Privacy Policy

Last updated: February 23, 2026

AccurateCore SAS (hereinafter "AccurateCore", "we", "us") is committed to protecting your personal data. This policy explains what data we collect, why, how we use it, and what your rights are.

1. Data Controller

AccurateCore SAS
20 Rue Drouot, 75009 Paris, France
Paris Trade Register: 100 608 637
contact@accuratecore.com

2. Data We Collect and Why

2.1 Contact Form

When you fill out our contact form, we collect your name, email address, company name, and message content.

• Purpose: responding to your inquiry and commercial follow-up
• Legal basis: legitimate interest (responding to inbound requests)
• Retention: 3 years from the last contact

2.2 User Account (platform customers)

When using the AccurateCore platform, we process your identification data (name, professional email address, organization, role).

• Purpose: account management, authentication, support
• Legal basis: performance of the subscription contract
• Retention: duration of the contract, then 5 years for legal and accounting obligations

2.3 Website Usage Data (analytics)

We measure website traffic using an in-house analytics solution. This tool collects aggregated and anonymized data: pages visited, session duration, device type, country of connection.

• Purpose: improving the website and understanding usage patterns
• Legal basis: legitimate interest
• Cookies: no analytics cookies are set
• Retention: aggregated data retained for 13 rolling months

2.4 Business Data Imported by Customers (platform)

Data you import into the AccurateCore platform (payroll, projects, licenses, etc.) remains your exclusive property. In this context, AccurateCore acts as a data processor under the GDPR, processing such data solely according to your instructions. A Data Processing Agreement (DPA) is available upon request.

3. Data Recipients

We use the following sub-processors, bound by confidentiality and security obligations:

• Brevo (Sendinblue SAS, France) — transactional email delivery (form confirmations, notifications)
• Clerk Inc. (United States) — authentication and user account management. Data transfers to the US are covered by the European Commission's Standard Contractual Clauses (SCCs).
• Hostinger International LTD (Cyprus, EU — data hosted in France) — website and platform hosting

We do not sell or rent your data to third parties. We share your data only with the sub-processors listed above, or when required by law.

4. Cookies

Our website does not use advertising or analytics cookies. Only strictly necessary cookies may be set for site functionality (session management, authentication). These cookies do not require your consent under applicable EU law.

5. Security

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, or alteration: encryption in transit (TLS) and at rest, restricted data access, and access logging.

6. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

• Access: obtain a copy of the data we hold about you
• Rectification: correct inaccurate or incomplete data
• Erasure: request deletion of your data (subject to legal obligations)
• Portability: receive your data in a structured, machine-readable format
• Restriction: restrict processing in certain circumstances
• Objection: object to processing based on legitimate interest

To exercise your rights, contact us at: contact@accuratecore.com. We will respond within one month.

7. Complaints

If you believe our data processing does not comply with applicable regulations, you have the right to lodge a complaint with the French data protection authority (CNIL): www.cnil.fr, or with the supervisory authority in your country of residence.

8. Changes to This Policy

We may update this policy to reflect changes in our practices or applicable regulations. For material changes, we will notify you by email with 30 days' notice.