The Aka Advantage

Privacy & Cookie Policy

Last updated: 25 June 2026

1. Who we are

This website is operated by The AKA Advantage, a business registered in France with its registered office at 19 Avenue Germaine Dulac, 35000 Rennes, France.

  • Legal form: Micro-entrepreneur
  • SIRET: 10479900200019
  • Intra-Community VAT number: Not subject to VAT
  • Email: akanksha.jalan@theakaadvantage.com

For any question about this Privacy & Cookie Policy or your personal data, you can contact us at akanksha.jalan@theakaadvantage.com.

2. Scope of this Privacy & Cookie Policy

This Privacy & Cookie Policy explains how personal data is collected and processed when you visit www.theakaadvantage.com, contact the business, or use the online forms available on the website. It also explains how cookies and similar technologies are used on the website. This policy applies in addition to any contractual documents that may govern the relationship with clients or prospects.

3. What personal data is collected

Only personal data that is necessary for the purposes described in this Policy is collected.

3.1 Data provided directly

When you use the contact forms or otherwise communicate through the website or by email, the following data may be collected:

  • Identification and contact details, such as name, surname, email address, telephone number, organisation, and role.
  • Content of messages, such as subject, message text, attachments, and preferred language.
  • Any other information voluntarily shared in the context of a request, for example project details, availability, or expectations.

Please avoid including special categories of data, such as health information, political opinions, or religious beliefs, unless expressly requested and accompanied by appropriate information and safeguards.

3.2 Data collected automatically

When you browse the website, certain technical and usage data may be collected automatically by the hosting provider and website tools, including:

  • IP address and approximate location derived from IP address;
  • date and time of access;
  • pages visited and navigation path;
  • device type, operating system, and browser;
  • referral URL.

This data is used to ensure the security and proper functioning of the website and, where applicable, for audience measurement.

3.3 Cookies and similar technologies

Cookies and similar technologies may be used for:

  • technical operation and security of the website;
  • remembering cookie preferences;
  • measuring the audience and performance of the website, where consent has been given.

Further information on the cookies used, their categories, and how to manage them is provided in Section 10 of this Policy.

4. Purposes and legal bases of processing

Personal data is processed for the following purposes and on the following legal bases under the GDPR.

Responding to requests and managing the relationship

Purpose: to read and respond to messages sent via contact forms or by email, to follow up on discussions, and to manage the professional relationship.

Legal bases:

  • performance of pre-contractual measures taken at the request of the data subject or performance of a contract (Article 6(1)(b) GDPR);
  • legitimate interest in communicating with prospects and clients (Article 6(1)(f) GDPR).

Provision of services and client management

Purpose: to prepare and perform contracts, deliver services, manage appointments, issue invoices, and keep necessary business records.

Legal bases:

  • performance of a contract (Article 6(1)(b) GDPR);
  • compliance with legal obligations, in particular accounting and tax obligations (Article 6(1)(c) GDPR).

Operation, maintenance and security of the site

Purpose: to host and administer the website, detect and prevent malicious activity, ensure the security of systems, and maintain availability.

Legal basis: legitimate interest in operating a secure and reliable website (Article 6(1)(f) GDPR).

Spam and bot protection on forms

Purpose: to protect contact forms from automated abuse and spam submissions using Cloudflare Turnstile.

Legal basis: legitimate interest in securing services and preventing abuse (Article 6(1)(f) GDPR).

Audience measurement and site improvement

Purpose: to understand how visitors use the website, including most visited pages, navigation paths, and technical performance, in order to improve structure and content.

Legal basis:

  • where cookies or trackers are strictly necessary and configured within applicable exemptions: legitimate interest (Article 6(1)(f) GDPR);
  • otherwise: consent collected via the cookie banner (Article 6(1)(a) GDPR).

Compliance with legal obligations and defence of legal claims

Purpose: to comply with legal obligations under French and EU law and to establish, exercise, or defend legal claims.

Legal bases: legal obligation (Article 6(1)(c) GDPR) and legitimate interest (Article 6(1)(f) GDPR).

If data is intended to be used for another purpose, the person concerned will be informed beforehand and, where necessary, consent will be obtained.

5. Recipients and processors

Personal data may be shared with or accessed by the following categories of recipients, strictly on a need-to-know basis:

  • Hosting provider: IONOS SARL, which hosts the website on servers located in the European Union and processes technical log data as part of hosting services.
  • Cloudflare: for Turnstile anti-bot protection on forms, which analyses technical signals to distinguish humans from bots.
  • WordPress and plugin providers: only where their services involve data processing on behalf of the site operator, for example plugin update services or form-related features, and in such cases subject to appropriate contractual safeguards.
  • Professional advisers and authorities: lawyers, accountants, auditors, courts, and public authorities where necessary to comply with legal obligations or defend legal claims.

Personal data is not sold or rented to third parties.

If personal data is transferred outside the European Economic Area, an adequate level of protection will be ensured, for example by using the European Commission’s standard contractual clauses or relying on an adequacy decision.

6. Data retention

Personal data is kept only for as long as necessary for the purposes listed above and in accordance with applicable legal and regulatory obligations.

