Privacy policy

Privacy policy

Introduction

IT-Development SAS (hereinafter "IT-Development" or "we") is a software company specializing in telecom infrastructure management, headquartered at 7 allée du crêt, 69890 La Tour-de-Salvagny, France. IT-Development publishes the ClickOnSite, ClickOnSite Mobile App, BuildAndRun, and FleetDome solutions, accessible via its websites www.fr.it-development.com and www.en.it-development.com.

Protecting your personal data is a priority for IT-Development. This Privacy Policy has been drafted in compliance with:

• Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of personal data (GDPR);
• French Act No. 78-17 of January 6, 1978, as amended, on information technology, data files, and civil liberties (Loi Informatique et Libertés).

It describes the nature of the data we collect, the purposes of their processing, their retention periods, the recipients who may access them, and the rights you hold over your data. It applies to anyone using our websites, applications, or otherwise interacting with our services.

If you do not agree with the practices described in this policy, we invite you not to use our websites and services.

Data collected

Types of personal data collected

Depending on how you interact with our services, IT-Development may collect the following categories of data:

• Identification data: first name, last name, email address, phone number, company name;
• Connection data: IP address, session identifiers, event logs;
• Location data: GPS or GSM coordinates collected through the ClickOnSite Mobile App in connection with telecom site management;
• Browsing data: pages visited, date and time of visits, browser type, operating system, language, internet service provider;
• Form data: information submitted through a demo request, commercial inquiry, newsletter sign-up, or support form.

IT-Development's websites are not intended for children under 16. No data relating to this age group is knowingly collected. If you believe such a collection has occurred, please contact us at contact@it-development.com so the data can be deleted without delay.

How data is collected

Data is collected through the following means:

• Online forms (demo requests, contact, newsletter sign-up);
• Website browsing (via cookies and audience measurement tools — see Section "Data Security");
• ClickOnSite Mobile App (geolocation, field data entry);
• Email or phone interactions with our sales or support teams;
• Publication of customer or employee testimonials, with prior informed consent.

Simply browsing the website requires no registration or login. Only technical data (IP address, browsing data) are automatically collected for website operation and cookie purposes (see Section "Data Security").

Purposes of processing

IT-Development processes your personal data for the following purposes:

• Customer relationship management: contract tracking, orders, invoicing, account management, after-sales service, and complaint handling;
• Communication and marketing: sending newsletters and commercial communications, subject to your prior consent;
• Commercial prospecting: selecting contacts for loyalty campaigns, surveys, product testing, or outreach;
• Service improvement: audience and usage statistics, feature testing, and collecting feedback on our products;
• Dispute and debt management: amicable debt recovery, provided it does not result in exclusion from a right, service, or contract;
• Legal and regulatory obligations: responding to judicial or administrative requests, accounting, and tax compliance.

In accordance with Article 5 of the GDPR, these processing activities comply with the principles of data minimization, purpose limitation, and accuracy. No processing leading to the creation of profiles revealing sensitive data (racial or ethnic origin, philosophical, political, trade union, religious opinions, or health data) is carried out without explicit consent.

Legal basis for processing

Each processing activity is based on one of the legal grounds set out in Article 6 of the GDPR:

• Consent (Article 6.1.a): sending newsletters, placing non-essential cookies, publishing testimonials. You may withdraw your consent at any time without affecting the lawfulness of prior processing.
• Performance of a contract (Article 6.1.b): managing access to our software, order tracking, invoicing, and technical support.
• Legal obligation (Article 6.1.c): accounting, tax obligations, and responses to competent authorities.
• Legitimate interests (Article 6.1.f): service improvement, IT security, aggregated audience statistics, B2B prospecting of existing customers.

Data retention periods

Personal data is retained for the period strictly necessary to fulfill the purposes for which it was collected, in accordance with Article 5.1.e of the GDPR:

• Active customer data: for the duration of the contractual relationship, then archived for 5 years from contract end (civil statute of limitations), or 10 years for accounting data;
• Prospect data: 3 years from the last contact or collection, in the absence of a contractual relationship;
• Connection data and technical logs: maximum 12 months;
• Cookies: maximum 13 months from deposit, in accordance with CNIL recommendations;
• Geolocation data: duration of the assignment or session, unless a specific legal obligation applies.

Beyond these retention periods, data is either deleted or irreversibly anonymized for exclusively statistical purposes, with no possibility of re-identification.

Data recipients

IT-Development does not sell your personal data to third parties for commercial purposes. Access to your data is strictly controlled:

• Authorized IT-Development staff: sales, support, technical, and administrative teams, within the scope of their responsibilities;
• Technical subcontractors: hosting providers, email service providers, CRM tools, and audience analytics solutions — all bound to IT-Development by data processing agreements compliant with Article 28 of the GDPR;
• Competent authorities: where required by law, regulation, or judicial order (requisition, injunction, etc.);
• Potential acquirers: in the event of a merger, acquisition, or asset transfer, your prior consent will be sought and the level of confidentiality maintained.

Aggregated and anonymized technical data may be used for industry analysis and statistical purposes, without allowing the identification of any individual.

Data transfers outside the EU

IT-Development operates internationally. In this context, some personal data transfers may take place to countries outside the European Union. IT-Development is committed to framing such transfers with appropriate safeguards, including:

• Transfers to countries recognized by the European Commission as providing an adequate level of protection (adequacy decision);
• Use of Standard Contractual Clauses (SCCs) approved by the European Commission for transfers to other destinations;
• Any other appropriate safeguard provided for under Articles 46 and 47 of the GDPR.

