Last updated: January 28, 2026
The purpose of this privacy policy is to clearly inform you about how Atelier Paul Louis Duranton processes your personal data, in accordance with Regulation (EU) 2016/679 (GDPR).
1) Data Controller
The data controller is:
Paul Louis Duranton (Sole Trader)
11 rue de Villeneuve, 77320 Meilleray, France
Email: contact@atelier-duranton.com
GDPR Contact: rgpd@atelier-duranton.com
2) Data Collected
Depending on your use of the site, we may collect:
- Contact data: first/last name, email, telephone number (if provided), subject, and the content of your message (form / email).
- Technical data: IP address, browser type, operating system, pages visited, date/time, and server logs (security/diagnostics).
- Anti-spam protection data: information required for the operation of Google reCAPTCHA, when enabled on forms.
3) Purposes and Legal Bases
We process your data only for specific purposes and on a valid legal basis.
| Purpose | Data concerned | Legal basis |
|---|---|---|
| Responding to your requests (form / email) | Identity, contact details, message content | Legitimate interest (responding to inquiries) or pre-contractual measures if your request concerns a project/quote |
| Request management (tracking, history) | Identity, contact details, content | Legitimate interest |
| Site security and anti-spam measures | Technical data + anti-bot signals (reCAPTCHA) | Legitimate interest (security) |
| Maintenance and security (logs) | Technical data | Legitimate interest |
4) Contact Forms (Elementor Forms)
When you use a form on the site, the information entered is transmitted to allow your request to be processed.
- Messages are generally sent by email to the configured recipient (e.g., contact inbox).
- Depending on the site configuration, a copy may be kept in the WordPress administration (submission history) or via a connected service (if used).
If you already know that you do not record submissions in WP, I can rephrase this to “no site-side storage.”
5) Data Recipients
Your data is intended for Paul Louis Duranton.
It may be processed by service providers acting as subprocessors, solely to provide their services:
- Hosting: o2switch (France)
- Anti-spam protection: Google reCAPTCHA (Google)
6) Transfers Outside the European Union
The use of certain services (notably Google reCAPTCHA) may involve data transfers outside the EU/EEA. In such cases, providers indicate that they rely on mechanisms recognized by the GDPR (e.g., standard contractual clauses).
7) Retention Periods
We retain your data only for as long as necessary:
- Requests via form/email: processing time, then retention for up to 3 years maximum after the last exchange if the request does not lead to a contract, unless there is a contrary legal obligation or necessity related to litigation.
- Form submissions (if recorded in WordPress): duration strictly necessary for follow-up, then deletion/archiving according to the same principles.
- Technical/security logs: limited duration strictly necessary for security and diagnostics.
8) Cookies and Trackers
The site uses cookies and similar technologies. Details (purposes, durations, services) can be found on the page: Cookie Policy (EU).
9) Your Rights
In accordance with the GDPR, you have the following rights: access, rectification, erasure, restriction, objection, portability (as applicable), and withdrawal of consent when processing is based on consent.
To exercise your rights: rgpd@atelier-duranton.com
We may request proof of identity only if necessary to verify your identity.
You may also lodge a complaint with the competent supervisory authority (in France: the CNIL).
10) Security
We implement appropriate technical and organizational security measures to protect your data (secure hosting, access restriction, updates, etc.).
11) External Links
The site may contain links to third-party sites. If you leave our site, the processing carried out by these services is subject to their own policies.
12) Contact
For any questions regarding this policy: rgpd@atelier-duranton.com
