1. Data Controller
SOLVIX SAS, publisher of the SOLVIX platform, acts as data controller within the meaning of Regulation (EU) 2016/679 (GDPR). The organisation upholds the principles of lawfulness, fairness, transparency, minimisation and security.
2. Data Collected
SOLVIX only collects data that is strictly necessary to deliver its services:
- Professional identification data (name, role, organisation).
- Connection data and technical logs (IP addresses, timestamps, session identifiers).
- Business data entered by the user within the SOLVIX platform.
- Billing and contractual information.
3. Purposes and Legal Bases
Processing carried out by SOLVIX relies on contractual performance, compliance with legal obligations, the legitimate interest of the publisher or the explicit consent of the data subject. No data is used for commercial profiling without prior information.
4. Security and Confidentiality
SOLVIX operates a security programme aligned with the ISO/IEC 27001 and SOC 2 Type II frameworks. Data is encrypted at rest (AES-256) and in transit (TLS 1.3), hosted within the European Union and subject to strict access controls based on the principle of least privilege.
5. Rights of Data Subjects
In accordance with the GDPR, every user enjoys rights of access, rectification, erasure, restriction, portability and objection. These rights may be exercised at any time by email at dpo@solvix.com. SOLVIX undertakes to respond within thirty (30) days at most.
6. Retention
SOLVIX retains data only for the duration strictly required by the purpose pursued, extended by the applicable statutory limitation periods. Beyond this, data is anonymised or securely deleted.
SOLVIX is committed to upholding the highest standards of transparency, security and regulatory compliance. Our policies are continuously audited and aligned with international frameworks including ISO 27001, SOC 2 Type II, GDPR, eIDAS and ENISA guidelines.