Back to home

PRIVACY POLICY

In accordance with the General Data Protection Regulation (GDPR)

Last updated: February 18, 2026

Our commitment: Global Risk Predictor is committed to protecting the privacy of its users and processing their personal data with the utmost transparency, fairness and security.

1. INTRODUCTION

This Privacy Policy (hereinafter "the Policy") describes how Global Risk Predictor, as data controller, collects, uses, discloses and protects the personal information you provide to us when you use our website, simulators and services.

We are committed to complying with applicable data protection regulations, including Regulation (EU) 2016/679 of the European Parliament and of the Council of April 27, 2016 (GDPR) and French Law No. 78-17 of January 6, 1978 on information technology, data files and civil liberties (the French Data Protection Act).

2. DEFINITIONS

  • Personal data: any information relating to an identified or identifiable natural person (hereinafter "you").
  • Processing: any operation performed on personal data (collection, recording, storage, modification, consultation, use, transmission, etc.).
  • Data controller: the person who determines the purposes and means of the processing (Gilles Legrand).
  • Data processor: the person who processes data on behalf of the data controller.

3. WHAT DATA DO WE COLLECT?

3.1 Data you provide directly

  • Identification data: last name, first name, title
  • Contact details: email address, phone number (optional)
  • Professional data: company name, position, sector of activity
  • Account data: username, password (encrypted)
  • Billing data: billing address, payment information (processed by our payment provider)
  • Messages: content of your exchanges with our support (email, contact form)

3.2 Data collected automatically

  • Browsing data: pages visited, duration of visit, navigation path, clicks
  • Technical data: IP address, browser type, operating system, screen resolution
  • Cookies and similar technologies: we use cookies to improve your experience and analyze traffic (see our Cookie Policy)

3.3 Data related to the use of our services

  • Financial data entered: when you use our simulators, you may enter financial data (revenue, balance sheet, ratios, etc.). This data is processed to produce your results and is not retained beyond your session, unless you are logged into an account.
  • Simulation history: if you are a subscriber, we retain your simulation history to allow you to access it later.

4. FOR WHAT PURPOSES DO WE USE YOUR DATA?

4.1 Provision and management of services

  • Creation and management of your user account
  • Access to simulators and site features
  • Production of your simulation results
  • Management of your subscriptions and billing

Legal basis: Contract performance

4.2 Customer relations and support

  • Response to your requests (contact form, email, phone)
  • Technical assistance and support
  • Handling complaints

Legal basis: Legitimate interest in responding to your requests and contract performance

4.3 Improvement of our services and statistical analysis

  • Analysis of navigation on the site to optimize the user experience
  • Measurement of site traffic and performance
  • Development of new features

Legal basis: Legitimate interest in improving our services

4.4 Marketing communications and prospecting

  • Sending newsletters and information about our services (with your consent)
  • Invitations to webinars or events
  • Sending promotional offers

Legal basis: Consent (you can withdraw your consent at any time)

4.5 Security and fraud prevention

  • Securing the site and data
  • Detection and prevention of fraudulent activities
  • Compliance with our terms of use

Legal basis: Legitimate interest in ensuring the security of our services and legal obligation

4.6 Compliance with legal obligations

  • Retention of invoices and accounting documents
  • Response to requests from judicial or administrative authorities

Legal basis: Legal obligation

5. ON WHAT LEGAL BASES DO WE PROCESS YOUR DATA?

We process your personal data only on one of the following legal bases:

  • Your consent: for sending commercial communications and certain cookies. You can withdraw your consent at any time.
  • Performance of a contract: for the provision of our services and management of your subscription.
  • Our legitimate interest: to improve our services, ensure the security of the site, and respond to your requests.
  • Compliance with a legal obligation: for the retention of invoices, response to judicial authorities.

6. DATA RECIPIENTS

Your personal data is intended for Global Risk Predictor (Gilles Legrand). We do not sell or rent your personal data to third parties.

6.1 Subcontractors and service providers

We may share your data with the following providers, who act on our behalf and in compliance with regulations:

  • OVH (host): for hosting the site and data
  • Stripe / PayPal (payment processors): for processing payments (we do not store your bank details)
  • Google Analytics (analytics): for audience analysis (anonymized)
  • Mailchimp / SendinBlue (emailing): for sending newsletters (with consent)

These providers are mostly located in the European Union. In case of transfer outside the EU, we ensure that appropriate safeguards are in place (Standard Contractual Clauses of the European Commission).

6.2 Legal authorities

We may be required to disclose your personal data to comply with a legal obligation, a request from a judicial or administrative authority, or to protect our rights and interests.

