Skip to main content
View ↗
Approach
FR

Customise display

Quick profiles

Text size

Text spacing

Line height

Display

Colour saturation

Motion

Text alignment

Panel position

Privacy

Cloudflare Web Analytics, no cookies or profiling. Disable here.

← Home

Privacy

Privacy Policy

Site : florianbeaufils.com  ·  Established on 17 April 2026  ·  Last revised : 21 May 2026

In short

This site collects almost nothing about you. No cookies, no advertising pixels, no third-party profiling tools, no forms. The only personal data I receive is your email address and message content when you voluntarily write to me via the contact link.

Anonymous audience measurement is performed via Cloudflare Web Analytics: cookieless, no IP address stored, no fingerprinting, no cross-site profile, and switchable off at any time from the comfort panel (under "Privacy").

Your browsing on this site is private. The technical and legal details that follow are provided for transparency and GDPR compliance purposes.

Contents

    Data controller

    In accordance with Article 4.7 of the General Data Protection Regulation (Regulation EU 2016/679, hereafter "GDPR") and the French Data Protection Act (loi n° 78-17 of 6 January 1978 as amended), the data controller for personal data collected on the site florianbeaufils.com is:

    Name Florian Beaufils, sole trader
    SIRET (FR) 987 477 924 00011
    Address 46 rue Lucien Faure, 33300 Bordeaux, France
    Contact contact@florianbeaufils.com

    As a sole trader operating under the French micro-enterprise regime, I am not required to appoint a Data Protection Officer (DPO). I am my own point of contact for any question relating to personal data.

    General principles

    Personal data processing on this site is based on the following principles, in accordance with Article 5 of the GDPR:

    • Lawfulness, fairness and transparency: processing activities are based on a clear legal ground, documented in this policy.
    • Purpose limitation: data is used only for the purposes explicitly described below.
    • Data minimisation: only data strictly necessary for each purpose is collected.
    • Accuracy: inaccurate data may be rectified upon request.
    • Storage limitation: data is retained for a period proportionate to its purpose.
    • Integrity and confidentiality: data is protected by appropriate technical and organisational measures.

    Data collected and processing activities

    The site carries out three distinct personal data processing activities, described below. No other processing is carried out.

    Processing no. 1 — Contact by email

    Purpose: to allow visitors to contact me for professional enquiries, collaboration proposals, quote requests, or feedback on the site.

    Legal basis: legitimate interest of the data controller (Article 6.1.f GDPR) in receiving and handling professional solicitations, combined with the voluntary action of the sender who initiates contact.

    Data collected:

    • Sender's email address
    • First and last name (if included in the message or signature)
    • Content of the message sent
    • Technical metadata (date, subject, originating server)

    Collection method: exclusively via mailto: links on the site. The site has no contact form. The visitor uses their own email client to send the message.

    Retention period: messages are retained in my inbox for the time needed to process them, then archived or deleted based on their relevance. The maximum retention period is 3 years from the date of last contact, in line with CNIL recommendations for managing client and prospect relationships.

    Recipients: only the data controller (Florian Beaufils) accesses the messages. Messages transit and are stored via the following technical services: Infomaniak Network SA (kMail inbox hosted in Switzerland) and Apple Inc. (Mail client on macOS/iOS for local consultation). See the "Sub-processors and transfers" section for details.

    Processing no. 2 — Accessibility and display preferences

    Purpose: to remember your personal preferences (text size, spacing, high contrast, light/dark theme, etc.) so they can be restored on your next visits to the site.

    Legal basis: legitimate interest of the data controller (Article 6.1.f GDPR) in providing an accessible and consistent user experience. Local storage does not require prior consent as it is strictly necessary to provide a service explicitly requested by the user (CNIL deliberation no. 2020-091).

    Data collected: only your personalisation choices (e.g. text size = "Large", high contrast = enabled). No personally identifying data is linked to these preferences.

    Collection method: local storage in your browser via the localStorage API. The data never leaves your device and is not transmitted to any server, including mine.

    Retention period: until you manually delete it (via the reset button in the comfort panel, or via your browser settings).

    Recipients: none. The data remains exclusively on your device.

    Processing no. 3 — Anonymous audience measurement (Cloudflare Web Analytics)

    Purpose: to measure aggregate traffic on the site (most-visited pages, country of origin at national level, technical Core Web Vitals) in order to guide future updates and detect potential performance issues.

    Legal basis: legitimate interest of the data controller (Article 6.1.f GDPR) in understanding aggregate site usage. In accordance with CNIL deliberation no. 2020-091 of 17 September 2020, this measurement falls within the consent exemption for strictly necessary audience trackers, as the mechanism is cookieless, does not enable cross-site tracking and offers a straightforward opt-out (see below).

    Data collected:

    • URL of the page visited and referrer URL
    • Country of origin (national level, derived server-side)
    • Device type, browser and operating system (aggregated)
    • Technical performance indicators (Core Web Vitals)

    What is not collected: no cookie is set in your browser, no IP address is stored by Cloudflare in the reports, no fingerprinting is computed, and no cross-site user profile is built.