Indicative retention periods are as follows:

  • Contact requests and correspondence: up to 3 years after the last contact or interaction, unless a longer period is required in the context of a client relationship or legal dispute.
  • Client data and contracts: for the duration of the contractual relationship and thereafter as long as required by French limitation periods or legal archiving obligations.
  • Accounting and invoicing documents: up to 10 years after the end of the relevant financial year, as required by French law.
  • Technical logs and security logs: typically 6 to 12 months, unless a security incident justifies a longer retention.
  • Cookie and analytics data: up to 13 months for audience measurement cookies, in line with CNIL recommendations.

After these periods, data is deleted or anonymised wherever possible.

7. Your rights

Under the GDPR and French data protection law, you have the following rights regarding personal data:

  • Right of access: to obtain confirmation whether personal data is being processed and to receive a copy.
  • Right to rectification: to have inaccurate or incomplete data corrected.
  • Right to erasure: in certain cases, to request deletion of personal data.
  • Right to restriction of processing: in specific situations, to request that processing be limited.
  • Right to data portability: for data provided directly, where processing is based on consent or a contract and carried out by automated means.
  • Right to object: to processing based on legitimate interests, on grounds relating to a particular situation, and at any time when data is processed for direct marketing.
  • Right to withdraw consent: where processing is based on consent, consent may be withdrawn at any time without affecting the lawfulness of processing prior to withdrawal.

These rights may be exercised by contacting akanksha.jalan@theakaadvantage.com and explaining which right is being exercised and in what context. Proof of identity may be requested where necessary.

8. Right to lodge a complaint with the CNIL

If you believe that your rights have not been respected, you may lodge a complaint with the Commission nationale de l’informatique et des libertés (CNIL), the French data protection authority.

  • Website: https://www.cnil.fr
  • Postal address: CNIL, 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France.

You are encouraged to make contact first so that any concern can be addressed directly where possible.

9. Security

Appropriate technical and organisational measures are implemented to protect personal data against unauthorised access, accidental loss, destruction, or alteration. These measures include, for example:

  • secure hosting in the European Union;
  • access control to administration interfaces;
  • regular updates of WordPress core, themes, and plugins;
  • encrypted connections (HTTPS) between your browser and the website.

However, no system is completely risk-free, and absolute security cannot be guaranteed.

10. Cookie Policy

10.1 What are cookies?

Cookies are small text files that may be stored on your device, such as a computer, tablet, or smartphone, when you visit a website. They enable the site to recognise your device and record information about your preferences or past actions. Other similar technologies, such as local storage or pixels, may also be used; collectively, these technologies are referred to here as “cookies.”

10.2 Who sets cookies on this site?

Cookies on this website may be set by:

  • the website operator, where they relate to the functioning and configuration of the website (first-party cookies); and
  • third parties, such as the hosting provider, Cloudflare (Turnstile), and certain WordPress plugins used on the site (third-party cookies).

10.3 What types of cookies are used?

Cookies are grouped into the following categories:

Strictly necessary cookies
These cookies are essential for the proper functioning of the website and cannot be disabled. They are usually set in response to actions taken on the site, such as completing forms, setting privacy preferences, or logging in. This includes, for example, cookies storing cookie preferences, security cookies, technical logs related to Cloudflare Turnstile and the hosting provider, and session cookies necessary for WordPress to operate the site and manage forms.

Functional cookies
These cookies enable the site to provide enhanced functionality and personalisation, for example by remembering preferences or the appearance of certain elements. If these cookies are disabled, some parts of the site may not function correctly.

Audience measurement and analytics cookies
These cookies help understand how visitors use the website, such as the most visited pages, navigation paths, and error pages, in order to improve content and performance. Depending on how the tools are configured, these cookies may be exempt from consent in limited cases or may require prior consent.

Other third-party cookies
Additional cookies may be set if you interact with embedded content, such as videos, maps, or social network buttons, or if certain plugins activate features that load external resources. These cookies are subject to prior consent where required and are described in the consent banner when present.

10.4 Cookie consent and management

When you first visit the website, a banner informs you about the use of cookies and allows you to:

  • accept all cookies;
  • refuse all non-essential cookies; or
  • customise your choices by category.

The cookie consent tool stores your preferences so that the banner does not reappear on each page. You can change your choices at any time by clicking on the “Cookie settings” link or button in the website footer.

If you refuse non-essential cookies, some functionalities, such as certain embedded content or advanced analytics, may not be available.

You can also configure your browser to block or delete cookies, although this may affect the functioning of certain websites. Instructions are available in your browser’s help section.

10.5 Retention periods for cookies

  • Cookies storing consent or refusal are typically kept for up to 6 to 13 months, in line with CNIL recommendations.
  • Audience measurement data is usually kept for up to 13 months.
  • Other cookie lifetimes are indicated in the cookie consent interface when required.

11. Changes to this Privacy & Cookie Policy

This Privacy & Cookie Policy may be updated from time to time, for example to reflect changes in practices, services, or legal requirements. The latest version is always available on this page, with the date of the last update indicated at the top. Where appropriate, notice may also be provided on the website or by email.