Legal & Policies

FR

Thomas LEQUEUX Consultings

📄 Privacy Policy

Opti' - Excel add-in and web application

Last updated: May 2026

French version: https://lequeux-thomas.com/addin/site/legal/fr/
English version: https://lequeux-thomas.com/addin/site/legal/en/

📧 thomas.lequeux.consulting@gmail.com
🌐 https://lequeux-thomas.com/contact-us/

This Privacy Policy describes how Thomas LEQUEUX Consulting collects, uses, processes and protects the personal data of users of the Opti' Excel add-in and the associated web application, accessible from https://lequeux-thomas.com/addin/ and https://myoptibot.com.

1. Data Controller

The data controller is:

Thomas LEQUEUX Consulting
French micro-enterprise - SIRET: 94071918000017
Address: 5 Allée de l'Autan, 31850 Montrabé, France
Contact email: thomas.lequeux.consulting@gmail.com

2. Data Collected

We collect only the data strictly necessary for the proper functioning of the service:

  • Email address
  • Internal user identifier
  • Subscription and payment history via Stripe
  • History of API requests made to the server
  • Number of tokens used for AI calls
  • Conversation history with the OptiBot assistant. The content of messages exchanged with OptiBot is encrypted at application level using AES-256-GCM before being stored on Supabase servers see section 5 and section 4.8. Conversations created while using “Private AI” mode remain stored exclusively locally on the user's device and are never transmitted to Supabase servers.
  • Technical data required for push notifications, when authorized by the user: Firebase Cloud Messaging FCM notification token, platform used web, Android or iOS, technical browser or device information, date of last token activity and active/inactive token status.
  • Questionnaires created via the XLS Form Builder module: form structure questions, choices, settings, title and creation metadata. This data is synchronized on Supabase servers to enable backup, multi-device retrieval and sharing.
  • Data collections and submissions: when a user creates a data collection and collects responses via the internal interface, via a public sharing link or via enumerator mode, responses are encrypted at application level using AES-256-GCM before being stored on Supabase servers see section 5 and section 4.10.
  • Public sharing links: when a user generates a sharing link for a questionnaire, a unique identifier UUID is created and stored on Supabase. This link allows third parties to complete the questionnaire without creating an account. No personal data of the respondent is collected when completing the questionnaire via a sharing link, except for the responses explicitly provided in the questionnaire.
  • Invitations to complete questionnaires: when a user invites another authenticated user to complete a questionnaire, a reference to this invitation is stored on Supabase invitee identifier, sharing link identifier, invitation status. Responses collected through an invitation are encrypted like any other submission.
  • Data related to the rewards system: rewards claimed, claim date, reward type, internal identifier of shared content, level points, level reached, consecutive-day streak and applicable multipliers.
  • Data related to LinkedIn sharing, when the user voluntarily chooses to share Opti' or an article: post text, shared URL, article title and description, associated preview image, internal identifier of the shared content, associated reward type and publication result.
  • Temporary LinkedIn authorization data: OAuth authorization code, temporary LinkedIn access token and LinkedIn identifier required to publish the post. This data is used only during the publication process and is not retained permanently by Thomas LEQUEUX Consulting.

We do not collect or store Excel files, databases or user data processed by the add-in, except when the user explicitly chooses to transmit certain data to an AI engine or to activate Cloud synchronization of conversations, according to the terms described in this policy.

3. Purpose of Processing

The collected data is used only to:

  • Manage access to the service plans, authorizations
  • Validate the user's license
  • Manage usage limits
  • Provide customer support when needed
  • Occasionally inform the user about updates or offers related to the product
  • Send technical or functional notifications, in particular to inform the user that their daily tokens are available
  • Manage the user's notification preferences and permissions
  • Enable the creation, backup and multi-device synchronization of questionnaires via the XLS Form Builder module
  • Enable the collection of questionnaire responses, including via public sharing links accessible without authentication, and allow the form owner to view them
  • Allow the user to voluntarily publish content on their LinkedIn profile via the LinkedIn OAuth integration
  • Allocate rewards related to LinkedIn sharing, prevent duplicate rewards and apply cooldown rules
  • Manage the system of levels, points, consecutive-day streaks and token multipliers associated with rewards

No data is sold, rented or transferred to third parties for commercial purposes.

4. Artificial Intelligence Analysis - Available Engines

The add-in offers three artificial intelligence analysis engines, each providing a different level of privacy and power. The engine is selected using a single “Private AI” button that the user can enable or disable at any time:

  • Standard mode Private AI disabled: analyses are performed by the Mistral AI engine, a French artificial intelligence hosted in the European Union.
  • Private AI enabled: analyses are performed by the OptIA Online engine, an AI model operated exclusively by Thomas LEQUEUX Consulting on private infrastructure, without any third-party AI intermediary.
  • OptIA Offline 100% local: available for users who want processing to be entirely offline, without any data transmission.

