VIKL Logo

Privacy Policy - VIKL

Discover how VIKL protects your personal data and respects your privacy.

1. Introduction

VIKL is committed to protecting the privacy and personal data of its users, in accordance with the GDPR (EU 2016/679) and the French Data Protection Act.

Last updated: February 2026

2. Data controller

MINDGUARD PROJECT - SIRET: 988 560 009 00017 73 Avenue Foch, 92250 La Garenne-Colombes, France Email: privacy@vikl.ai

3. Data collected

3.1. Contact form

  • Data collected: Name, email (mandatory); Phone, company, subject, message (optional).
  • Legal basis: Consent (form submitted voluntarily).
  • Retention: 3 years after the last contact.

3.2. Newsletter

  • Data collected: Email, date of subscription.
  • Legal basis: Consent (voluntary subscription).
  • Retention: Until unsubscription + 3 years (as proof of consent).

3.3. Cookies

  • Cookies used: i18n_redirected (language preference), secure session cookies (where applicable).
  • Details: See our Cookie Policy.

3.4. User account (VIKL platform)

  • Identification: Last name, first name, email, password (encrypted).
  • Professional information: Company, job title.
  • Usage: Anonymised and encrypted history of actions, user preferences.
  • Billing (paid accounts): Managed by Stripe (PCI DSS certified).
  • Legal basis: Performance of contract (provision of service).
  • Retention: Duration of contract + 5 years (legal obligations).

3.5. Technical data

  • Collected: IP address (anonymised client-side, full server-side before processing), browser, operating system, country/region, pages visited, URLs, referrer, load times, JavaScript errors, server-side dependencies.
  • Tool: Azure Application Insights (Microsoft Ireland Operations Limited).
  • Legal basis: Legitimate interest (security, service improvement, performance monitoring).
  • Retention: 90 days (Application Insights default) to 12 months (Log Analytics workspace configuration).

4. Purposes of processing

PurposeData usedLegal basisRetention period
Responding to requestsContact form dataConsent3 years
Sending newsletterEmailConsentUntil unsubscription
VIKL service (AI)User account dataPerformance of contractDuration of contract + 5 years
Service improvementAnonymised data (logs, usage)Legitimate interest12 months
BillingBilling data (identity, direct debit)Legal obligation10 years (General Tax Code)
SecurityIP addresses, logs, technical cookiesLegitimate interest12 months
Performance monitoring & analyticsTechnical data (anonymised IP, pages, errors, load times)Legitimate interest90 days - 12 months

5. Recipients of data

  • VIKL staff: Support, technical team, management (restricted access).
  • Sub-processors:
    • Microsoft Azure (Ireland): Data hosting (servers in France).
    • Azure Application Insights / Log Analytics (Microsoft Ireland Operations Limited): Site telemetry, performance monitoring and audience analytics (EU servers).
    • Azure Communication Services (Ireland): Sending transactional emails.
    • Stripe (USA): Secure payments (EU-USA contractual guarantees).
  • Authorities: Upon judicial requisition only (police, courts, administrations).

All our sub-processors comply with the GDPR (standard contractual clauses).

6. Transfers outside the EU

Data is hosted within the EU (France/Ireland). Stripe (United States) only processes payment data, with appropriate safeguards (standard contractual clauses).

7. Data security

We implement strict technical and organisational measures:

  • Technical: SSL/TLS encryption (HTTPS), passwords stored using bcrypt, firewall, anti-DDoS protection, daily encrypted backups. 2FA authentication is available.
  • Organisational: Access restricted to staff (principle of least privilege), GDPR training for staff, periodic security audits.

8. Your GDPR rights

You have the following rights:

  • Right of access (Art. 15): Obtain a copy of your data.
  • Right to rectification (Art. 16): Correct inaccurate data.
  • Right to erasure (Art. 17): Delete your data (subject to legal obligations).
  • Right to restriction (Art. 18): Temporarily freeze processing.
  • Right to portability (Art. 20): Receive your data in a usable format (CSV/JSON).
  • Right to object (Art. 21): Refuse processing based on legitimate interest.
  • Right to withdraw consent: Without retroactive effect.
  • Post-mortem instructions: Define what happens to your data after your death.

To exercise your rights, contact us:

  • Email: privacy@vikl.ai
  • Post: MINDGUARD PROJECT - DPO, 73 Avenue Foch, 92250 La Garenne-Colombes

We respond within 1 month (extendable to 3 months if necessary).

9. CNIL complaint

You can lodge a complaint with the CNIL: CNIL - 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 Tel: +33 (0)1 53 73 22 22 | CNIL complaints

10. Retention periods

CategoryDurationJustification
Form data3 years after last contactCustomer relations
NewsletterUntil unsubscription + 3 yearsProof of consent
Active accountDuration of contractPerformance of contract
Closed account5 years after closureLegal obligations
Billing10 yearsGeneral Tax Code
Server logs12 monthsSecurity
Cookies1 to 13 months depending on typeUser comfort and security

11. Minors

Our services are intended for professionals (aged 16 and over). If a minor under the age of 16 has registered in error, please contact us immediately at privacy@vikl.ai.

12. Amendments

This policy may be updated at any time. Users will be notified of substantial changes by email and via our site at least 30 days before they take effect.

13. Contact

For any questions relating to privacy:

  • Email: privacy@vikl.ai
  • Post: MINDGUARD PROJECT, 73 Avenue Foch, 92250 La Garenne-Colombes, France

Last updated: February 2026

© 2026 VIKL. All rights reserved.