Privacy Policy.

Protection of your personal data in accordance with the GDPR.

Data controller

The controller for the personal data collected on this site is:

Brainmood
Represented by Aurore Poilleux, Founder
Email: contact@brainmood.fr
Personal data contact: contact@brainmood.fr

Data collected

In the context of using this site, Brainmood may collect the following categories of data:

  • Contact form: first name, last name, work email, company, role, message
  • Application form: first name, last name, email, phone, CV, cover letter, message
  • Technical data: IP address (only for security and abuse prevention purposes)

Purposes and legal bases

In accordance with Article 6 of the GDPR, your data is processed on the following legal bases:

  • Consent (Art. 6.1.a): when you fill in a contact or application form and tick the consent box
  • Legitimate interest (Art. 6.1.f): site security (abuse prevention, protection against spam)
  • Pre-contractual measures (Art. 6.1.b): processing contact requests with a view to possible support

Data recipients

Your personal data is intended exclusively for the Brainmood team. It is never sold, rented or shared with third parties for commercial purposes.

The following technical sub-processors may have access to your data, strictly within the scope of their services:

  • Vercel Inc. (site hosting): United States, covered by the European Commission Standard Contractual Clauses (SCCs)
  • Resend Inc. (transactional email): United States, covered by Standard Contractual Clauses (SCCs)

Data transfers outside the EU

Some of our technical sub-processors are based in the United States. These transfers are covered by the Standard Contractual Clauses (SCCs) adopted by the European Commission, in accordance with Article 46.2 of the GDPR, ensuring an adequate level of protection for your data.

Retention periods

  • Contact data: 3 years from the last contact
  • Application data: 2 years from reception, unless the candidate opposes
  • Technical data (IP): 12 months maximum

Beyond these durations, your data is deleted or irreversibly anonymized.

Your rights (Articles 15 to 22 of the GDPR)

In accordance with the GDPR, you have the following rights over your personal data:

  • Right of access: obtain confirmation that your data is being processed and receive a copy
  • Right to rectification: have inaccurate or incomplete data corrected
  • Right to erasure: request deletion of your data
  • Right to restriction: restrict the processing of your data
  • Right to portability: receive your data in a structured, readable format
  • Right to object: object to the processing of your data
  • Right to withdraw consent: at any time, without affecting the lawfulness of prior processing

To exercise these rights, send your request to: contact@brainmood.fr

We commit to reply within a maximum of 30 days from receipt of your request.

Complaint to the CNIL

If you consider that the processing of your data does not comply with the regulations, you have the right to lodge a complaint with the French data protection authority (CNIL):

CNIL
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
Phone: +33 1 53 73 22 22
Website: www.cnil.fr

Cookies

This site uses only technical cookies strictly necessary for its operation. No advertising, profiling or tracking cookies are placed.

An information banner is displayed on your first visit to inform you of the use of cookies and to collect your consent, in line with CNIL recommendations.

Your choice (acceptance or refusal) is stored locally in your browser via localStorage. No data is sent to third-party servers.

Engagement confidentiality

Absolute commitment: all information collected during our engagements is strictly confidential.

No individual information is shared with the client company's management without the explicit consent of the person concerned.

Data security

Brainmood implements appropriate technical and organizational measures to protect your personal data against any unauthorized access, alteration, disclosure or destruction:

  • Encryption of communications (HTTPS/TLS)
  • Security headers (CSP, HSTS, X-Frame-Options)
  • Rate limiting
  • Validation and sanitization of all user input
  • Need-to-know access control

Policy updates

Brainmood reserves the right to update this privacy policy at any time. Any update will be published on this page with the date of the last revision.

Last updated: 7 March 2026

Contact

For any question related to the protection of your personal data:
Email: contact@brainmood.fr