The user is free to switch modes at any time, depending on the desired level of privacy and power.

4.1 Mistral AI standard mode - Private AI disabled

When Private AI mode is disabled, all analyses and conversations with OptiBot are processed by the Mistral AI engine:

  • The table selected by the user is converted into text and sent through Thomas LEQUEUX Consulting's secure backend server to the Mistral AI API.
  • The backend server does not retain or log the content of requests or responses.
  • The data sent to Mistral AI is limited to the content of the table selected by the user, through a voluntary and explicit action by the user.
  • Mistral AI is a French company SAS, registered office: 15 rue des Halles, 75001 Paris - SIREN: 952418325, natively subject to the General Data Protection Regulation GDPR.
  • By default, data is hosted in the European Union.
  • Thomas LEQUEUX Consulting uses the Mistral AI Scale plan. Under this plan, user data inputs and outputs is not used to train Mistral AI's artificial intelligence models. No action by the user is required to benefit from this protection.
  • Mistral AI retains API request inputs and outputs for 30 rolling days for abuse monitoring purposes, after which the data is deleted.
  • Processing by Mistral AI is governed by their Data Processing Addendum DPA, available at legal.mistral.ai.
  • The Zero Data Retention ZDR option is available upon request from Mistral AI, allowing any retention of inputs and outputs beyond the time required to process the request to be removed.
Privacy level: Good. Data is hosted in the European Union by default, by a French company natively subject to the GDPR. It is not used to train models Scale plan. Mistral AI retains requests for 30 days for abuse monitoring, then deletes them.

4.2 OptIA Online Private AI enabled - private server

When the user enables Private AI mode, all analyses and conversations with OptiBot are processed by the OptIA Online engine:

  • The selected table is converted into text and sent through Thomas LEQUEUX Consulting's secure backend server to a private GPU container operated exclusively by Thomas LEQUEUX Consulting.
  • The artificial intelligence model Qwen 2.5 72B runs in this private container; no third-party AI provider is involved in the processing.
  • The GPU container is hosted by the Modal platform Modal Labs, Inc., which is SOC 2 Type II certified and HIPAA compatible.
  • The backend server Render does not retain or log the content of requests or responses.
  • The GPU container does not retain any user data on disk: the model runs entirely in GPU RAM and the data is purged as soon as processing is complete.
  • The GPU container automatically shuts down after a period of inactivity scale-to-zero, thereby reducing the exposure surface.
  • Communications between the backend server and the GPU container are protected by a dedicated authentication key and encrypted via HTTPS TLS 1.3.

Modal privacy guarantees:

  • Modal contractually undertakes never to access, read or use the source code, function inputs and outputs, or any data stored in its customers' images and volumes documented least-privilege policy.
  • Modal deletes all function inputs and outputs as soon as the results have been retrieved by the client.
  • Containers are isolated using gVisor technology sandboxing developed by Google and used in Google Cloud Run, ensuring enhanced isolation between workloads.
  • All data is encrypted in transit TLS 1.3 and at rest AES-256.
  • The client Thomas LEQUEUX Consulting retains full ownership rights over its data. Modal may only use aggregated and de-identified data for internal purposes.
  • Modal is SOC 2 Type II certified, demonstrating the implementation and effective maintenance of security controls over an extended period, and offers Business Associate Agreements BAA for health data HIPAA compliance.
Privacy level: High. Data remains within infrastructure controlled exclusively by Thomas LEQUEUX Consulting and is never transmitted to a third-party AI provider. Thomas LEQUEUX Consulting undertakes never to access, read, copy, exploit or commercialize user data processed by this engine. No request or response content is recorded, logged or retained, either on the backend server or on the GPU container. Processing is performed entirely in RAM and data is purged at the end of each request.

4.3 OptIA Offline 100% local

When the user selects the OptIA Offline engine:

  • The artificial intelligence model runs entirely on the user's computer.
  • No data leaves the user's machine: neither the table content nor the generated response is transmitted to a remote server.
  • No network connection is required to process the analysis.
  • Thomas LEQUEUX Consulting has no visibility into and no access to the data processed in this mode.
Privacy level: Maximum. Processing is performed entirely offline. No data is exposed to a network or to a third party.