    Collection method: a lightweight script (beacon.min.js) is loaded from static.cloudflareinsights.com only when measurement is not disabled by the user. This script sends a minimal beacon to Cloudflare on each page load.

    Opt-out: measurement can be turned off at any time from the comfort panel (under "Privacy", toggle "Audience measurement"). Once disabled, no Cloudflare Web Analytics script is loaded on subsequent visits. The preference is stored locally via localStorage.

    Retention period: audience reports are retained by Cloudflare in line with its policy (typically six months for detailed data, aggregated beyond that).

    Recipients: only the data controller (Florian Beaufils) accesses the audience reports via the Cloudflare dashboard. See the "Sub-processors and transfers" section.

    What is not collected

    In the interest of transparency and as part of a sustainable digital design approach, the site does not use the following:

    • No cookies (whether for advertising, tracking or audience measurement).
    • No third-party behavioural analytics tools (no Google Analytics, Matomo, Plausible, Hotjar, or equivalent). The audience measurement described in processing no. 3 (Cloudflare Web Analytics) is cookieless, free of fingerprinting, and can be switched off from the comfort panel.
    • No advertising tracking pixels (Meta Pixel, LinkedIn Insight Tag, etc.).
    • No social media integrations via widgets or share buttons (links to LinkedIn are plain HTML links, without any third-party script).
    • No web fonts loaded from an external CDN (no Google Fonts, no Adobe Fonts).
    • No collection forms (newsletter, contact, registration).
    • No advertising.
    • No individual user journeys or profiling: the audience measurement described in processing no. 3 is strictly aggregated and anonymous (no user identifier, no session reconstruction, no path tracking).

    Only minimal technical logs and aggregated, anonymous audience indicators are collected by the hosting provider (Cloudflare), for security, performance and overall traffic-understanding purposes. See the next section.

    Sub-processors and international transfers

    The technical operation of the site requires the use of sub-processors within the meaning of Article 28 of the GDPR. Each is listed below with its purpose, location, and the applicable safeguards for transfers outside the European Union.

    Cloudflare, Inc. — Hosting, CDN, DNS and audience measurement

    Company Cloudflare, Inc.
    Registered office 101 Townsend Street, San Francisco, CA 94107, United States
    Purpose Static hosting (Cloudflare Pages), global Edge content delivery, DNS management, DDoS mitigation, technical logging, anonymous audience measurement (Cloudflare Web Analytics, cookieless)
    Data processed IP address, user-agent, URL visited, timestamp (standard technical logs, used for security and abuse mitigation); for audience measurement: URL and referrer, country of origin, device type, browser, OS, Core Web Vitals (no IP stored in reports, no cookie, no fingerprinting)
    Retention Technical logs: typically 30 days, per Cloudflare's policy. Web Analytics reports: typically 6 months for detailed data, aggregated beyond that.
    Location Global Edge network; European visitors are served primarily from European nodes (Paris, Frankfurt, Amsterdam, etc.)
    Transfer basis Data Privacy Framework (DPF) — Cloudflare is certified — and European Commission Standard Contractual Clauses (SCCs)
    Policy cloudflare.com/privacypolicy

    Infomaniak Network SA — Domain registrar and email hosting

    Company Infomaniak Network SA
    Registered office Rue Eugène-Marziano 25, 1227 Les Acacias (Geneva), Switzerland
    Purpose Registration and renewal of domain names (florianbeaufils.com and .fr); hosting of the email inbox (kMail) used to process messages received via mailto: links
    Data processed Domain holder identity and contact details (WHOIS), masked from the public by default (Domain Privacy); for email: sender's email address, message content, technical metadata (date, subject, originating server)
    Retention Email messages retained per the data controller's policy (see processing no. 1), with a maximum retention of 3 years from the date of last contact
    Location Switzerland — data stored exclusively in Infomaniak's Swiss datacenters
    Transfer basis European Commission adequacy decision (2000/518/EC) — no specific mechanism required
    Policy infomaniak.com/en/cgv/privacy-policy

    Apple Inc. — Mail client (macOS/iOS)

    Company Apple Inc.
    Registered office One Apple Park Way, Cupertino, CA 95014, United States
    Purpose Local consultation of messages on my personal devices
    Data processed Message content downloaded from Infomaniak (kMail) via IMAP protocol
    Transfer basis Data Privacy Framework (DPF) — Apple is certified. Messages are stored locally on the device.
    Policy apple.com/legal/privacy/en-ww

    Transfers outside the European Union

    Among the sub-processors listed above, Infomaniak Network SA is a Swiss company. Transfers of data to Switzerland are covered by the European Commission adequacy decision of 26 July 2000 (2000/518/EC): no specific transfer mechanism is required.

