Privacy policy

Version of 22 April 2026

This privacy policy defines and informs you of the manner in which Feed access SAS (hereinafter "Feed access" or the "Publisher") uses and protects the information you provide when using the website accessible at the following address: https://www.feedaccess.com (hereinafter the "Website"). This privacy policy supplements the legal notices that Users can consult by clicking on the "Legal Notices" section.

This privacy policy may be modified or supplemented at any time by the Publisher, in particular to comply with any legislative, regulatory, case law or technological developments. In such a case, the date of its update is clearly identified at the top of this policy. Users should therefore consult this policy regularly to become aware of any changes.

Access to the Website implies the User's acknowledgement of this privacy policy and the cookie policy. The User authorises the Publisher to collect and process, in accordance with what is specified in this policy, the personal data communicated on the Website in the course of interactions with it.

This policy is valid for all pages hosted on the Website. It is not valid for pages hosted by third parties to which the Publisher may redirect, and whose privacy policies may differ.

Relationship with the FeedAccess application privacy policy

If you also use the FeedAccess application accessible at https://appli.feedaccess.com, the processing of your data within the scope of your use of the application is governed by a dedicated policy, accessible at: https://appli.feedaccess.com/confidentialite.

Article 1: General principles regarding data collection and processing

In accordance with the provisions of Article 5 of European Regulation 2016/679 (hereinafter "GDPR") and Articles 6 and 36 of the French Data Protection Act of 6 January 1978, as amended, the collection and processing of User data comply with the following principles:

• Lawfulness, fairness and transparency: data is collected and processed on an identified legal basis. At each collection, the User is informed of the purposes pursued.
• Purpose limitation: the collection and processing of data serve specific objectives detailed in Article 3 of this policy.
• Data minimisation: only data necessary for the purposes pursued is collected.
• Accuracy: the data collected is kept up to date. Every reasonable measure is taken to ensure that inaccurate data is erased or rectified without delay.
• Storage limitation: data is kept for a limited period, of which the User is informed.
• Integrity and confidentiality: the data controller guarantees appropriate security of the data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.

Data processing may only take place if it complies with at least one of the legal bases provided for in Article 6 of the GDPR:

• the consent of the data subject;
• the performance of a contract to which the data subject is party;
• compliance with a legal obligation;
• the protection of vital interests of the data subject or another natural person;
• the performance of a task carried out in the public interest;
• the legitimate interest of Feed access or a third party, unless the interests or fundamental freedoms of the data subject prevail.

Article 2: Personal data collected

It is possible to visit the Website without providing any personal information. However, certain features require the collection and processing of personal data.

2.1 Contact form

The Publisher may request the following information: title, surname, first name, email address, telephone number, postal address, country, message.

2.2 Registration for a training course

When registering for a training session provided by Feed access, the following data is collected: title, surname, first name, email address, telephone number, postal address, country, company name (if applicable), EU VAT number (if applicable), job title, animal species worked with, level of experience in feed formulation, source of discovery of the training. Payment data is collected and processed exclusively by the payment service provider Stripe (see Article 4); Feed access has no access to bank card numbers or banking details.

2.3 Newsletter subscription

When subscribing to the newsletter, the following data is collected: email address, first name (optional).

2.4 Server log files

When the User accesses the Website, the servers automatically record certain data: IP address, domain type, date and time of access, time spent on pages, pages viewed, browser type, operating system. This data is retained for statistical purposes, Website improvement and detection of technical or security anomalies.

2.5 Cookies and similar technologies

See Article 11 of this policy.

Article 3: Purposes of processing and retention periods

3.1 Management of contact requests

Purpose: responding to information requests, preparing commercial proposals, creating and managing a prospects database.

Legal basis: legitimate interest of Feed access.

Retention period: 3 years from the last contact from the prospect.

3.2 Registration and management of training courses

Purpose: managing registrations and participation in training sessions provided by Feed access, issuing invoices, delivering training certificates, activating access to the FeedAccess application Pro Plan associated with the training.

Data concerned: identity, contact details, professional data, billing data, participation and follow-up data.

Legal bases:

• performance of a contract (Art. 6.1.b GDPR) for the management of registration, participation and billing;
• legal obligation (Art. 6.1.c GDPR) for the retention of accounting records;
• legitimate interest (Art. 6.1.f GDPR) for sending information about future sessions, with the possibility of objecting at any time.

Retention periods:

• data related to registration and billing: 10 years from the closing of the financial year, in accordance with Article L.123-22 of the French Commercial Code;
• post-training prospecting data: 3 years from the last contact, unless objection is expressed.