4.4 Comparative Table of Analysis Engines

Criterion Mistral AI
standard mode		 OptIA Online
Private AI ON		 OptIA Offline
100% local
Privacy Good High Maximum
AI power Good High Basic
Data leaves the PC Yes Yes No
Third party involved Mistral AI France No AI provider None
Infrastructure host Mistral AI EU, France Modal USA, SOC 2 Type II Local workstation
Data residency European Union by default United States Modal Local workstation
Provider access to data 30 days abuse monitoring None contractual commitment None
Use for training No Scale plan, opt-out by default Not applicable Not applicable
Data storage 30 days, then deletion None deleted after processing None
Zero Data Retention ZDR Available on request Not applicable no storage Not applicable
GDPR compliance Native French company Via Modal DPA Not applicable
Encryption TLS in transit TLS 1.3 + AES-256 at rest Not applicable
Connection required Yes Yes No

The user may switch between modes at any time using the “Private AI” button.

4.5 OptiBot - Conversational Assistant

The add-in includes a conversational assistant called OptiBot. When a user asks a question related to their data:

  • OptiBot analyzes only the column headers field names of the active spreadsheet to determine which columns are relevant to answer the question.
  • If OptiBot detects that a column may contain personal data for example: respondent names, email addresses, phone numbers, it explicitly asks the user whether they wish to include or exclude this column from the analysis before accessing any data content.
  • If the user chooses to exclude a column, it becomes completely invisible to the AI engine: neither the header nor the column data is read or transmitted.
  • This prior consent mechanism applies regardless of the AI engine selected Mistral AI, OptIA Online or OptIA Offline and regardless of the mode Private AI enabled or disabled.

4.6 Manual Column Exclusion

Independently of OptiBot's automatic detection, the user may manually exclude any column from the analysis at any time by clicking the exclusion button “no entry” icon shown on each row in the list of column headers.

Any excluded column, whether by the user's decision via OptiBot or through manual exclusion, is fully ignored by all AI processing, including analysis, cleaning and report generation.

4.7 Data Cleaning Clean Data

The add-in offers an automated data cleaning feature. When the user activates this feature:

  • The AI engine receives the headers of non-excluded columns as well as a representative sample of the data contained in those columns.
  • The AI identifies data requiring cleaning, in particular free-text responses for example: “Other, please specify...” fields where wording varies from one respondent to another.
  • The AI suggests groupings and standardizations of these responses in order to reduce the number of distinct occurrences and enable reliable statistical analysis.
  • The proposed changes are presented to the user as a preview. No changes are applied without the user's explicit confirmation.
  • Columns previously excluded by the user are never included in the cleaning process.

Cleaning is subject to the same privacy rules as analysis: data is processed by the AI engine corresponding to the mode selected by the user Private AI ON or OFF, according to the terms described in sections 4.1 to 4.3.

4.8 OptiBot Conversation History - Application-Level Encryption and Storage Modes

The OptiBot assistant keeps a history of conversations exchanged with the user in order to allow the user to find past conversations across all devices, resume an interrupted conversation and view previous results. The user has a choice between two storage modes:

Local Mode: available with Private AI mode

  • Conversations are stored exclusively in the user's browser localStorage.
  • No conversation is transmitted to a remote server.
  • Conversations are limited to a maximum of 10 and are not synchronized between devices.
  • If the user clears the browser cache, updates or uninstalls the add-in, local conversations are permanently lost.
  • Thomas LEQUEUX Consulting has no access to conversations stored in Local mode.

Cloud sync mode default - with application-level encryption

  • The user benefits from Cloud synchronization to keep conversations and access them from multiple devices.
  • The content of messages exchanged with OptiBot user questions, model responses, message metadata is encrypted at application level using the AES-256-GCM algorithm before being transmitted to Supabase servers. Encryption is performed server-side on the backend Render, EU, using an encryption key held exclusively by Thomas LEQUEUX Consulting and stored in the backend host's secure environment variables.
  • This encryption means that messages stored in the Supabase database are not readable, even by the technical administrator of Thomas LEQUEUX Consulting who directly views the database. Only the backend server, which holds the key, is able to decrypt messages when the user views them.
  • Communications between the application and the backend server are protected by HTTPS TLS 1.3. Access to messages is protected by JWT authentication: only the authenticated user who owns the conversation can retrieve their own messages.
  • Conversation titles and session metadata creation date, identifier are not encrypted in order to allow sorting, searching and displaying the conversation list. This metadata does not contain sensitive data.
  • Conversations are linked to the user identifier and protected by database-level security rules Row Level Security, ensuring that only the authenticated user can access their own conversations.
  • The user may at any time return to Local mode, delete an individual conversation, or export their conversations in Markdown or PDF format.

Special case - Private AI Mode:

  • Conversations created while Private AI mode is enabled are always stored locally only, even if Cloud sync mode is enabled.
  • Conversations marked as “private” are never transmitted to Supabase servers, in order to ensure that exchanges made in private mode never leave the user's local environment.
  • These conversations are visible only from the device on which they were created and are not synchronized between devices.
Summary: In Cloud sync mode, the content of OptiBot messages is encrypted server-side AES-256-GCM before being stored on Supabase. Even Thomas LEQUEUX Consulting cannot read the messages directly by viewing the database. Only the authorized backend server which holds the encryption key and the authenticated user who views their own messages through the application can access the content in plain text. Conversations created in Private AI mode always remain local and are never transmitted.

