Last updated: 15 April 2025

Cosmo5 (“we”, “us”, or “our”) is committed to protecting and respecting your privacy in accordance with the General Data Protection Regulation (GDPR).

1. Who We Are

Cosmo5 is a digital transformation and marketing agency.
For the purposes of the GDPR, Cosmo5 acts as the Data Controller for the processing of your personal data as described in this policy.

If you have any questions, you can contact us at privacy@cosmo5.com.
If applicable, our Data Protection Officer (DPO) can be reached at the same address.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity Data (e.g., name, job title)
  • Contact Data (e.g., email address, phone number, mailing address)
  • Technical Data (e.g., IP address, browser type, device ID)
  • Usage Data (e.g., pages visited, interactions, time spent on our site)
  • Marketing & Communications Data (e.g., preferences in receiving marketing)

3. How We Collect Your Data

We collect data through:

  • Direct interactions (e.g., filling in forms, corresponding with us)
  • Automated technologies (e.g., cookies, analytics – see our [Cookie Policy])
  • Third parties (e.g., advertising networks, analytics providers)

4. Purpose of Data Processing

We use your personal data for the following purposes:

  • Providing and maintaining our services
  • Managing client relationships and responding to enquiries
  • Improving our website, products, and services
  • Marketing and communications (only where you have given consent or where we rely on legitimate interest in a B2B context)
  • Complying with legal obligations

5. Legal Basis for Processing

We process personal data on the following legal grounds:

  • Consent (e.g., for marketing communications, non-essential cookies)
  • Performance of a contract (e.g., delivering agreed services)
  • Legal obligations (e.g., tax and accounting requirements)
  • Legitimate interests (e.g., ensuring IT security, improving services, direct B2B marketing – unless you object)

6. Data Sharing

We do not sell your personal data. We may share your data with:

  • Service providers acting as processors (e.g., hosting providers, CRM systems, email platforms, analytics tools)
  • Legal or regulatory authorities when required by law
  • Other parties only where you have given explicit consent

All our processors are contractually bound to safeguard your data in accordance with GDPR requirements.

7. International Data Transfers

Where we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Additional technical and organisational measures where necessary

8. Data Retention

We retain personal data only for as long as necessary for the purposes described above:

  • Client data: duration of the contractual relationship + 3 years
  • Prospect data (e.g., marketing leads): 3 years after last interaction
  • Billing and accounting data: 10 years (legal obligation)
  • Technical and usage data: up to 13 months (in line with cookie retention rules)

After these periods, data is securely deleted or anonymised.

9. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Request correction or deletion of your data
  • Object to or restrict processing (including marketing communications)
  • Withdraw consent at any time
  • Data portability (to receive your data in a structured, machine-readable format)
  • Lodge a complaint with a supervisory authority (e.g., CNIL in France)

You can exercise your rights at any time by contacting us at privacy@cosmo5.com.

10. Security

We implement appropriate technical and organisational measures to protect your data against accidental loss, misuse, alteration, or unauthorised access.

11. Cookies

We use cookies and similar technologies to enhance your experience and analyse site usage.
Some cookies may involve the processing of personal data. For full details, please see our Cookie Policy

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in technology, regulations, or our practices. Any revised version will be posted on this page with an updated date.

13. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Website Publisher

This website is published by:
LABYRINTH BIDCO
French company with a capital of 121 557 723 euros
19 rue Martel, 75010 Paris, France
Registered in the French National register of companies (Registre national des entreprises) under number 900 657 354

Publication Director

The publication director is Stéphane Levy, president of LABYRINTH BIDCO

Website Hosting Provider

This website is hosted by:
1000heads Pty Ltd
Suite 3.02, Level 3 414 Kent Street Sydney, NSW 2000 Australia
+61 2 9251 0491

Data Hosting Provider

The data processed within this website are hosted by:
To Be Completed…

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.