact@phishia.fr (subject: "DPO question").

Last updated: 17/06/2026