4.9 Push Notifications and Daily Tokens

Opti' may offer the user the option to receive push notifications, in particular to inform them that their daily tokens are available or to send useful information related to the use of the service.

Enabling notifications is optional. Notifications are sent only if the user has given permission through their browser, device or Android/TWA environment used to access Opti'. The user may withdraw this permission at any time from their browser, device or application settings.

To technically enable these notifications, Opti' uses Firebase Cloud Messaging FCM, a service provided by Google Firebase. Firebase Cloud Messaging allows messages to be sent to web applications, Android and other compatible platforms. Google indicates that Firebase generally acts as a processor within the meaning of the GDPR when its services are used by business customers. Firebase data processing terms are governed by the Firebase Data Processing and Security Terms.

  • An FCM notification token is generated for the user's device or browser after authorization.
  • This token is transmitted to Thomas LEQUEUX Consulting's backend server and stored in Supabase in order to enable notifications to be sent.
  • The associated technical information may include the platform used, the type of environment web, Android or iOS, browser or device information, date of last activity and active/inactive token status.
  • This data is used only for sending, managing and diagnosing push notifications.

Notifications sent may include a title, a short message and minimal technical metadata allowing the application to be opened or the type of notification to be identified, for example a notification related to daily tokens. They do not contain sensitive data from Excel files or the user's private conversations.

Summary: push notifications are optional. They require the creation and storage of a technical FCM token, used only to send notifications authorized by the user. The user may disable notifications at any time from their device or browser.

4.10 XLS Form Builder - Questionnaires and Data Collection Application-Level Encryption of Responses

The XLS Form Builder module allows users to design questionnaires in XLSForm format, collect responses and export data.

Questionnaire storage:

  • Created questionnaires form structure, questions, answer choices, title are stored locally localStorage as an offline cache, and synchronized on Supabase servers European Union for backup and multi-device access.
  • Each questionnaire is linked to the identifier of the user who created it and protected by row-level security rules Row Level Security: only the authenticated user can access their own questionnaires.
  • The questionnaire structure is not encrypted at application level because it must remain readable to display the form to potential respondents, in particular via public sharing links. It does not itself contain respondents' personal data.
  • Thomas LEQUEUX Consulting undertakes never to access, read, copy, exploit or commercialize the content of questionnaires created by users.

Data collections and submissions - application-level encryption:

  • Collected responses submissions are encrypted at application level using the AES-256-GCM algorithm before being stored on Supabase. Encryption is performed server-side on the backend Render, EU, using an encryption key held exclusively by Thomas LEQUEUX Consulting and stored in the backend host's secure environment variables.
  • This application-level encryption means that the content of responses stored in the Supabase database is not readable, even by the technical administrator of Thomas LEQUEUX Consulting who directly views the database. Only the backend server, which holds the key, is able to decrypt responses when the form owner views them.
  • Technical metadata required for operation submission identifier, form identifier, collection identifier, submission date is not encrypted. It does not contain sensitive responses.
  • Submissions are protected by the same security rules Row Level Security: only the form owner can view, export or delete responses.
  • All response writes must pass through Thomas LEQUEUX Consulting's backend server, which encrypts the data before transmitting it to Supabase. The frontend application does not hold the encryption key and cannot write responses in plain text directly into the database.
  • Thomas LEQUEUX Consulting undertakes never to access, read, copy, exploit, sell or disclose to third parties the responses collected through questionnaires.

Public sharing links:

  • The owner of a form may generate a public sharing link allowing third parties to complete the questionnaire without creating an Opti' account.
  • The link contains a unique identifier UUID that grants read-only access to the questionnaire structure questions and answer choices. The identifier does not provide access to responses already collected or to the user's other forms.
  • Respondents using a sharing link are not authenticated. No personal data email address, IP address, device identifier is collected automatically during completion. Only the responses explicitly entered in the questionnaire are recorded.
  • Anonymous submissions are also encrypted at application level AES-256-GCM before storage on Supabase. They pass through the backend server, which validates the sharing link before encrypting and storing the response.
  • The form owner may disable a sharing link at any time, which immediately prevents any new submission via that link.