    Cloudflare, Inc. and Apple Inc. are American companies. Transfers of personal data to the United States are governed by the Data Privacy Framework (DPF), adopted by the European Commission by adequacy decision of 10 July 2023, to which both companies adhere. This framework provides guarantees considered equivalent to those of the GDPR for transferred data.

    Cookies and local storage

    The site sets no cookies on your browser, neither directly nor through third-party services.

    Local storage (localStorage)

    The site uses only the browser's localStorage API to remember your accessibility and display preferences. This technology is distinct from cookies: the data stays exclusively on your device, is not transmitted to any server, and cannot be used for cross-site tracking.

    The storage keys used are as follows:

    • theme-preference: chosen theme ('light' or 'dark')
    • comfort-preferences: a JSON object containing all comfort panel settings (text size, spacing, line height, high contrast, alignment, saturation, cursor, etc.)

    You can delete this data at any time via the reset button in the comfort panel, or via your browser settings (clear site storage).

    Legal basis for local storage

    In accordance with CNIL deliberation no. 2020-091 of 17 September 2020, trackers strictly necessary for the provision of a service explicitly requested by the user (here, accessibility personalisation) are exempt from prior consent. No cookie banner is therefore required on this site.

    Your rights

    In accordance with Articles 15 to 22 of the GDPR and Articles 48 to 56 of the French Data Protection Act, you have the following rights over any personal data I hold about you:

    • Right of access (Article 15 GDPR): to obtain confirmation that data about you is being processed, and to receive a copy.
    • Right to rectification (Article 16 GDPR): to obtain correction of inaccurate or incomplete data.
    • Right to erasure (Article 17 GDPR, "right to be forgotten"): to obtain deletion of data in the cases provided for by the regulation.
    • Right to restriction of processing (Article 18 GDPR): to obtain a temporary freeze on the use of your data in certain cases.
    • Right to data portability (Article 20 GDPR): to receive your data in a structured, commonly used and machine-readable format.
    • Right to object (Article 21 GDPR): to object, on grounds relating to your particular situation, to processing based on legitimate interest.
    • Right to give post-mortem instructions (Article 85 of the French Data Protection Act): to define what happens to your data after your death.

    How to exercise your rights

    To exercise any of these rights, simply send a request by email to contact@florianbeaufils.com specifying:

    • The right you wish to exercise
    • The email address from which you may have contacted me
    • Proof of identity if necessary to confirm the request comes from you

    I commit to responding to your request within a maximum of one month from receipt, in accordance with Article 12.3 of the GDPR. This deadline may be extended by two months for complex requests, in which case you will be notified.

    Right to lodge a complaint

    If you believe, after contacting me, that your rights are not being respected, you may lodge a complaint with the French data protection authority (CNIL):

    • By post: CNIL — 3 place de Fontenoy, TSA 80715, 75334 Paris CEDEX 07, France
    • Online: cnil.fr/fr/plaintes

    Security measures

    The following technical and organisational measures are implemented to protect personal data, in accordance with Article 32 of the GDPR:

    • Encrypted communications: the entire site is served over HTTPS via the Universal SSL TLS certificate provided by Cloudflare (renewed automatically). TLS 1.3 minimum, TLS 1.0 and 1.1 disabled.
    • Two-factor authentication enabled on the Infomaniak (kMail) and Apple accounts used to access messages.
    • No personal database: as the site is static, no personal data is stored in a database.
    • Restricted access: only the data controller accesses received messages.
    • Regular updates of operating systems and software used to access data.

    Data of minors

    This site is intended for a professional adult audience (recruiters, clients, prospects, collaborators). It is not designed or directed at minors under 15 years of age.

    No active collection of data concerning minors is carried out. If a minor wishes to contact me by email, it is noted that, in accordance with Article 8 of the GDPR and Article 45 of the French Data Protection Act, the consent of their legal representatives is required for the processing of their personal data below the age of 15.

    Sensitive data

    The site collects no sensitive data within the meaning of Article 9 of the GDPR, namely: data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a person's sex life or sexual orientation.

    Visitors are advised not to voluntarily transmit such data in their messages.

    Policy updates

    This privacy policy may be updated to reflect legal, technical or functional changes to the site. The date of last update appears at the top of this page.

    Visitors are invited to check this page regularly. In the event of a substantial change (new purpose, new sub-processor, new international transfer), a visible notice will be displayed on the home page for a reasonable period.

    Applicable law

    This privacy policy is governed by French law and the GDPR. In the event of a dispute, and in the absence of an amicable settlement, the French courts shall have sole jurisdiction.

    Contact

    For any question relating to this policy or to your personal data:

    Data controller

    Florian Beaufils
    46 rue Lucien Faure, 33300 Bordeaux, France
    contact@florianbeaufils.com

    Last updated: 21 May 2026.

    Still there?

    ← Back to home

    Aesthetics, usefulness and justice.

    → LinkedIn → Mail

    Approach · Legal notice · Privacy policy · Accessibility statement · Colophon · Sitemap

    Designed and developed by Florian Beaufils

    © Florian Beaufils 2026