GDPR

Last updated: August 1, 2025

Quark Security, SAS registered with the Paris Trade and Companies Register under number 944 681 725, undertakes to process personal data in strict compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the amended French Data Protection Act.

1. Data Controller

Quark Security
SAS with share capital of €1,000
Head office: 60 rue François 1er, 75008 Paris
📧 contact@quark-security.io

2. Purposes of Processing

Personal data collected by Quark Security are processed exclusively for the following purposes:

  • Management of incoming requests via the contact form
  • B2B commercial prospecting
  • Audience measurement and behavioural analysis on the site
  • Site security and detection of malicious activity
  • Cookie and consent management

3. Categories of Data Collected

  • Identity: last name, first name
  • Contact details: professional email, telephone, company
  • Metadata: IP address, browser, pages visited
  • Technical data: server logs, trackers

4. Legal Basis

Processing is based on the following legal grounds:

  • Explicit consent (marketing cookies, contact form)
  • Legitimate interest (security, B2B prospecting, technical analysis)
  • Legal obligation (accounting and legal retention of commercial exchanges)

5. Recipients

  • Internal Quark Security team authorised to process data
  • Technical processors: hosting provider, CRM, analytics providers
  • No data are transferred to third parties for commercial purposes

All processors are bound by a contractual GDPR compliance commitment.

6. Transfers Outside the EU

Data transfers outside the European Union may take place via certain tools (Google Analytics, Meta, LinkedIn). Such transfers rely on:

  • Standard Contractual Clauses approved by the European Commission, or
  • The Data Privacy Framework (United States)

Data are transferred only where equivalent safeguards are ensured.

7. Retention Period

Data type

Retention period

Contact form data

3 years after last contact

Browsing data (cookies)

Maximum 13 months

Technical data (logs)

12 months

Contractual data

10 years (legal obligation)

8. Rights of Data Subjects

In accordance with Articles 15 to 22 of the GDPR, any data subject has the following rights:

  • Right of access, rectification, erasure
  • Right to restriction or objection to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right to lodge a complaint with the CNIL

📧 To exercise your rights: contact@quark-security.io

9. Data Security

Quark Security implements appropriate technical and organisational measures to ensure the security, integrity, confidentiality and resilience of processing operations:

  • Access control and logging
  • Secure hosting within the EU
  • Internal privacy policy
  • SSL/TLS encryption of web communications

10. Internal Documentation

Quark Security maintains up to date:

  • A record of processing activities (Art. 30 GDPR)
  • An internal data management policy

Follow us

Linkedin-in

Copyright © 2025 Quark Security SAS