Data Privacy Policy


The purpose of this privacy policy is to present to users of this website the measures relating to the processing of their personal data and to inform them about the way in which their personal data may be collected and processed on the website.


The data controller is the company NOBLURWAY, with the share capital of 20 000 euros, registered in the Trade and Company Register of Pontoise, under the number 513 169 409 and whose head office is located at 18 rue Paul Cézanne à Auvers-sur-Oise (95430). 


First, this data privacy policy is addressed to all users of this website, whether they are simple visitors, prospects, or customers of the data controller.

The Data Controller ensures that only data strictly necessary for the purposes for which they are processed are collected and processed.

  1. The timing of data collection

The data controller is likely to collect the personal data of users:

  • During his visit to the website;
  • During exchanges with the data controller via the website, through the contact form.
  1. The nature of the data collected

The personal data that the data controller collects means information identifying the users personally, such as:

  • Identification data: surname, first names, email address, professional phone number, office, professional postal address;
  • Login data: IP address, connection logs, browser, …
  • Les cookies:

The cookies are text files, usually encrypted, stocked in your navigator. They are created when a user load a website: the website sends information to the navigator which creates a text file. Every time a user comes back on the same website, the navigator loads this text file and send it on the website’ server

Cookies on the website essentially allows:  

  • To load the cookie banner during the first visit of the user, signalling the presence of cookies and the ability for him to accept or refuse them; 
  • To establish statistics and volumes of visits and use of the various elements making up the site (rubrics and visited contents, user course), allowing the data controller to improve the interest and ergonomic of the services.

The user can set his browser to notify him of the presence of cookies and offer to accept them or not. The user can accept or refuse cookies on a case-by-case basis or refuse them once and for all. It is recalled that this setting is likely to modify the conditions of access to the services of the site requiring the use of cookies.  

Cookies are only saved for a maximum period of 13 (thirteen) months.

The choice concerning the refusal or the consent of the Internet user to the deposit of cookies is kept for a period not exceeding six (6) months.

For the management of cookies and choices, the configuration of each browser is different. It is described in the help menu of the Internet user's browser, which will allow them to know how to modify your preferences in terms of cookies.

  1. The purposes of the collection

The personal data users choose to communicate to the controller are intended to ensure:

  • The proper functioning and continuous improvement of the site, its services, its functionalities;
  • Management of requests for contact, information;
  • Management of requests for quotes and subscriptions to products and services;
  • Management of ticket requests;
  • The management of requests for user rights to their data (access, rectification, updating, deletion, etc.);
  • The development of statistics intended to improve the functioning of the site.
  1. Information during collection and consent

When collecting personal data, the data which must be entered will be indicated on the site

In principle, this data will be marked with an asterisk (*).

It is specified that when the user communicates his personal data to the  data controller, in particular by completing the forms made available to him or by sending an email, the user expressly indicates his consent for the collection and use of his data by agreement with the legal rules and those set by this privacy policy.

It should be recalled that in application to point 1 of article 8 of the GDPR and 45 of the Data Protection Act, a minor may consent alone to the processing of personal data regarding the direct offer of services from the age of fifteen (15) years.

When the minor is under the age of fifteen (15), consent will be given by the minor concerned and the holder(s) of parental authority over this minor.

  1. The recipients of the data

Personal data likely to be entered by users may be consulted by:

  • The Controller of data ;
  • Subcontractors of the controller acting in the name and on behalf of the controller, such as the host;
  • Any social networks: if the site uses the "Facebook, Twitter, LinkedIn or Instagram" buttons and the user connects to his personal account opened with this social network, the latter will be able to use the data. The user is invited to read the data privacy policies of these social networks.
  1. The retention periods

Users' personal data are kept for the time necessary for the operations for which they were collected in compliance with the regulations in force and in accordance with the purposes as described in this privacy policy.

Different retention periods may be applied depending on the purpose and the obligations in force, for example :

  • Customer data is kept for the duration of the contractual relationship plus five (5) years after the end of the relationship;
  • Prospect data is kept for a period of three (3) years from the last incoming contact from the user if he is not considered a customer;
  • Accounting data is archived for a period of ten (10) years from the end of the accounting year;
  • Cookies are only kept for a maximum period of thirteen (13) months
  1. Security and confidentiality

The data controller has taken all useful and necessary precautions, in particular physical, logical and organizational security measures, to preserve the security and confidentiality of personal data against any accidental loss, deformation, alteration, any access, use, modification, or unauthorized disclosure.

The data controller requires the same level of security from its service providers and subcontractors and in general from any third-party recipient of the data.

  1. Modality and exercise of the user’s rights

Under the conditions defined by law n ° 78-17 of January 6, 1978 relating to data processing, files and freedoms and General Regulation n ° 2016/679 relating to the protection of individuals with regard to the processing of personal data. personal data and the free movement of such data (or "GDPR"), individuals have a right to:

  • Information or questioning: the data subject has the right to know the purposes and methods of processing their data;
  • Access : the data subject has the right to access the data concerning him or her collected by the Data Controller;
  • Rectification and updating: the data subject can request that their data be modified if they are incorrect, to complete or update them ;
  • Limitation: the data subject may request that their data be limited in the cases provided for and limited by law (Article 18 GDPR);
  • Portability: the data subject has the right to obtain, on a readable medium and in a structured format, all the data concerning him;
  • Erasure (or right to be forgotten): the data subject can ask the data controller to erase the personal data concerning them but only in six (6) cases:
  • the data are no longer necessary for the purposes for which they were collected;
  • the data subject withdraws their consent;
  • the data subject objects to the processing;
  • the personal data have been the subject of unlawful processing;
  • personal data must be respected to comply with a legal obligation;
  • the personal data has been collected as part of the offer of information society services for minors.

Data subjects also have the possibility, for legitimate reasons, to refuse the processing of data concerning them by writing directly to the Data Controller, either to the following postal address: 18 rue Paul Cézanne à Auvers-sur-Oise (95430) or by email to the address:, accompanied by an up-to-date proof of identity.

Furthermore, data subjects have the option of giving general or specific instructions on how their information will be processed and used after their death..

In addition, the law allows data subjects to lodge an appeal with the CNIL in accordance with the procedures indicated on its site ( 

Each user is required to comply with the regulations in force on personal data, the violation of which is punishable by criminal sanctions.

  1. Modification of this data privacy policy

This privacy policy is likely to be modified to consider legislative and regulatory changes and changes in the practice of the controller.

Thus, users are invited to regularly read this data confidentiality policy available on this website.