Privacy policy
Last updated · April 2026
Introduction
This privacy policy describes how Narok (https://narok.fr), a simplified joint-stock company (SAS) with a share capital of €12,000, registered with the Paris Trade and Companies Register under number 992 602 599, with its registered office at 60 Rue François 1er, 75008 Paris, France, collects, processes and protects the personal data of site users. It applies to anyone consulting the site or interacting with its features.
Data collected
Narok collects the following data: — Contact form: full name, email address, organisation, role, intended scope and freely described context. — Anonymised navigation data: pages visited, session duration, browser type, country of origin — collected via OpenPanel, a self-hosted, cookieless analytics tool. No full IP address is stored.
Purposes of processing
The data collected is used exclusively to: — Handle and respond to contact and quote requests. — Manage the technical operations of the site. — Analyse traffic and improve the user experience (anonymised data). — Ensure site security and prevent unauthorised access. No data is used for advertising, commercial profiling, or transferred to third parties without explicit consent.
Legal basis for processing
Processing is based on the following legal grounds under Article 6 of the GDPR: — Contract performance: handling contact and quote requests. — Legitimate interests: site security, anonymised audience measurement, service improvement. — Consent: where a specific legal basis is required.
Retention periods
— Contact form data: retained for a maximum of 12 months from the last exchange, then deleted or irreversibly anonymised. — Navigation data: retained for a maximum of 13 months in line with CNIL recommendations, then deleted.
Data recipients
Personal data is reserved for the exclusive use of Narok and its technical service providers necessary for the operation of the site. It is never shared for commercial purposes. Any subcontractors are contractually bound to confidentiality and may only use data for the purposes for which it was provided.
Hosting and security
The site is hosted on servers operated by OVH SAS — 2 rue Kellermann, 59100 Roubaix, France (RCS Lille Métropole 424 761 419 00045), an ISO 27001-certified, GDPR-compliant provider. Traffic is exposed and secured via Cloudflare, Inc. — 101 Townsend St., San Francisco, CA 94107, USA. Cloudflare provides DDoS protection, a web application firewall (WAF) and content delivery (CDN). As such, visitor IP addresses transit through Cloudflare's servers. Cloudflare is subject to the European Union's standard contractual clauses for transfers of data outside the EEA. Appropriate technical and organisational measures are implemented to ensure the confidentiality, integrity and availability of data.
Cookies and audience measurement
The Narok site uses no advertising or commercial tracking cookies. One strictly necessary technical cookie is set: — NEXT_LOCALE: stores your language preference. Duration: 12 months. Never shared with third parties. Audience measurement is handled by OpenPanel, a self-hosted, cookieless solution. No persistent identifier is created and all collected data is anonymised.
User rights
Under the GDPR and the French Data Protection Act, you have the following rights: — Right of access — Right of rectification — Right to erasure (right to be forgotten) — Right to restriction of processing — Right to object — Right to data portability To exercise these rights: [email protected]. We will respond within 30 days. If you remain unsatisfied, you may lodge a complaint with the CNIL: https://www.cnil.fr.
Policy updates
Narok reserves the right to modify this policy at any time, in particular to comply with new legal or regulatory requirements. Any substantial changes will be communicated via a notice on the site.
Contact
For any question regarding this policy or the protection of your personal data: [email protected]