Privacy policy

1. Introduction

This privacy policy aims to inform users of the Tidecut platform about how their personal data is collected, used and protected, in accordance with the General Data Protection Regulation (GDPR).

2. Data controller

Company name : SARL RIOU STICHELBAUT (POLARYSE)
Address : 40 avenue de la perrière, 56100 Lorient
Contact email address : contact@polaryse.com

3. Collected data

• Identification data: last name, first name, email address, login credentials
• Professional data: company, user role
• Content uploaded to the platform: photos, videos, files and associated metadata
• Technical data: IP address, connection logs, browser and device information
• Data resulting from AI image analysis (keywords, descriptive tags)

4. Purpose of processing

• Provide and manage the digital asset management (DAM) platform
• Store, organize, search and share multimedia content
• Enable keyword search based on image analysis
• Ensure the security, maintenance and improvement of the service
• Manage user accounts and access rights
• Respond to support requests

5. Image analysis by artificial intelligence

The platform includes an image analysis feature powered by artificial intelligence.

This analysis is not performed automatically and is triggered only after an explicit action by the user on a selected folder.

The analysis results take the form of descriptive keywords (in English) that help improve content search. These results are generated automatically and may contain inaccuracies.

6. Legal basis for processing

• Performance of the contract between the user and the platform publisher
• The publisher’s legitimate interest in ensuring the security and proper operation of the service
• The user’s consent where required, in particular for certain cookies

7. Data recipients

Data is accessible only to authorized persons within the publishing company and to technical service providers involved in hosting and data storage.

The services used include Amazon Web Services (AWS) for application hosting and the database, as well as Wasabi Technologies, Inc. for multimedia file storage.

8. Data transfers outside the European Union

Some data may be hosted or processed outside the European Union. Such transfers are governed by appropriate safeguards in accordance with the GDPR, including standard contractual clauses approved by the European Commission.

9. Retention period

Personal data is kept for the duration of the contractual relationship, then deleted or anonymized, unless otherwise required by law.

10. Data security

Appropriate technical and organizational measures are implemented to ensure the security, confidentiality and integrity of data, including access control, encryption and infrastructure security.

11. User rights

In accordance with applicable regulations, users have the right to access, rectify, erase, restrict, object to and port their data.

These rights may be exercised at any time by contacting the publisher at the following address: [email]

12. Cookies

The platform uses cookies necessary for its operation and, where applicable, non-essential cookies. For more information, users are invited to consult the cookie policy.