Last update: 11/18/2025

This privacy policy describes how Overture processes the personal data of users of the website [website URL] (hereinafter the “Website”), in accordance with Regulation (EU) 2016/679 (GDPR) and the French Data Protection Act. CNIL

1. Data controller
The data controller is: Jess Boussard, sole proprietor (EI), trading under the name “Overture,” business: 360° digital agency. Address: 6 place du Président Thomas Wilson 31000 Toulouse Email: hello@agenceoverture.com
If you have any questions about this policy or your data, please write to the above email address.

2. Data collected:
Overture may collect the following categories of data: Identification and contact details: surname, first name, company, position, email address, telephone number. Professional data: company name, sector, company size, country, project-related information provided via the form.
Website browsing data: pages viewed, duration of visit, browser type, abbreviated IP address, cookie or tracker ID (see Cookie Policy). Communications: content of messages sent via the contact form, by email, or by phone. Data is collected directly from you (form, email, phone, social media) or, where applicable, via audience measurement or prospecting tools (see below).

3. Purposes and legal basis for processing
Your data is processed for the following purposes: Business.PublicServiceManagement of requests via the WebsiteReceipt and processing of requests for information, appointment bookings, and quotes.Legal basis: performance of pre-contractual measures (Article 6.1.b GDPR). Prospecting and B2B commercial relations: Follow-up of prospects and customers, commercial follow-up, sending information about Overture's services. Legal basis: Overture's legitimate interest in developing its business (Article 6.1.f GDPR), in compliance with the rules applicable to prospecting. Sending communications (newsletters, content, white papers, etc.) When you voluntarily sign up to receive this content. Legal basis: your consent (Article 6.1.a GDPR), which you may withdraw at any time. Audience measurement, website improvement, and security Viewing statistics, improving usability, detecting technical anomalies, website security. Legal basis: Overture's legitimate interest in ensuring the security and optimization of the Website (Article 6.1.f GDPR). Management of potential disputes/legal obligations Proof of exchanges, dispute management, responses to legal obligations or requests from authorities. Legal basis: legal obligation (Article 6.1.c GDPR) and legitimate interest (Article 6.1.f GDPR).

4. Data recipients
Access to data is limited to authorized persons within Overture who need to access it in the course of their duties (sales management, marketing, website administration). The data may also be communicated to technical service providers or third-party services acting as subcontractors on behalf of Overture: Website host: Shopify. Email and collaborative tools provider: [e.g., Google Workspace]. Sales management/CRM tools: [name of tool, if applicable]. Audience measurement and advertising performance tools: [name(s) of the tool(s), e.g. Google Analytics/chosen tool]. These service providers are contractually bound to respect the confidentiality and security of the data and only access it for the purposes strictly necessary for their tasks. The data is not sold or rented to third parties.

5. Data transfers outside the European Union
Some service providers (including messaging tools, CRM, analytics, and advertising) may be located outside the European Union or may transfer data there. In this case, Overture ensures that these transfers are governed by: the Ministry of Economy, an adequacy decision by the European Commission, or standard contractual clauses approved by the European Commission, and, where applicable, additional protective measures. Detailed information on these transfers can be obtained upon request at the address mentioned in Article 1.

6. Retention periods
Personal data is retained only for the period necessary for the purposes pursued, then archived or deleted. For information purposes: Entreprendre.Service-Public Contact requests/prospects: up to 3 years after the last active contact from you (click on an email, reply, request). Customer data: for the duration of the contractual relationship, then 5 years from the end of the relationship (unless longer legal obligations apply). Data used for prospecting purposes: until you withdraw your consent or exercise your right to object, then archived for the applicable limitation period. Cookies and trackers: for the duration indicated in the Cookie Policy, by type of cookie (maximum duration generally 13 months for non-exempt audience measurement cookies).

7. Your rights
In accordance with the GDPR and the French Data Protection Act, you have the following rights regarding your data: CNIL+1Right of access: obtain confirmation that data concerning you is being processed and receive a copy of it. Right of rectification: correct or complete your data if it is inaccurate or incomplete. Right to erasure (“right to be forgotten”): request the deletion of your data in the cases provided for by the regulations. Right to restriction of processing: request the temporary suspension of the processing of your data. Right to object: at any time for processing based on legitimate interest, to commercial prospecting (including profiling related to such prospecting). Right to portability: receive the data you have provided in a structured, machine-readable format or transmit it to another data controller. Right to withdraw your consent at any time when processing is based on consent, without retroactive effect. Right to define post-mortem guidelines on the fate of your data after your death, in accordance with French law. You can exercise your rights by writing to: hello@agenceoverture.com or by mail to the address indicated in Article 1, enclosing, where applicable, proof of identity if necessary. If, after contacting us, you feel that your rights have not been respected, you may lodge a complaint with the CNIL (Commission Nationale de l’Informatique et des Libertés) – www.cnil.fr – 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07. CNIL+1

8. Data security:
Overture implements appropriate technical and organizational measures to preserve the confidentiality and security of your personal data (access control, strong passwords, backups, secure connections, access restricted to authorized persons only, etc.). However, as no system is completely foolproof, Overture cannot guarantee the absolute security of information transmitted over the Internet. In the event of a data breach that could pose a high risk to your rights and freedoms, you will be informed in accordance with the conditions set out in the regulations.

9. Links to third-party websites
The Website may contain links to other websites. Overture is not responsible for the practices of these websites with regard to the processing of personal data. It is recommended that you consult the privacy policies of each of these websites.10. Changes to the privacy policyThis privacy policy may be subject to change, particularly in the event of legal, regulatory, or functional changes to the Website.

Cookie Policy

Last update: 12/07/25

1. What is a cookie?
A cookie is a small file stored in your browser to enable the website to function properly or to analyze its audience.

2. Cookies used on this site
Strictly necessary cookies (exempt from consent) These cookies enable the site to function:
Session management
Site security
Form functionality→ Always enabled, cannot be disabled.
Analytical cookies (subject to consent) Used only if you accept:
ServicePurposeGA4 (Google Analytics)
Performance and audience measurement
GTMTag management (does not place cookies itself) These cookies are only enabled after you give your consent via our banner.

3. How to manage cookies?
You can: accept all cookies, refuse all cookies, customize your choices. You can change your preferences at any time via the page: Cookie settings (CMP)

4. Cookie lifetime
Analytical cookies have a maximum lifetime of 13 months, in accordance with the GDPR.