3.3 Newsletter management

Purpose: sending information about Feed access services, products and training courses.

Legal basis: User consent.

Retention period: until withdrawal of consent, then 3 additional years as proof of unsubscription.

3.4 Audience statistics and Website improvement

Purpose: understanding Website traffic and usage, optimising content and ergonomics.

Legal basis: User consent obtained via the cookie management banner.

Retention period: 13 months maximum for browsing-related data; 25 months maximum for aggregated statistical data.

3.5 Security and anomaly detection

Purpose: detection of malfunctions, intrusion attempts and fraudulent activities.

Legal basis: legitimate interest of Feed access.

Retention period: 13 months maximum.

Article 4: Recipients and subcontractors

4.1 Feed access subcontractors

Feed access uses subcontractors for the performance of certain technical services. These subcontractors are contractually bound by confidentiality and security obligations in compliance with the requirements of the GDPR:

• OVHcloud (France) — hosting of the Website and associated databases;
• Stripe Payments Europe, Limited (Ireland) — online payment processing (training courses);
• Sendinblue / Brevo (France) — transactional emails and newsletter delivery;
• Google LLC (United States) — Google Forms service for training registration forms, Google Analytics service for audience statistics (with consent only), Google Ads service for advertising conversion tracking (with consent only);
• Microsoft Corporation (United States) — OneDrive service for supplementary document storage related to the customer relationship;
• Chartered accountant — processing of accounting and tax data, subject to professional secrecy.

Feed access subcontractors are not authorised to use the data for their own commercial purposes.

4.2 Sharing with commercial partners

Feed access does not, as of the date of this policy, communicate or sell Users' personal data to commercial partners. Any change in this practice (for example, connecting users with specialised suppliers) would be subject to prior notice and would require the collection of explicit and separate consent from the User before any transmission.

4.3 Sharing with authorities

Feed access may be required to disclose personal data to administrative or judicial authorities when such disclosure is required by law or ordered by a competent court.

4.4 Transfers outside the European Union

Certain Feed access subcontractors are established outside the European Union, particularly in the United States. These transfers are governed by:

• the EU-US Data Privacy Framework (adopted on 10 July 2023 by the European Commission, replacing the Privacy Shield invalidated in 2020), for certified US subcontractors;
• the standard contractual clauses adopted by the European Commission (Decision 2021/914), for subcontractors not covered by an adequacy decision.

Feed access ensures that its non-EU subcontractors provide sufficient data protection guarantees in accordance with Article 46 of the GDPR.

Article 5: Data security

Feed access implements appropriate organisational and technical measures to ensure a level of security appropriate to the risk:

• Organisational measures: staff confidentiality commitment, restricted access policy to personal data on a need-to-know basis, regular awareness-raising on security best practices.
• Technical measures: SSL certificate ensuring encryption of communications between the User and the Website, firewall, up-to-date antivirus on workstations, complex password authentication, regular backups, security updates, administrator access logging.

The User undertakes not to engage in any conduct contrary to this policy or, more generally, to the law.

Article 6: Data hosting

The Website is hosted by:

OVH SAS Share capital: €10,174,560 RCS Lille Métropole: 424 761 419 Registered office: 2 rue Kellermann, 59100 Roubaix, France

Certain data may be stored by:

• Google LLC — 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (Google Workspace, Google Forms, Google Analytics, Google Ads services);
• Microsoft Corporation — One Microsoft Way, Redmond, WA 98052, United States (OneDrive service).

For transfers to the United States, see Article 4.4 on transfers outside the European Union.

Article 7: Data controller

The data controller for personal data is:

Feed access SAS, represented by Mr Edouard Bault, Managing Director.

Registered office: 3 Rue du Bournel, 19400 Argentat sur Dordogne, France SIRET: 98180737300023 Contact email for data protection enquiries: contact@feedaccess.com

Article 8: Obligations of the data controller

The data controller undertakes to protect the data collected, to respect the purposes for which they were collected, and not to transmit them to third parties other than in the cases provided for in Article 4.

In the event of a personal data breach likely to result in a high risk to the rights and freedoms of data subjects, Feed access undertakes to:

• notify the CNIL (French Data Protection Authority) of this breach within 72 hours of becoming aware of it, in accordance with Article 33 of the GDPR;
• communicate this breach to the data subjects without undue delay, in accordance with Article 34 of the GDPR.

Article 9: User rights

In accordance with Articles 15 to 22 of the GDPR, the User has the following rights over their personal data.