7. TRANSFERS OF DATA OUTSIDE THE EUROPEAN UNION

We prioritize service providers located in the European Union. If we use a provider located outside the EU, we ensure that the transfer is governed by:

  • An adequacy decision of the European Commission (countries offering an adequate level of protection)
  • Standard contractual clauses of the European Commission
  • Approved binding corporate rules (BCR)

8. DATA RETENTION PERIOD

We retain your personal data only for as long as necessary for the purposes for which it was collected:

Data category Retention period
Customer account data For the entire duration of the contractual relationship, then 3 years for prospecting purposes
Billing data 10 years (legal obligation)
Browsing data 13 months (cookies) / 1 year (logs)
Contact form data 3 years from last contact
Simulation data (account) During the contract period, then deleted upon termination
Simulation data (not logged in) Session only, not retained

At the end of these periods, your data is deleted or anonymized for statistical purposes.

9. YOUR RIGHTS

In accordance with applicable regulations, you have the following rights regarding your personal data:

9.1 Right of access (Article 15 GDPR)

You can obtain confirmation as to whether or not your data is being processed, as well as access to that data and a copy of the information concerning you.

9.2 Right to rectification (Article 16 GDPR)

You can request the rectification of inaccurate data concerning you or have it completed if it is incomplete.

9.3 Right to erasure (right to be forgotten) (Article 17 GDPR)

You can request the erasure of your data in certain cases (data no longer necessary, withdrawal of consent, legitimate objection).

9.4 Right to restriction of processing (Article 18 GDPR)

You can request the suspension of processing of your data in certain cases (contesting accuracy, objection, etc.).

9.5 Right to data portability (Article 20 GDPR)

You can receive the data you have provided to us in a structured, commonly used and machine-readable format, and transmit it to another data controller.

9.6 Right to object (Article 21 GDPR)

You can object, on grounds relating to your particular situation, to the processing of your data based on our legitimate interest. You can also object at any time to the processing of your data for commercial prospecting purposes.

9.7 Right to withdraw your consent

When processing is based on your consent, you can withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

9.8 Right to give post-mortem instructions

You have the right to define instructions concerning the retention, erasure and communication of your data after your death.

9.9 Right to lodge a complaint with the CNIL

If you believe that your rights are not respected, you can lodge a complaint with the CNIL (www.cnil.fr).

10. EXERCISING YOUR RIGHTS

To exercise your rights, you can contact us:

By email: privacy@globalriskpredictor.com

By mail: Gilles Legrand - 8B Avenue Maréchal de Lattre de Tassigny, 33610 Cestas, France

For access, rectification and objection rights, we will respond within one month. For other rights, we will inform you of the outcome as soon as possible.

Proof of identity: To prevent fraudulent requests, a copy of your ID may be requested. This copy will only be kept for the time necessary to verify your identity.

11. DATA SECURITY

We implement all appropriate technical and organizational measures to ensure the security and confidentiality of your personal data:

  • Encryption: Use of HTTPS protocol to secure exchanges
  • Secure storage: Passwords are hashed, sensitive data is encrypted
  • Restricted access: Only authorized persons have access to data, on a need-to-know basis
  • Backups: Regular backups are performed to prevent data loss
  • Audit and monitoring: We monitor access and intrusion attempts

In the event of a data breach likely to create a high risk to your rights and freedoms, we will inform you as soon as possible, in accordance with regulations.

12. COOKIES AND SIMILAR TECHNOLOGIES

The Global Risk Predictor site uses cookies to improve your browsing experience and analyze traffic. To learn more about the use of cookies and configure your preferences, please see our Cookie Policy.

13. PERSONAL DATA OF MINORS

Our services are intended for professionals and adults capable of entering into contracts. We do not knowingly collect personal data from minors under 18. If you are a parent or guardian and believe that your child has provided us with data, please contact us to have it deleted.

14. CHANGES TO THE PRIVACY POLICY

We reserve the right to modify this Privacy Policy at any time to comply with legislative, regulatory or technical developments. The updated version will be published on this page with the date of the last modification.

We encourage you to regularly consult this page to stay informed of our data protection practices.

15. CONTACT DETAILS OF THE DATA CONTROLLER

  • Name: Gilles Legrand
  • Status: Individual Entrepreneur
  • Address: 8B Avenue Maréchal de Lattre de Tassigny, 33610 Cestas, France
  • Email: contact@globalriskpredictor.com
  • Phone: +33 6 62 56 62 99

Data Protection Officer (DPO)

We have not appointed a mandatory DPO, but we remain at your disposal for any questions regarding the protection of your data at: privacy@globalriskpredictor.com

This privacy policy complies with the General Data Protection Regulation (GDPR) 2016/679 and the amended French Data Protection Act.

Last updated: February 18, 2026