Privacy policy
Last updated: 2 May 2026
This English version is provided for convenience. In case of discrepancy, the French version available here shall prevail.
This policy describes how L&L FRANCE collects, uses and protects your personal data, in accordance with the EU General Data Protection Regulation (GDPR) and the French Data Protection Act of 6 January 1978 as amended.
1. Data controller
- Controller
- L&L FRANCE
- Registered office
- Bordeaux, France
- SIREN
- 910 953 256
- GDPR contact
- hello@webyss.fr
2. Data collected
Webyss only collects data strictly necessary for the purposes described below:
- Contact data: name, email address, company, when you write to us or subscribe;
- Account data: credentials, settings, preferences, when you use one of our Products;
- Billing data: address, VAT number, order history;
- Technical data: IP address, browser type, pages visited, for security and anonymized analytics.
3. Purposes and legal bases
- Provision of subscribed Products — legal basis: contract performance (art. 6.1.b GDPR);
- Billing and accounting obligations — legal basis: legal obligation (art. 6.1.c GDPR);
- Responding to your requests — legal basis: legitimate interest or pre-contractual measures (art. 6.1.b and 6.1.f GDPR);
- Security and fraud prevention — legal basis: legitimate interest (art. 6.1.f GDPR);
- Anonymized analytics — exempt from consent under strict conditions; otherwise based on your consent (art. 6.1.a GDPR).
4. Retention periods
- Active account data: for the duration of the contractual relationship;
- Billing data: 10 years from the close of the accounting year (legal obligation);
- Contact form data: 3 years from the last contact;
- Technical logs: 12 months maximum.
5. Recipients
Your data is accessible only to authorized personnel within L&L FRANCE. It may be communicated to subprocessors strictly necessary for service operation, including:
- OVH SAS (hosting, France);
- Payment and billing providers, to the extent necessary to process transactions;
- Administrative or judicial authorities, upon legal request.
6. Hosting and data location
All your data is hosted in France on OVHcloud infrastructure (OVH SAS, Roubaix). No transfer outside the European Union is performed for our Products' operation. Should such transfer be considered in the future, it would be governed by the safeguards set out in articles 44 et seq. of the GDPR.
7. Security
Webyss implements appropriate technical and organizational measures to protect your data, including: TLS encryption, strong authentication, regular backups, access controls, logging, staff training.
8. Your rights
Under the GDPR, you have the following rights at any time:
- Right of access;
- Right to rectification;
- Right to erasure ("right to be forgotten");
- Right to restriction of processing;
- Right to portability;
- Right to object, in particular to direct marketing;
- Right to define post-mortem directives on the fate of your data.
To exercise these rights, contact us at hello@webyss.fr. A response will be provided within a maximum of one month.
9. Complaint to the CNIL
If, after contacting us, you believe your rights have not been respected, you may lodge a complaint with the French Data Protection Authority (CNIL): 3 Place de Fontenoy — TSA 80715 — 75334 PARIS CEDEX 07 — www.cnil.fr.
10. Policy changes
This policy may be updated. Any substantial changes will be notified on this page and, where appropriate, by separate notification.