Privacy Policy

This policy covers this marketing website only. The site does not sell products online, create user accounts, run advertising trackers, or profile visitors. The meaningful data flows are newsletter email, basic hosting logs, privacy-friendly analytics, and small technical browser storage used to keep the interface from being annoying.

1. Controller and contact

The data controller is IAGA SAS (in formation). The company is being incorporated in France; its final registered office, SIREN/RCS, share capital, and VAT details will be added to the legal notice once incorporation is complete. For privacy requests, email info@iaga.tech. This is the privacy contact; no Data Protection Officer is currently appointed or claimed.

2. Newsletter

• What: the email address you submit.
• Purpose: to send occasional IAGA Sentinel updates.
• Legal basis: consent (Article 6(1)(a) GDPR).
• How it works: after you submit the form, we send a confirmation link. We only notify our team after that link is opened. The team then manages the list manually; this website does not maintain a newsletter database or user account.
• Retention: we keep the email until you unsubscribe or ask us to remove it. We may also remove inactive or invalid addresses during list hygiene.

To unsubscribe, reply to any newsletter email or write to info@iaga.tech. Withdrawal does not affect processing that happened before withdrawal.

3. Analytics

We use Plausible Analytics to understand aggregate site usage: page views, referrers, countries, devices, browsers, and similar high-level metrics. Plausible is cookieless, does not use persistent browser identifiers, does not track visitors across sites or devices, and does not build advertising profiles. We rely on legitimate interest (Article 6(1)(f) GDPR) to run these minimal, privacy-friendly statistics so we can improve the website.

4. Technical storage

We do not use advertising cookies or analytics cookies. The website uses local browser storage only for technical interface state:

• iaga_nl in localStorage remembers whether the newsletter popup was dismissed or whether a confirmation email was requested, so we do not keep showing it.
• iaga_nl_shown in sessionStorage remembers that the newsletter popup was already shown during the current visit.

These values are not used for advertising, cross-site tracking, or profiling. They are technical preferences for this site only.

5. Hosting and providers

We rely on a small number of providers and do not sell personal data.

• Railway hosts the website and may process technical hosting data such as IP address, request metadata, and security logs. Railway Corporation is a US company; relevant transfers and processing are covered by Railway's data processing terms and transfer safeguards such as Standard Contractual Clauses where required.
• Resend delivers newsletter confirmation and notification emails. Resend is US-based and states that its DPA includes Standard Contractual Clauses for EU to US transfers. The emails sent by this website are text-only; open and click tracking are disabled in the Resend domain settings.
• Plausible Analytics provides cookieless, aggregate analytics and is hosted in the EU.

6. Your rights

Under the GDPR, you may request access, rectification, erasure, restriction of processing, objection, data portability, and withdrawal of consent. To exercise these rights, email info@iaga.tech.

You may also lodge a complaint with a supervisory authority. Because IAGA SAS is being formed in France, the expected authority is the CNIL (cnil.fr).

7. Changes

We may update this policy from time to time. The date at the top reflects the latest version.