Privacy policy – Cordée Authentique

Last updated: 2026-05-31

This privacy policy explains how Cordée Authentique collects, uses, and protects the personal data of users of its services. This service uses artificial intelligence to generate personalized responses. Data processed includes signals derived from your exchanges to adapt the quality of support provided.

1. Data controller

Cordée Authentique
Independent project operated by a natural person
Contact : ai-zi-me@cordee.ovh

Cordée Authentique is currently developed, maintained, and operated by a single person. No data is sold or used for advertising purposes.

2. Personal data processed

Depending on how the service is used, Cordée Authentique may process the following data:

Email address (account creation, contact, support)
Content voluntarily sent by the user (texts, messages, replies)
Technical data and logs:
- IP address (partially or temporarily)
- browser / device type
- technical logs required for operation and security
Configuration or usage data related to the operation of the service

No sensitive data (within the meaning of GDPR) is intentionally collected.

Relational and emotional data derived from usage: estimated emotional state, conversational continuity profile, interaction style preferences. This data is strictly internal and not shared for commercial purposes.

3. Purposes of processing

Data is processed only for the following purposes:

Service operation (access, responses, continuity)
Service improvement and evolution (fixes, quality, stability)
Security and abuse prevention
Simple internal statistics (global usage, without individual profiling)

Cordée Authentique does not engage in advertising profiling.

4. Legal basis

Processing relies on the following legal bases:

User consent (Article 6.1.a GDPR)
Performance of the service / contractual relationship (Article 6.1.b)
Legitimate interest related to security, stability, and service improvement (Article 6.1.f)

5. Data sharing

Personal data:

is neither sold nor rented
is not shared with commercial third parties

Access to data is strictly limited to the operator of the Cordée Authentique project.

Technical providers may intervene only for hosting or infrastructure, without using the data for any other purpose.

6. Artificial intelligence and technical providers

The Cordée service uses artificial intelligence to generate responses. User messages may transit through third-party LLM (Large Language Model) services.

Active technical sub-processors:

Anthropic (United States) — LLM processing for response generation. anthropic.com/legal/privacy. Stripe (United States) — payment and subscription processing. stripe.com/privacy. OVH (France) — data hosting on servers in France (EU).

These sub-processors do not use your data for purposes other than providing their service. No data is transmitted to third parties for advertising purposes.

7. Retention period

Data is retained:

for the time strictly necessary for the purposes described in this policy
or until account deletion
or until the user’s explicit request

Some technical data may be retained temporarily for security or legal reasons.

8. User rights

Under GDPR, each user has the following rights:

right of access to their data
right to rectification
right to erasure (right to be forgotten)
right to restriction of processing
right to data portability
right to object to processing

9. Exercising your rights

To exercise your rights or ask any question relating to personal data, the user may contact:

📧 ai-zi-me@cordee.ovh

A response will be provided within a reasonable time frame, in accordance with applicable regulation.

10. Data security

Cordée Authentique implements reasonable technical and organizational measures to protect data against unauthorized access, loss, or alteration.

11. Policy updates

This privacy policy may be updated to reflect service changes or legal developments. The update date will be revised accordingly.

12. International data transfers

Data is primarily hosted in France (European Union) by OVH.

For LLM processing and payments, certain data may be transmitted to providers established in the United States (Anthropic, Stripe). These transfers are governed by appropriate safeguards (standard contractual clauses, providers' internal policies compliant with international standards).

13. Minimum age requirement

This service is reserved for persons aged at least 16 in the European Union (GDPR). In other countries, the applicable minimum age is that provided by local legislation: 13 in the United States (COPPA), 18 in some countries. If you are aware that a minor has created an account without parental authorization, please contact us at the address in Section 9.

14. Rights of users in the United States (CCPA/CPRA)

If you reside in California or another state with similar laws, you have additional rights:

Right to know: you may request what categories of personal data are collected, used, or disclosed.
Right to delete: you may request the deletion of your personal data.
Right to opt out of sale/sharing: Cordée Authentique does not sell or share your personal data for commercial purposes.
Right to non-discrimination: exercising these rights does not result in any difference in service treatment or quality.

📧 To exercise these rights: ai-zi-me@cordee.ovh