Request a review

Updated: 2026-05-07

Privacy policy

Plainly stated: here is what reaches me when you use this site, what I do with it afterwards, and the rights that stay yours. There is one person behind this desk. No mailing list, no sales team, no shared inbox circulating your details.

Who answers for it

This site is run by Mara Veyne, who does AI visibility and entity work for founder-led Paris firms. Under the General Data Protection Regulation (GDPR) and equivalent laws, the controller of the data described below is the operator of aivisibilityparis.com. For a privacy question, or to exercise one of your rights, write to hello@aivisibilityparis.com.

What actually reaches me

When you send the form, this is the whole of what arrives:

  • Your name and email address, which let me reply and address you correctly.
  • Another way to reach you, if you choose to add one (Signal, Telegram, phone), useful when email is not your preferred channel.
  • Whatever you write to me about the request: the firm, the arrondissement, the public phrasing, the page to examine. Only name and email are required; the rest you share or keep freely.

These details serve a single purpose: answering the request you sent me. Nothing feeds a list, nothing is passed to a third party, nothing is used beyond our exchange. Filed next to your message are the timestamp it arrived and a salted SHA-256 hash of your IP address, the quiet mechanism that keeps automated abuse off the form. The raw IP is never recorded, nor are browser fingerprints or device traits.

What I do not use

  • No tracking cookies. The audience measurement I rely on runs without cookies and keeps no per-visitor identifier.
  • No retargeting pixels, no marketing-automation tags, no ad-network trackers anywhere on the pages.
  • No automated profiling, and no automated decision producing a legal effect concerning you.
  • No selling, no sharing of personal data with commercial partners. That is simply not how this practice operates.

The legal basis for each thing

Form messages rest on GDPR art. 6(1)(b) — steps taken at your request before any possible engagement. The IP hash that protects the form from abuse rests on GDPR art. 6(1)(f), the legitimate interest in keeping the form operational. Where payment-outcome data exists, it falls under the contractual basis.

Retention periods

  • Form messages: kept through the engagement and for 24 months after it ends, so the record of the work stays complete, then deleted. Requests that never become work are kept for 12 months, then deleted.
  • Payment records: kept as long as tax and accounting obligations require (often 5–6 years), then deleted.
  • IP hashes: kept for 90 days — enough to protect the form — then deleted.
  • Email threads: kept while our collaboration lasts, or for 24 months after our last contact, whichever is longer.

What you can ask for

Under GDPR and comparable laws, you may ask to access your data, correct it, erase it, transfer it elsewhere, restrict its use, or object to it. For any of these, write to hello@aivisibilityparis.com and I will respond within 30 days. If you believe a rule has been broken, you can complain to your supervisory authority (in France, the CNIL).

Where the data is hosted

The servers running this site sit in European Union (Germany). If any further processors (email provider) come to operate outside the European Union, those transfers rely on standard contractual clauses together with the safeguards each one publishes.

If this policy changes

I revise this policy whenever the way I handle data changes in a material way. The "Updated" date at the top marks the version in force. When a change is significant, I flag it on the home page for 30 days so returning readers notice it.