Privacy Policy
Privacy Policy
Effective date: January 2026
Last updated: January 2026
Unstatic Labs (“we”, “us”, “our”) is committed to protecting your privacy. This policy explains how we collect, use, and protect personal data in compliance with the General Data Protection Regulation (GDPR) and French data protection law.
Data Controller
Unstatic Labs
60 rue François Ier
75008 Paris, France
SIREN: 983 982 950
Contact: contact@unstaticlabs.com
What Data We Collect
Website Visitors
When you visit our website, we may collect:
| Data Type | Purpose | Legal Basis |
|---|---|---|
| IP address (anonymized) | Security, analytics | Legitimate interest |
| Browser type and version | Technical compatibility | Legitimate interest |
| Pages visited | Understanding content performance | Legitimate interest |
| Referral source | Understanding traffic sources | Legitimate interest |
Contact Form Submissions
When you submit a contact form, we collect:
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Name | Identify you in correspondence | Contract performance |
| Email address | Respond to your inquiry | Contract performance |
| Message content | Address your inquiry | Contract performance |
| Company name (if provided) | Context for inquiry | Legitimate interest |
Business Clients
When you engage our services, we collect:
| Data Type | Purpose | Legal Basis |
|---|---|---|
| Contact information | Service delivery, invoicing | Contract performance |
| Company details | Contract execution | Contract performance |
| Payment information | Billing | Contract performance |
| Project-related data | Service delivery | Contract performance |
How We Use Your Data
We use personal data for:
- Responding to inquiries – Answering questions submitted via contact forms or email
- Service delivery – Providing consulting and development services to clients
- Business operations – Invoicing, record-keeping, legal compliance
- Website improvement – Understanding how visitors use our site
- Security – Protecting our systems and detecting fraud
We do not:
- Sell your personal data
- Use your data for automated profiling or decision-making
- Send marketing emails without explicit consent
Data Processors (Third Parties)
We use the following third-party services that may process your data:
| Service | Purpose | Location | Privacy Policy |
|---|---|---|---|
| GitHub Pages | Website hosting | USA | Link |
| Formbricks | Contact forms | EU/Self-hosted | Link |
We select processors that provide appropriate data protection guarantees.
Data Retention
| Data Type | Retention Period |
|---|---|
| Contact form submissions | 2 years from last interaction |
| Client project data | Duration of engagement + 5 years (legal requirement) |
| Website analytics | 26 months (anonymized) |
| Invoicing records | 10 years (French legal requirement) |
Data is deleted or anonymized after the retention period unless longer retention is required by law.
Your Rights (GDPR)
Under GDPR, you have the right to:
| Right | Description |
|---|---|
| Access | Request a copy of your personal data |
| Rectification | Request correction of inaccurate data |
| Erasure | Request deletion of your data (“right to be forgotten”) |
| Restriction | Request limitation of processing |
| Portability | Receive your data in a structured, machine-readable format |
| Object | Object to processing based on legitimate interest |
| Withdraw consent | Withdraw consent at any time (where consent is the legal basis) |
How to Exercise Your Rights
Contact us at: contact@unstaticlabs.com
Please include:
- Your name and email address
- Description of your request
- Any information to help us identify your data
We will respond within 30 days of receiving your request.
Complaints
If you believe your data protection rights have been violated, you have the right to lodge a complaint with:
CNIL (Commission Nationale de l’Informatique et des Libertés)
3 Place de Fontenoy
TSA 80715
75334 Paris Cedex 07
France
www.cnil.fr
Cookies
Our website uses limited cookies for essential functionality. See our Cookie Policy for details.
Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encrypted connections (HTTPS/TLS)
- Access controls and authentication
- Regular security reviews
- Secure deletion procedures
No system is 100% secure. If you believe your data has been compromised, contact us immediately at security@unstaticlabs.com.
International Transfers
Some of our service providers (e.g., GitHub) are based in the USA. Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as:
- Standard Contractual Clauses (SCCs)
- Adequacy decisions by the European Commission
- Binding Corporate Rules (where applicable)
Children’s Privacy
Our services are not directed at individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.
Changes to This Policy
We may update this privacy policy from time to time. Changes will be posted on this page with an updated “Last updated” date.
For significant changes, we will provide prominent notice on our website.
Contact
For privacy-related questions or to exercise your rights:
Email: contact@unstaticlabs.com
Address: 60 rue François Ier, 75008 Paris, France