Privacy Policy

Last update: 17/06/2025

Data Controller

ERYON SAS, a simplified joint-stock company registered with the RCS of Lille Métropole under the number 941078594, with its head office located at 41 rue Jacquemars Giélée, 59800 Lille, FRANCE, represented by Monsieur Hugo MOBIHAN, Président.

Data Protection Commitment

At ERYON, the protection of your personal data is at the heart of our concerns. As a French company developing sovereign solutions for the health sector, we commit to:

Strictly respect GDPR and French legislation

Host all data in France

Never transfer your data outside the European Union

Ensure the security and confidentiality of your information

Collected Data

Via the contact form

First and last name

Professional email address

Company name

Position

Message

Via the use of our services (EryonAgence and EryonCite)

Documents submitted for review (without personal health data)

Connection and usage data

Interaction history

Navigation Data

Our site does not use any tracking cookies, any analytics tools, and does not collect any navigation data.

Purpose of Processing

Your data is collected for:

Responding to your contact and information requests

Providing our medical and regulatory review services

Ensuring the follow-up of the business relationship

Complying with our legal and regulatory obligations

Improving our services

Legal Basis

The processing of your data is based on:

Your consent (contact form)

Contract execution (use of our services)

Our legitimate interest (service improvement)

Compliance with legal obligations

Data Recipients

Your personal data is strictly confidential and is only accessible to:

Authorized internal teams of ERYON

Our technical subcontractors (hosting) subject to confidentiality obligations

We never sell, rent, or share your data with third parties for commercial purposes.

Data Retention

Contact data: 3 years after the last contact

Client documents: Immediate deletion after delivery of the review report

Contractual data: Legal accounting retention period (10 years)

Security

We implement appropriate technical and organizational measures:

Data encryption in transit (TLS 1.2+)

Data encryption at rest (AES-256)

Restricted access to data

Regular security audits

Staff training in data protection

Your Rights

In accordance with GDPR, you have the following rights:

Right of access: obtain confirmation of processing and a copy of your data

Right to rectification: correct inaccurate data

Right to erasure: request the deletion of your data

Right to restriction: limit processing in certain cases

Right to portability: receive your data in a structured format

Right to object: object to processing

Right to withdraw your consent at any time

To exercise these rights, contact us at: contact@eryon.eu

Health Data

Important: ERYON does not process ANY personal health data. Documents submitted to our service must be previously anonymized. We do not collect, store, or process information that could identify patients.

International Transfers

In accordance with our sovereignty commitment, no data is transferred outside France or the European Union.

Modifications

We reserve the right to modify this privacy policy. Any changes will be published on this page with the update date indicated.

Contact and Complaints

For any questions regarding this policy or your personal data:

Email: contact@eryon.eu

Mail: Eryon - Data Protection - 41 rue Jacquemars Giélée, 59800 Lille, FRANCE

In case of difficulties, you can also file a complaint with the CNIL: Commission Nationale de l'Informatique et des Libertés 3 Place de Fontenoy - TSA 80715 - 75334 PARIS CEDEX 07 https://cnil.fr/fr