Enumerator mode and invitations:

  • An Opti' user may “join” a shared data collection by pasting the sharing link into their application. They then become an enumerator for the collection and can fill out submissions offline, then synchronize them later to the cloud.
  • The form owner may also explicitly invite another authenticated user to become an enumerator. The invited user receives a notification in the application and may accept or decline the invitation.
  • Submissions entered in enumerator mode are stored locally localStorage as long as they are not synchronized. During synchronization, they are encrypted at application level AES-256-GCM by the backend server before being stored on Supabase, exactly like direct submissions.
  • Submissions pending synchronization, stored locally, are accessible to the user on their own device and are not encrypted in the browser localStorage. This limitation is inherent to offline mode.

Role system prepared for future use:

  • The technical architecture provides for a role system allowing the owner of a form to share access with other authenticated users, according to different permission levels: administrator, respondent, analyst, form designer, or read-only access.
  • This system is not yet enabled. When it is enabled, each invitation will be subject to the consent of the invited user and access will be strictly limited to the assigned role.
Summary: Questionnaires structure are stored in plain text on Supabase EU to allow display to respondents. Collected responses regardless of the channel: direct, public link, enumerator mode, invitation are systematically encrypted server-side AES-256-GCM before being stored on Supabase. Even Thomas LEQUEUX Consulting cannot read the responses directly by viewing the database. Only the backend server which holds the key and the authenticated form owner through the application can access the responses in plain text. Responses are not sold, transferred or disclosed to third parties.

4.11 LinkedIn Sharing and Rewards System

Opti' offers users the ability to claim rewards by voluntarily sharing certain content on LinkedIn, including articles, tutorials or a presentation of the application.

LinkedIn authorization:

  • LinkedIn sharing is always triggered by a voluntary action by the user.
  • Opti' uses LinkedIn's OAuth 2.0 protocol to obtain temporary authorization to publish a post on the user's behalf.
  • The user is redirected to LinkedIn to log in and authorize the publication.
  • Opti' never knows the user's LinkedIn password.
  • The authorization code and LinkedIn access token are used only to finalize the publication requested by the user.
  • Thomas LEQUEUX Consulting does not permanently retain the LinkedIn access token after publication.

Data used to publish the post:

  • The post text chosen or generated for sharing.
  • The URL to be shared.
  • The title and description of the article or shared content.
  • The preview image used to generate the LinkedIn card.
  • The LinkedIn identifier required to publish on the user's profile.

This data is transmitted to LinkedIn only to publish the content requested by the user. Once published, the post is subject to LinkedIn's terms of use, privacy policy and visibility settings. The user may edit or delete their post directly from their LinkedIn account.

Rewards, points and levels:

  • When a LinkedIn share is validated, Opti' records a reward in Supabase in order to allocate the associated tokens, level points and bonuses.
  • The retained information may include the internal user identifier, reward type, internal identifier of the shared content, claim date, number of points earned, level reached, consecutive-day streak and multipliers applied.
  • This data is used only to manage rewards, prevent duplicates, calculate levels and apply progression rules.
  • Opti' does not read LinkedIn private messages, LinkedIn contacts, LinkedIn account statistics or the user's other LinkedIn posts.
  • Opti' never posts automatically on LinkedIn without a voluntary action by the user.
Summary: LinkedIn sharing is optional and triggered only by the user. Opti' uses LinkedIn OAuth to publish the requested content, without accessing the LinkedIn password and without permanently retaining the access token. Reward data is retained only to manage tokens, points, levels, cooldowns and duplicate-prevention controls.

5. Security and Encryption

5.1 Encryption in Transit

  • All communications between the application Excel add-in or web application and the backend server pass through a secure HTTPS connection TLS.
  • Communications between the backend server and the private GPU container OptIA Online are protected by a dedicated authentication key and encrypted using TLS 1.3.
  • Communications between the backend server and the Supabase database are encrypted.

5.2 Application-Level Encryption of Sensitive Data AES-256-GCM

Beyond the standard encryption in transit and at rest provided by the Supabase infrastructure, Opti' implements additional application-level encryption on the most sensitive data before it is stored in the database.

Scope of application-level encryption:

  • The content of messages exchanged with OptiBot in Cloud sync mode user questions, model responses, internal message metadata.
  • The content of responses submissions collected via XLS Form Builder questionnaires, regardless of the collection channel direct entry, public sharing link, enumerator mode, invitation.

Algorithm and implementation:

  • The algorithm used is AES-256-GCM, a recognized cryptographic standard NIST SP 800-38D that combines encryption and authentication. Each encryption operation uses a unique random 96-bit initialization vector, ensuring that two identical messages produce different encrypted content.
  • Encryption is performed server-side on the backend Render, EU before writing to the database. Decryption is performed only server-side on the backend when the authenticated user views their own data through the application.
  • An authentication tag auth tag is associated with each encrypted item. Any alteration of the encrypted data in the database is immediately detected during decryption and results in rejection of the data.
  • A key version identifier is stored with each encrypted item, allowing future key rotation without loss of access to previous data.

