Privacy Policy

How we protect your personal data

Data Controller

CryptoSphere SASU
19 rue du Colisée, 75008 Paris, France
DPO contact: contact@cryptops.fr

Data Collected

This website does not collect any personal data automatically. Specifically:

• No cookies are placed
• No analytics or tracking tools are used (no Google Analytics, no Cloudflare Web Analytics)
• No tracking pixels or third-party scripts are loaded
• Fonts are self-hosted locally (no calls to Google Fonts or other external CDNs)

The only data transmitted is inherent to any HTTP exchange: IP address, User-Agent, timestamp. This data is processed by Cloudflare for DDoS protection and content delivery (CDN).

Contact Form

If you contact us through the form, we collect your name, email address, organization and the content of your message. This data is end-to-end encrypted (RSA-4096 + AES-256-GCM) before storage and processed solely to respond to your request, based on our legitimate interest (Article 6.1.f of the GDPR). It is retained for the time necessary to process your request.

Data Security

Contact form submissions are protected by hybrid end-to-end encryption:

• Client-side encryption — Your browser generates a unique AES-256-GCM key per message, encrypts the data, then wraps this key with RSA-OAEP-4096. The server only receives the encrypted blob.
• Opaque transit — The CDN infrastructure transmits and stores data without ever accessing plaintext content. No intermediary holds the decryption key.
• Sovereign decryption — The RSA-4096 private key resides exclusively on sovereign infrastructure under direct CryptoSphere control. Decryption and forwarding via encrypted SMTP channel occur within this isolated environment.
• Zero third-party services — No external provider (form service, transactional email, analytics) has access to plaintext data. The entire processing pipeline operates on our own infrastructure.

Subprocessors

Cloudflare, Inc. (hosting, CDN, DDoS protection) — Data passes through Cloudflare infrastructure. Cloudflare is ISO 27001 certified and participates in the EU-US Data Privacy Framework. Privacy policy: cloudflare.com/privacypolicy

GitHub, Inc. (source code hosting) — The website source code is stored on GitHub. Privacy policy: GitHub Privacy Statement

Transfers Outside the EU

Cloudflare and GitHub are US companies participating in the EU-US Data Privacy Framework. Data transfers are governed by Standard Contractual Clauses (SCC) in accordance with GDPR requirements.

Your Rights

Under the GDPR (EU Regulation 2016/679), you have the following rights:

• Right of access to your personal data
• Right to rectification
• Right to erasure (“right to be forgotten”)
• Right to restriction of processing
• Right to data portability
• Right to object

To exercise these rights, contact us at: contact@cryptops.fr

You may also lodge a complaint with the CNIL (French Data Protection Authority), 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France.

Cookies

This website does not place any cookies. No consent banner is therefore required.

Cloudflare may use a technical cookie (__cf_bm) strictly necessary for bot protection. This cookie is exempt from consent in accordance with CNIL guidelines (cookie strictly necessary for service operation).

Changes

This policy may be updated at any time. The current version is the one published on this page. Last updated: March 2026.