To exercise these rights, the User may send their request by email to contact@feedaccess.com, providing their surname, first name and email address associated with the account or registration concerned. Proof of identity may be requested only in the event of reasonable doubt about the identity of the person, in accordance with CNIL recommendations (principle of minimisation).

The data controller responds to the request within 30 days, which may be extended by 2 months in the event of a complex request or a large volume of requests, in accordance with Article 12.3 of the GDPR. The User is informed of any extension within the initial one-month period.

9.1 Right of access, rectification and erasure

The User may obtain confirmation as to whether or not their data is being processed, and access this data. They may request the rectification or updating of inaccurate or incomplete data, or the deletion of their data in the cases provided for in Article 17 of the GDPR.

9.2 Right to data portability

The User may request to receive their data in a structured, commonly used and machine-readable format, and to transmit them to another data controller without Feed access hindering this.

9.3 Right to restriction and objection

The User may request the restriction of processing of their data in the cases provided for in Article 18 of the GDPR, or object to processing based on the legitimate interest of Feed access, particularly for direct marketing purposes.

9.4 Right not to be subject to automated decision-making

In accordance with Article 22 of the GDPR, the User has the right not to be subject to a decision based solely on automated processing producing legal effects or significantly affecting them. Feed access does not carry out any automated decision-making of this kind on the Website.

9.5 Right to determine the fate of data after death

In accordance with Article 85 of the French Data Protection Act, the User may define directives regarding the fate of their data after their death.

9.6 Right to lodge a complaint with the supervisory authority

If the User considers that Feed access does not comply with its obligations, they may lodge a complaint with the CNIL:

Commission Nationale de l'Informatique et des Libertés 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 Online complaint: https://www.cnil.fr/fr/plaintes

Article 10: Personal data of minors

In accordance with Article 8 of the GDPR and the French Data Protection Act, only minors aged 15 or over may consent alone to the processing of their personal data in the context of information society services.

Where the User is a minor under 15, the consent of a holder of parental authority is required. Feed access does not carry out automatic age verification; it is the responsibility of legal representatives to ensure that their child does not provide personal data without their consent. In case of doubt about a User's age, Feed access reserves the right to suspend processing until parental consent is obtained.

Article 11: Cookie policy

11.1 Definition and role of cookies

A "cookie" is a small text file placed on the User's device when visiting the Website. Cookies allow the User's device to be recognised to facilitate navigation, measure Website audience, personalise displayed content or offer relevant advertisements.

11.2 Collection of consent

In accordance with CNIL recommendations (deliberation 2020-091) and Articles 82 of the French Data Protection Act and 5.3 of the ePrivacy Directive, the placement of non-essential cookies is subject to the User's prior, active and informed consent.

On the first visit, a cookie management banner powered by the Tarteaucitron solution is displayed on the Website. This banner allows the User to:

• accept all cookies in a single click;
• refuse all cookies (except technically necessary cookies) in a single click, with the same simplicity as acceptance;
• customise their choice cookie by cookie, by purpose.

Consent may be modified or withdrawn at any time via the "Cookie management" button accessible at the bottom of the page.

11.3 Cookies placed on the Website

Cookies exempt from consent (strictly necessary technical cookies)

These cookies ensure the functioning of the Website and do not collect data for statistical or advertising purposes:

• session identifier cookies;
• authentication cookies;
• language preference cookies;
• consent choice memorisation cookie.

Cookies subject to consent

• Google Analytics (audience measurement): anonymised Website traffic statistics. Google's policy: https://policies.google.com/privacy
• Google Ads (conversion tracking): measurement of advertising campaign effectiveness. Google's policy: https://policies.google.com/privacy
• Social media cookies (if sharing buttons are enabled): Facebook, LinkedIn, YouTube.

11.4 Browser settings

The User may also configure their browser to refuse all or some cookies. Instructions are available on the websites of the main browsers:

• Chrome: https://support.google.com/chrome/answer/95647
• Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
• Safari: https://support.apple.com/guide/safari/manage-cookies-sfri11471/mac
• Edge: https://support.microsoft.com/en-us/microsoft-edge

The CNIL also provides a comprehensive guide: https://www.cnil.fr/fr/cookies-et-autres-traceurs

Refusing cookies may result in a degraded browsing experience. Feed access declines any responsibility for the consequences of this choice.

Feed access SAS — SIRET 98180737300023 — 3 Rue du Bournel, 19400 Argentat sur Dordogne, France Contact: contact@feedaccess.com — Website: https://www.feedaccess.com Last updated: 22 April 2026