Encryption key management:

  • The encryption key is a 256-bit symmetric key generated in a cryptographically secure manner.
  • The key is stored exclusively in the secure environment variables of the backend host Render. It is never included in the source code, never versioned, never transmitted to the application frontend, never stored in the Supabase database, and never transmitted to a third party.
  • Only the authorized backend server, which holds the key, is able to encrypt and decrypt protected data.

Practical consequence:

  • Even a technical administrator of Thomas LEQUEUX Consulting who directly viewed the Supabase database could not read OptiBot messages or questionnaire responses: they would only see encrypted strings, unreadable without the key.
  • A possible compromise of the Supabase database without simultaneous compromise of the backend would not allow an attacker to read sensitive content: ciphertext alone is unusable without the encryption key.

5.3 Authentication and Access Control

  • User authentication is managed by Supabase Auth, which uses cryptographically signed JWT tokens.
  • Passwords are never stored in plain text. They are hashed and salted by Supabase according to industry standards.
  • Thomas LEQUEUX Consulting never has access to passwords.
  • Access to backend API routes that handle OptiBot messages requires a valid JWT token. The server systematically verifies that the authenticated user is the owner of the relevant conversation before any read or write operation.
  • Database tables are protected by row-level security rules Row Level Security, ensuring that each authenticated user can access only their own data.

5.4 Infrastructure Security

  • The add-in operates largely locally for table generation.
  • Supabase database disks are encrypted at rest AES-256, providing a second layer of protection in addition to application-level encryption.
  • The backend server Render does not retain or log the content of AI requests or responses.
  • The private GPU container OptIA Online automatically shuts down after a period of inactivity scale-to-zero, thereby limiting the data exposure surface.
  • GPU containers are isolated using gVisor technology, preventing cross-access between workloads.

6. Retention Period

  • Subscription and payment-related data is retained for the duration of the subscription, then archived for the statutory tax period 5 years.
  • Technical data number of API calls, logs is retained only for the time necessary to manage the service.
  • Support exchanges may be retained for service improvement or technical archiving purposes.
  • User data processed by AI engines is not retained beyond the time required to process the request, with the exception of Mistral AI which may retain it for 30 days for abuse monitoring see section 4.1. For the OptIA Online engine, Modal deletes all function inputs and outputs as soon as the results have been retrieved. The Zero Data Retention ZDR option is available upon request from Mistral AI to remove this 30-day retention.
  • OptiBot conversations in Local mode remain on the user's workstation until the user deletes them or clears the browser cache.
  • OptiBot conversations in Cloud sync mode are retained on Supabase servers in encrypted form as long as the user does not delete them via soft delete. Deleted conversations are marked as deleted in the database but may be technically retained for limited recovery purposes.
  • Push notification tokens are retained as long as the user uses the service and notifications remain authorized. They may be updated automatically when a browser or device renews the technical token.
  • Notification tokens that become invalid, expired or disabled are deleted or marked as inactive when detected.
  • Questionnaires created via the XLS Form Builder are retained on Supabase until the user deletes them. Deleting a questionnaire triggers cascade deletion of all data collections and submissions attached to it.
  • Collected responses submissions are retained on Supabase in encrypted form until the associated data collection or questionnaire is deleted by the owner.
  • Public sharing links remain active until the owner disables them. A disabled link no longer allows any submission, but responses already collected remain accessible to the owner.
  • OAuth authorization codes and LinkedIn access tokens are used only during the publication process and are not permanently retained by Thomas LEQUEUX Consulting.
  • Data related to rewards, points, levels, consecutive-day streaks and reward histories is retained as long as the user account is active, in order to allow the progression system to function, prevent duplicates and manage cooldowns.
  • Internal identifiers of shared content are retained in order to prevent repeated allocation of the same reward for the same content.

7. User Rights GDPR

In accordance with Articles 15 to 22 of the GDPR, you have the following rights:

  • Right of access to your data
  • Right to rectification
  • Right to object and right to erasure
  • Right to restriction of processing
  • Right to data portability

To exercise your rights: 📧 thomas.lequeux.consulting@gmail.com

8. Hosting and Processors

8.1 Supabase - Database Management

  • Used for authentication and secure storage of user data email address, identifier, subscriptions.
  • Also used for storing OptiBot conversations in Cloud sync mode, XLS Form Builder questionnaires and collected responses submissions.
  • Passwords are encrypted and managed exclusively by Supabase, with no plain-text access by Thomas LEQUEUX Consulting.
  • OptiBot message content and questionnaire responses are encrypted at application level AES-256-GCM by Thomas LEQUEUX Consulting's backend server before being stored on Supabase. Supabase stores only ciphertext, unreadable without the encryption key held by Thomas LEQUEUX Consulting.
  • Supabase disks are encrypted at rest AES-256, adding a second layer of protection.
  • All sensitive tables are protected by row-level security rules Row Level Security: each record is linked to a unique user identifier and is accessible only to the authenticated user.
  • Servers located in the European Union, GDPR compliant.