For the list of countries with an adequate level of protection: CNIL — Data Protection Around the World.

Your rights

Under the GDPR (Articles 15 to 22), you have the following rights over your personal data:

Right of access (Article 15 GDPR)

You may obtain confirmation that data concerning you is being processed by IT-Development, and request a copy, along with information on purposes, data categories, recipients, and applicable retention periods.

Right to rectification (Article 16 GDPR)

You may request the correction of inaccurate or incomplete data relating to you.

Right to erasure (Article 17 GDPR)

You may request the deletion of your personal data when:

• the data is no longer necessary for the purposes for which it was collected;
• you withdraw your consent, and there is no other legal basis for the processing;
• you object to the processing, and there is no overriding legitimate ground;
• the data has been unlawfully processed;
• deletion is required to comply with a legal obligation.

This right does not apply where processing is necessary for compliance with a legal obligation, for the establishment or defense of legal claims, or for archiving purposes in the public interest.

Right to restriction of processing (Article 18 GDPR)

You may request the restriction of processing of your data in certain circumstances (disputed accuracy, unlawful processing, etc.), allowing use to be suspended without deletion.

Right to data portability (Article 20 GDPR)

You may retrieve data you have provided to us in a structured, commonly used, machine-readable format, and transmit it to another data controller where processing is based on consent or a contract.

Right to object (Article 21 GDPR)

You may object at any time to the processing of your data for direct marketing purposes. You may also object to processing based on IT-Development's legitimate interests, on grounds relating to your particular situation.

Unsubscribing from marketing communications

You may unsubscribe from our marketing communications at any time by clicking the "Unsubscribe" link at the bottom of any email, or by contacting us directly.

How to exercise your rights

To exercise any of these rights, submit your request by email or postal mail:

• Email: contact@it-development.com
• Phone: +33 (0)4 72 39 16 85
• Mail: IT-Development SAS, Communications Department, 7 allée du crêt, 69890 La Tour-de-Salvagny, France

Your request will be processed within one month of receipt. This period may be extended by two additional months in cases of complexity or high volume of requests, with prior notice to you.

Data security

IT-Development implements appropriate technical and organizational measures, in accordance with Article 32 of the GDPR, to protect your data against unauthorized access, disclosure, alteration, loss, or destruction. These measures are grounded in our Information Systems Security Policy (ISSP) and include:

• Encryption of data in transit (TLS/HTTPS) and at rest for sensitive data;
• Access control: user authentication, permission management based on the principle of least privilege;
• Monitoring and logging: incident detection, system access logs;
• Regular backups and disaster recovery plans (DRP);
• Awareness training for staff handling personal data.

In the event of a personal data breach likely to result in a risk to your rights and freedoms, IT-Development commits to:

• notify the CNIL within 72 hours of becoming aware of the incident, pursuant to Article 33 of the GDPR;
• inform you without undue delay if the breach is likely to result in a high risk to your rights and freedoms (Article 34 GDPR);
• investigate the causes and take the necessary corrective measures.

This notification shall not be construed as an admission of fault or liability on the part of IT-Development.

Cookies

What is a cookie?

A cookie is a small text file placed on your device (computer, tablet, smartphone) when you visit a website. It allows the site to remember information related to your browsing session.

Cookies used by IT-Development

IT-Development SAS, as publisher of www.fr.it-development.com and www.en.it-development.com, places and reads the following categories of cookies:

• Functional/technical cookies (essential): required for the website to operate (session management, language preferences). These cookies do not require consent.
• Audience measurement/analytics cookies: used to measure website traffic (pages viewed, frequency, visit duration, user journeys) to improve content and usability. Example: HubSpot or equivalent solution.
• Preference cookies: remember your browsing choices (language, display settings) to personalize your experience.
• Marketing/advertising cookies: used to serve content tailored to your interests and to measure the effectiveness of advertising campaigns. Example: LinkedIn Insight Tag.

Third parties may also place cookies through content embedded in our pages (YouTube video player, social media sharing buttons, etc.). IT-Development does not control these third-party cookies and invites you to consult the privacy policies of the relevant services.

Consent and cookie management

In accordance with CNIL guidelines, only strictly necessary cookies are placed without your prior consent. All other cookie categories are only activated after you give your agreement via our cookie consent banner.

You can update your cookie preferences at any time via the "Cookie Settings" link available at the bottom of every page on our websites.

You may also disable cookies directly in your browser settings. Please note that disabling certain cookies may affect the proper functioning of the website.

Cookie retention period

The maximum cookie retention period is 13 months from the date of first deposit on your device, in accordance with CNIL recommendations. Consent is renewed at the end of this period.

Contact

For any questions regarding this Privacy Policy, or to exercise your rights over your personal data, you may contact IT-Development SAS:

• Email: contact@it-development.com
• Mail: IT-Development SAS, Communications Department, 7 allée du crêt, 69890 La Tour-de-Salvagny, France

If we fail to respond within one month, or if the response does not satisfy you, you have the right to lodge a complaint with the French data protection authority (CNIL):

• CNIL, 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07
• Website: www.cnil.fr/en
• Online complaint form: https://www.cnil.fr/en/complaints

Private policy updated on March 20th, 2026.