KHARONBRIDGE - CGU & CGV

Data confidentiality

The present document describes the procedures for collecting, processing and protecting the personal data of users of the KharonBridge site, in compliance with the applicable rules of confidentiality and security.

Version 2.0 Last update : January 2026

The purpose of this privacy policy is to explain in a clear and transparent manner how KharonBridge collects, uses and protects the personal data of users in the context of their interaction with the site and, at this stage, their voluntary registration on the project waiting list. KharonBridge is a digital project founded on the values of respect, discretion and privacy. The confidentiality of personal data is an essential principle, in keeping with the intimate and personal nature of the services offered.

Personal data is processed in accordance with applicable regulations, in particular the General Data Protection Regulation (RGPD), as well as the General Conditions of Use and Sale (CGUV).

1. Purpose

The purpose of this privacy policy is to inform users of the KharonBridge website of the conditions under which their personal data is collected, processed and protected in the context of voluntary registration on the project waiting list, in accordance with the provisions of the General Data Protection Regulation (GDPR) and the General Conditions of Use and Sale (GCUV).

2. Data controller

The purpose of this privacy policy is to inform users of the KharonBridge website about the collection, processing and protection of their personal data.

The data controller is :

DFOA Consulting Lda,

operating the service under the trade name KharonBridge.

Contact: [email protected]

3. Personal data collected

3.1 Registration on the waiting list

At this stage of project development, KharonBridge collects only the following personal data:

  • e-mail address ;
  • country of residence.

3.2 Creating and using a user account

  • e-mail address ;
  • country of residence.
  • login details ;
  • data related to account use, such as account settings, connection history or user preferences; ;
  • content voluntarily provided by the user as part of the use of the services (in particular letters, texts, images, photos, videos or other elements deposited on personal spaces).

No banking data is collected directly by KharonBridge. Payments, where they exist, are processed exclusively by third-party payment service providers in accordance with the CGUV. No sensitive data within the meaning of the RGPD (health data, political opinions, religious beliefs, etc.) is intentionally collected.

4. Purposes of processing

4.1 Waiting list management

The data collected when registering on the waiting list is used to :

  • keep users informed of developments in the KharonBridge project; ;
  • send out occasional information or newsletters directly linked to the project.

4.2 Creating and managing user accounts

The data collected during the creation and use of a user account is used in order to :

  • enable user account creation, authentication and management; ;
  • ensure access to the services and functionalities offered on the platform; ;
  • manage account settings, preferences and access security ;
  • prevent, detect and deal with security incidents, unauthorized access, abuse or fraud.

4.3. Service provision and content management

The data and content voluntarily provided by the user are processed in order to :
  • enable the use of services offered by KharonBridge, in particular the creation and management of personal memory and transmission spaces; ;
  • ensure the technical hosting, preservation and display of content submitted by the user, in accordance with the CGUV ;
  • guarantee the confidentiality and protection of content, within the limits of applicable regulations.

4.4 Legal and regulatory obligations

Some data may be processed in order to :
  • comply with applicable legal and regulatory requirements; ;
  • respond to requests from the competent authorities; ;
  • defend the rights and interests of KharonBridge in the event of litigation.
Under no circumstances will personal data be used for external commercial prospecting, targeted advertising or resale to third parties.

5. Legal basis for processing

The processing of personal data implemented by KharonBridge is based on the following legal bases, in accordance with Article 6 of Regulation (EU) 2016/679 (RGPD), depending on the nature of the processing concerned:

5.1. User consent

The processing of personal data collected as part of waiting list registration, as well as the sending of project-related information communications or newsletters, is based on the user's explicit consent (Article 6.1.a of the RGPD).

Users may withdraw their consent at any time, without justification.

5.2 Performance of contract or pre-contractual measures

The data processing necessary for the creation and management of the user account, access to the services offered on the platform, and the hosting and management of content provided by the user, is based on the execution of the General Terms of Use and Sale (CGUV) or pre-contractual measures taken at the user's request (Article 6.1.b of the RGPD).

5.3. Legal obligation

Some data may be processed to enable KharonBridge to comply with its legal and regulatory obligations, in particular with regard to retention, security or cooperation with the competent authorities (Article 6.1.c of the RGPD).

5.4 Legitimate interest

KharonBridge may also process certain personal data on the basis of its legitimate interest (Article 6.1.f of the GDPR), in particular in order to:
  • guarantee the security of the platform and user access; ;
  • prevent, detect and deal with abuse, fraud or technical incidents ;
  • defend the rights and interests of KharonBridge in the event of litigation.
In this context, KharonBridge ensures that its legitimate interests do not infringe the fundamental rights and freedoms of users.

6. Data storage and security

KharonBridge implements a structured data security policy, based on recognized technical standards and adapted to the sensitive nature of the information processed on the platform.

Personal data is hosted on secure, professional infrastructures, operated by recognized cloud service providers, with protection mechanisms that comply with best practices in terms of security, confidentiality and resilience of information systems.

Access to data is strictly controlled and limited to the technical services responsible for managing the platform, and only to the extent necessary to operate, maintain and secure the service. Access control, logging and incident management mechanisms are in place to prevent unauthorized access and detect any anomalies.

KharonBridge applies internal procedures to guarantee the confidentiality, integrity and availability of personal data, in accordance with the requirements of the RGPD and generally accepted standards in the digital services sector.

In the event of a security incident or breach of personal data that may pose a risk to the rights and freedoms of users, KharonBridge will immediately implement the appropriate corrective measures and, if necessary, make the notifications required by the applicable regulations.