8.2 Stripe - Payments and Subscriptions

  • Used for payment and subscription management.
  • Stripe processes payment data according to PCI-DSS standards.
  • Thomas LEQUEUX Consulting never has access to users' banking data.
  • Stripe is established in Ireland for European customers GDPR compliance.

8.3 Render - Backend Hosting and Encryption Key

  • Backend server hosted via Render, located in Frankfurt EU.
  • Used to manage API calls, license validation, routing of requests to the selected AI engine, as well as application-level encryption and decryption of sensitive data OptiBot messages, questionnaire responses.
  • The application-level encryption key is stored exclusively in Render's secure environment variables, under the exclusive control of Thomas LEQUEUX Consulting. It is never transmitted to the frontend, stored in the database, or shared with a third party.
  • The backend server does not retain or log the content of AI requests or responses.
  • All communications use secure HTTPS.

8.4 Mistral AI - Artificial Intelligence Analysis Standard Mode

  • Used when the user disables Private AI mode, for data analysis and conversations with OptiBot.
  • The transmitted data is limited to the Excel selection made by the user.
  • Mistral AI is a French company SAS, registered office: 15 rue des Halles, 75001 Paris - SIREN: 952418325, natively subject to the GDPR.
  • By default, data is hosted in the European Union.
  • Thomas LEQUEUX Consulting uses the Mistral AI Scale plan, under which user data is not used to train models.
  • Mistral AI retains API request inputs and outputs for 30 rolling days for abuse monitoring purposes, after which the data is deleted.
  • Mistral AI acts as a processor and provides a GDPR-compliant Data Processing Addendum DPA.
  • No transfer of data outside the European Union is required by default with this engine.
  • The Zero Data Retention ZDR option is available upon request, allowing the 30-day retention for abuse monitoring to be removed.
  • Mistral AI's data processing terms are available at legal.mistral.ai/terms/data-processing-addendum and legal.mistral.ai/terms/privacy-policy.

8.5 Firebase Cloud Messaging - Push Notifications

  • Used to send push notifications to users who have given permission.
  • The service allows notifications related to the operation of Opti' to be sent, including the availability of daily tokens.
  • Processed data may include an FCM notification token, technical platform information, the short notification content and technical metadata required for routing.
  • Firebase Cloud Messaging is provided by Google Firebase. Google generally acts as a processor for Firebase services used by business customers.
  • The applicable processing and security terms are described in the Firebase Data Processing and Security Terms.
  • Notifications do not contain Excel files, user databases, Private AI conversations or AI analysis content.

8.6 Modal - GPU Hosting OptIA Online Engine

  • Used when Private AI mode is enabled, for data analysis and conversations with OptiBot.
  • Modal Modal Labs, Inc. is a serverless cloud infrastructure platform. Thomas LEQUEUX Consulting deploys and operates its own AI model there exclusively in an isolated container.
  • Modal is SOC 2 Type II certified, demonstrating the implementation and effective maintenance of security, availability, confidentiality and data protection controls over an extended period, verified by an independent auditor.
  • Modal is HIPAA compatible and offers Business Associate Agreements BAA for health data.
  • Modal contractually undertakes to adopt a least-privilege approach: it never views, uses or accesses source code, function inputs and outputs, or data stored in its customers' images and volumes.
  • Modal deletes all function inputs and outputs as soon as the results have been retrieved by the client.
  • Containers are isolated using gVisor technology open-source sandboxing developed by Google, used in Google Cloud Run and Google Kubernetes Engine, providing defense in depth at the lowest level of the operating system.
  • All data is encrypted in transit via TLS 1.3 and at rest via AES-256.
  • The client Thomas LEQUEUX Consulting retains full intellectual property rights over its data. Modal may only use aggregated and de-identified data for internal purposes platform improvement.
  • No user data is written to the GPU container disk; processing is performed entirely in RAM.
  • The container automatically shuts down after a period of inactivity scale-to-zero.
  • Modal's terms of use and data processing policy are available at modal.com/legal/terms and modal.com/legal/dpa.

8.7 Hostinger - Website

  • Hosts the showcase website https://lequeux-thomas.com WordPress.
  • Cookie management and CNIL compliance have been implemented.
  • No sensitive data related to the add-in is stored via Hostinger.

