Privacy policy
This page explains how enquiry data from the contact form is handled on this website, which services process it, and how long it should be retained. Review and finalize this policy with your real business identity before launch.
Summary
The contact form is intended for project enquiries. Submitted details are validated on the server, protected with abuse checks, and forwarded by email so a reply can be sent. The form should not be used to send payment card details, government identifiers, health records, or other highly sensitive information.
What I collect
If you use the contact form, I collect the information you enter: your name, email address, business or activity, project message, and budget range. Basic technical data such as request timing, service responses, and abuse-prevention signals may also be processed to keep the form available and secure.
Why I collect it
Your information is used to review your enquiry, reply to you, assess a potential project fit, and protect the form against spam or automated abuse. It is not sold and is not used for unrelated bulk marketing.
How it is handled
Contact submissions are processed by this website, checked with Google reCAPTCHA for abuse prevention, and delivered through Resend email infrastructure. Access to enquiry data should be limited to people who need it to review and respond to your message.
Retention
If a project does not move forward, enquiry emails should generally be deleted within 12 months of the last meaningful contact unless a longer retention period is required for legal, tax, or contractual reasons. Operational logs should be kept short-lived and should not include full message contents in production.
Your rights
You can request access, correction, or deletion of your enquiry data at any time. If GDPR or similar privacy laws apply to your setup, make sure your final legal identity, contact address, and jurisdiction-specific rights language are added before launch.
Privacy Policy - Data Controller
Pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (General Data Protection Regulation - GDPR), and the French Data Protection Act n° 78-17 of 6 January 1978 as amended, the data controller responsible for the processing of personal data carried out in connection with this website is KYNOKU (the Controller). The Controller determines the purposes and means of the processing of personal data implemented through the website. Any request relating to this Privacy Policy, the processing of personal data, or the exercise of data subject rights under Articles 15 to 22 of the GDPR may be addressed to privacy@kynoku.com. The Controller is established at the following address: NICE, FRANCE.
Data Protection Officer (DPO)
Where required or voluntarily appointed, the Data Protection Officer (DPO) may be contacted at the following address: privacy@kynoku.com.
Right to lodge a complaint
Data subjects have the right to lodge a complaint with the competent supervisory authority, namely the French Data Protection Authority (Commission Nationale de l'Informatique et des Libertes - CNIL).
Recommended operational defaults
Enquiry inbox access should be restricted to the site operator and any contractor who actually needs to review new leads.
Production logs should record technical outcomes such as validation failures or delivery errors, but should avoid full message bodies and other unnecessary personal data.
If a lead becomes a client, retention should move under the contract, invoicing, and bookkeeping rules that apply to that business relationship.