7. Shelf life

Personal data collected by KharonBridge is kept for periods strictly proportionate to the purposes for which it is processed, in accordance with the principles of the General Data Protection Regulation (GDPR).

The applicable retention periods are determined according to the categories of data and uses concerned, as follows:

7.1. Waiting list data

  • withdrawal of user consent; ;
  • voluntary withdrawal from the waiting list; ;
  • or, if necessary, the removal of the waiting list linked to the evolution of the project.

7.2. User account data

Personal data associated with a user account is kept for as long as the account is active.

In the event of deletion of the account at the user's initiative or closure in accordance with the CGUV, the data is deleted or anonymized within the deadlines specified in the CGUV, subject to applicable legal retention obligations.

7.3. User-provided content

Content voluntarily submitted by the user in the course of using the services (in particular letters, texts, images, photos, videos or other personal items) is retained for as long as the user account remains active.

In the event of account deletion, such content is permanently deleted, subject to legal or regulatory obligations that may require limited retention for evidential or security purposes.

7.4. Technical data and logs

Certain technical data (such as connection logs, security data or technical traces) may be stored for a limited period of time, strictly necessary for platform security, abuse prevention or incident management, and then deleted or anonymized.

8. User rights

In accordance with the General Data Protection Regulation (GDPR), the user has the following rights, under the conditions provided for by the applicable regulations:

8.1. Right of access

The user may obtain confirmation as to whether or not personal data concerning him or her is being processed by KharonBridge, as well as access to said data and the information required by law.

8.2. Right of rectification

The user may request rectification of any personal data concerning him/her that is inaccurate, incomplete or obsolete.

8.3. Right to erasure («right to be forgotten»)

Users may request the deletion of their personal data in the cases provided for by the applicable regulations, in particular when the data is no longer necessary for the purposes for which it was collected, subject to legal retention obligations and the provisions of the GCUV.

8.4. Right to limit processing

Users may request restrictions on the processing of their personal data in accordance with applicable regulations.

8.5. Right to data portability

The user may receive the personal data he has provided to KharonBridge in a structured, commonly used and machine-readable format, or request its transmission to another data controller where technically possible.

8.4. Right to object

The user may object, for reasons relating to his or her particular situation, to certain processing of personal data, where such processing is based on the legitimate interests of KharonBridge, unless there are compelling legitimate grounds for continuing the processing.

8.5. Right to withdraw consent

Where processing is based on the user's consent, the user may withdraw his or her consent at any time, without this affecting the lawfulness of processing carried out prior to the withdrawal.

8.6. Exercise of rights

These rights may be exercised at any time by sending a request via the contact means indicated on the platform or by e-mail to the following address: [email protected].

KharonBridge undertakes to process requests within the applicable legal deadlines and reserves the right to request any information necessary to verify the identity of the applicant, in compliance with the regulations in force.

9. Users located outside the European Union

The services offered by KharonBridge are accessible to users located outside the European Union.

Where the user resides outside the European Union, their personal data is processed by KharonBridge in accordance with the principles and requirements of the General Data Protection Regulation (GDPR), which constitutes the frame of reference applied by KharonBridge with regard to the protection of personal data.

Personal data is mainly hosted and processed within the European Union. In the event that certain processing operations involve the transfer of data outside the European Union, KharonBridge undertakes to implement the appropriate safeguards provided for by the applicable regulations, in particular by using recognized mechanisms ensuring an adequate level of protection.

The user acknowledges and accepts that the use of the platform implies the processing of his/her personal data in accordance with these standards, regardless of his/her place of residence, without this implying the automatic application of foreign local legislation not expressly provided for herein.

10. No transfer to third parties

Personal data collected by KharonBridge will not be transferred, sold, rented or used for commercial purposes to third parties.

Data may, however, be processed by technical service providers acting as subcontractors, exclusively for the purposes of the operation, maintenance, hosting, security or provision of the services offered by KharonBridge.

These service providers act on KharonBridge's instructions, in compliance with the requirements of the General Data Protection Regulation (GDPR), and are contractually bound by obligations of confidentiality, security and protection of personal data.

Apart from these cases, personal data is only disclosed to third parties when required by law or at the request of the competent authorities, in accordance with applicable regulations.

11. Privacy and ethical commitment

KharonBridge is a digital service designed around personal, intimate and memorable content. As such, respect for user privacy is a fundamental principle in the design, development and operation of the platform.

KharonBridge undertakes to treat personal data and content provided by users with a high level of confidentiality, discretion and respect, consistent with the sensitive nature of the services offered.

No use is made of personal data or submitted content for purposes unrelated to the purpose of the service, in particular for advertising, commercial or profiling purposes.

The technical and organizational choices made by KharonBridge incorporate, as far as possible, the principles of data protection by design and by default (privacy by design and privacy by default), in accordance with the requirements of the General Data Protection Regulation (GDPR).

This ethical commitment is part of a responsible and transparent approach, without constituting an absolute obligation to achieve results, and in compliance with applicable technical, legal and regulatory constraints.

12. Evolution of the privacy policy

This privacy policy may be modified or updated to reflect changes in the KharonBridge project, the services offered, the organization of the platform or the applicable legal and regulatory framework.

In the event of substantial changes to the privacy policy, users will be informed by any appropriate means, including notification on the site or by e-mail where applicable.

The current version of the privacy policy is the one accessible on the site at the time of use of the services.

Continued use of the site or services after changes come into effect constitutes acceptance of the updated privacy policy, subject to users' rights under applicable regulations.

en_US
en_US fr_FR