8.8 LinkedIn - Voluntary Content Publication

  • Used only when the user voluntarily chooses to share Opti' content or an article on LinkedIn.
  • LinkedIn is used for temporary OAuth authentication and publication of the post authorized by the user.
  • The data transmitted may include the post text, shared URL, title and description of the content, preview image, and the LinkedIn identifier required for publication.
  • Opti' does not have access to the user's LinkedIn password.
  • Opti' does not read the user's LinkedIn private messages, contacts, account statistics or LinkedIn publication history.
  • The LinkedIn access token is used only to finalize the requested publication and is not permanently retained by Thomas LEQUEUX Consulting.
  • Once published, the content is processed by LinkedIn according to its own terms of use and privacy policy.

9. Cookies and Website

The website https://lequeux-thomas.com may use cookies for audience measurement Google Analytics or functionality purposes. An information banner and consent system are in place in accordance with CNIL requirements.

10. International Data Transfers

Personal data processed in connection with the add-in may be transferred outside the European Union in the following cases:

  • Standard mode Mistral AI: data is hosted in the European Union by default. Mistral AI is a French company natively subject to the GDPR. No transfer outside the EU is required by default.
  • Private AI mode OptIA Online: inference data passes through Modal's infrastructure United States. Modal contractually undertakes never to access the content of function inputs and outputs and to delete them after retrieval. The AI model is operated exclusively by Thomas LEQUEUX Consulting in an isolated container. Modal's data processing terms are governed by their Data Processing Addendum DPA.
  • Cloud sync of OptiBot conversations: conversations are stored on Supabase in the European Union in application-level encrypted form AES-256-GCM. No transfer outside the EU is required for this feature.
  • XLS Form Builder and data collection: questionnaires, data collections and submissions are stored on Supabase in the European Union. Responses are encrypted at application level before storage. No transfer outside the EU is required for this feature.
  • Firebase Cloud Messaging push notifications: technical data required to send notifications may be processed by Google Firebase. This processing is governed by Google Firebase's processing and security terms, including the Firebase Data Processing and Security Terms.
  • LinkedIn sharing: when the user voluntarily chooses to publish content on LinkedIn, the data required for that publication is transmitted to LinkedIn. This processing may involve transfer or access from countries located outside the European Union, depending on LinkedIn's infrastructure and applicable terms.

When the user chooses the OptIA Offline engine, no data transfer takes place.

11. Updates to This Policy

This policy may be updated at any time depending on changes to product features or regulations.

Last revision: May 2026

✨ Ethical Commitment Charter

Thomas LEQUEUX Consulting

Opti' - Excel Add-in

French version: https://lequeux-thomas.com/addin/site/legal/fr/
English version: https://lequeux-thomas.com/addin/site/legal/en/

📧 thomas.lequeux.consulting@gmail.com
🌐 https://lequeux-thomas.com/contact-us/

📅 Version dated August 14, 2025

🧭 1. Our Vision

Opti' is a service developed by Thomas LEQUEUX Consulting, a French micro-enterprise specializing in supporting humanitarian and development actors.

Aware of our ethical responsibility as a provider of technical solutions serving humanitarian action, we commit to respecting the fundamental principles guiding the humanitarian sector.

🤝 2. Fundamental Humanitarian Principles

We adhere to universal humanitarian principles:

  • Humanity: to alleviate human suffering wherever it is found.
  • Neutrality: to take no side in any conflict.
  • Impartiality: to provide services without discrimination.
  • Independence: to guarantee the autonomy of our technical decisions.

🚫 3. Prevention of Sexual Exploitation and Abuse (PSEA)

We adopt zero tolerance towards any form of:

  • Abuse of power
  • Sexual exploitation or harassment
  • Discriminatory or oppressive behavior

We commit to working only with partners and users who adhere to these same principles.

⚖️ 4. Data and AI Ethics

Our tool uses AI to assist with data analysis. As such:

  • No sensitive personal data is collected or retained.
  • Data sent to the AI is exclusively that explicitly chosen by the user during the analysis setup phase.
  • Requests sent to the AI are solely intended to provide data interpretation for the user, and are never used for commercial purposes.

We encourage our users to anonymize data before any analysis.

🕊️ 5. Commitment Against Violence, Terrorism and Corruption

We commit to providing our services only to actors who respect international humanitarian law.

We refuse any collaboration with persons or entities involved in:

  • Financing or supporting terrorism
  • Serious human rights violations
  • Acts of corruption, abuse or oppression

We regularly verify our compliance with European and international regulations regarding sanctions and security.

🧪 6. Accountability and Transparency

We make every effort to offer a service that is:

  • Transparent in its operation
  • Respectful of data confidentiality
  • GDPR-compliant

Any legitimate ethical concern or report can be addressed directly to: 📧 thomas.lequeux.consulting@gmail.com

📝 7. Review and Improvement

This charter may be updated to remain aligned with the evolution of ethical practices and humanitarian sector standards.

Last revision: August 14, 2025

← Back to homepage