Legal & Policies

This privacy policy describes how Thomas LEQUEUX Consulting collects, uses, processes and protects the personal data of users of the Opti' Excel add-in, accessible from https://lequeux-thomas.com/addin/

---

1. Data Controller

The data controller is:

Thomas LEQUEUX Consulting
French micro-enterprise — SIRET: 94071918000017
Address: 5 Allée de l'Autan, 31850 Montrabé, France
Contact email: thomas.lequeux.consulting@gmail.com

---

2. Data Collected

We only collect the data strictly necessary for the proper functioning of the add-in:

• Email address
• Subscription and payment history (via Stripe)
• History of API requests made to the server
• Number of tokens used for AI calls

We do not collect or store Excel files, databases, or user data processed by the add-in.

---

3. Purpose of Processing

The data collected is used solely for:

• Managing access to the service (plans, permissions)
• Validating the user's license
• Managing usage limits
• Providing customer support when needed
• Occasionally informing the user of updates or offers related to the product

No data is sold, rented, or transferred to third parties for commercial purposes.

---

4. Artificial Intelligence Analysis — Available Engines

The add-in offers four AI analysis engines, each providing a different level of privacy and power. The user freely chooses their engine before each analysis.

4.1 OpenAI (Cloud — United States)

When the user selects the OpenAI engine:

• The selected table is converted to text and sent via Thomas LEQUEUX Consulting's secure backend server to the OpenAI API.
• The backend server does not retain or log the content of requests or responses.
• Data sent to OpenAI is limited to the content of the selected table, through a voluntary and explicit action by the user.
• Processing by OpenAI is subject to their Data Processing Addendum (DPA).
• The "no training" mode is enabled: OpenAI may temporarily store requests for up to 30 days for quality control purposes, without using them to train models.

4.1b Mistral AI (Cloud — European Union)

When the user selects the Mistral AI engine:

• The selected table is converted to text and sent via Thomas LEQUEUX Consulting's secure backend server to the Mistral AI API.
• The backend server does not retain or log the content of requests or responses.
• Data sent to Mistral AI is limited to the content of the selected table, through a voluntary and explicit action by the user.
• Mistral AI is a French company (SAS, registered office: 15 rue des Halles, 75001 Paris — SIREN: 952418325), natively subject to the General Data Protection Regulation (GDPR).
• By default, data is hosted in the European Union.
• Thomas LEQUEUX Consulting uses the Mistral AI Scale plan. Under this plan, user data (inputs and outputs) is not used to train Mistral AI's artificial intelligence models. No action by the user is required to benefit from this protection.
• Mistral AI retains API request inputs and outputs for 30 rolling days for abuse monitoring purposes, after which the data is deleted.
• Processing by Mistral AI is subject to their Data Processing Addendum (DPA), available at legal.mistral.ai.
• The Zero Data Retention (ZDR) option is available upon request from Mistral AI, allowing the elimination of any retention of inputs and outputs beyond the processing time of the request.

4.2 OptIA Online (Private Server)

When the user selects the OptIA Online engine:

• The selected table is converted to text and sent via Thomas LEQUEUX Consulting's secure backend server to a private GPU container, operated exclusively by Thomas LEQUEUX Consulting.
• The AI model (Qwen 2.5 72B) runs in this private container; no third-party AI provider is involved in the processing.
• The GPU container is hosted by Modal (Modal Labs, Inc.), which is SOC 2 Type II certified and HIPAA compliant.
• The backend server (Render) does not retain or log the content of requests or responses.
• The GPU container does not store any user data on disk: the model runs entirely in GPU RAM and data is purged at the end of processing.
• The GPU container automatically shuts down after a period of inactivity (scale-to-zero), reducing the exposure surface.
• Communications between the backend server and the GPU container are protected by a dedicated authentication key and encrypted via HTTPS (TLS 1.3).

Modal's privacy guarantees:

• Modal contractually commits to never accessing, reading, or using source code, function inputs and outputs, or any data stored in its clients' images and volumes (documented least-privilege policy).
• Modal deletes all function inputs and outputs as soon as results have been retrieved by the client.
• Containers are isolated using gVisor technology (sandboxing developed by Google and used in Google Cloud Run), ensuring enhanced isolation between workloads.
• All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
• The client (Thomas LEQUEUX Consulting) retains full ownership rights over their data. Modal may only use aggregated and de-identified data for internal purposes.
• Modal is SOC 2 Type II certified, attesting to the implementation and effective maintenance of security controls over an extended period, and offers Business Associate Agreements (BAA) for health data (HIPAA compliance).

4.3 OptIA Offline (100% Local)

When the user selects the OptIA Offline engine:

• The AI model runs entirely on the user's computer.
• No data leaves the user's machine: neither the table content nor the generated response is transmitted to a remote server.
• No network connection is required for analysis processing.
• Thomas LEQUEUX Consulting has no visibility or access to data processed in this mode.

4.4 Comparative Table of Analysis Engines

Criterion	OpenAI (Cloud)	Mistral AI (Cloud EU)	OptIA Online	OptIA Offline
Privacy	Standard	Good	High	Maximum
AI Power	Maximum	Good	High	Basic
Data leaves the PC	Yes	Yes	Yes	No
Third party involved	OpenAI (USA)	Mistral AI (France)	No AI provider	None
Infrastructure host	OpenAI (USA)	Mistral AI (EU, France)	Modal (USA, SOC 2 Type II)	Local machine
Data residency	United States	European Union (by default)	United States (Modal)	Local machine
Provider access to data	30 days (OpenAI)	30 days (abuse monitoring)	None (contractual commitment)	None
Used for training	No ("no training" mode)	No (Scale plan, opt-out by default)	Not applicable	Not applicable
Data storage	30 days (OpenAI)	30 days, then deleted	None (deleted after processing)	None
Zero Data Retention (ZDR)	Upon request	Available upon request	Not applicable (no storage)	Not applicable
GDPR compliance	Via SCCs (US transfer)	Native (French company)	Via Modal DPA	Not applicable
Encryption	TLS in transit	TLS in transit	TLS 1.3 + AES-256 at rest	Not applicable
Connection required	Yes	Yes	Yes	No

The user is free to change engines at any time, depending on the desired level of privacy and power.

4.5 OptiBot — Conversational Assistant

The add-in includes a conversational assistant called OptiBot. When a user asks a question about their data:

• OptiBot analyzes only the column headers (field names) of the active spreadsheet to determine which columns are relevant to answer the question.
• If OptiBot detects that a column is likely to contain personal data (for example: respondent names, email addresses, phone numbers), it explicitly asks the user whether they wish to include or exclude that column from the analysis, before accessing any data content.
• If the user chooses to exclude a column, it becomes entirely invisible to the AI engine: neither the header nor the column data is read or transmitted.
• This prior consent mechanism applies regardless of the selected AI engine (OpenAI, Mistral AI, OptIA Online, or OptIA Offline).

4.6 Manual Column Exclusion

Independently of OptiBot's automatic detection, the user can manually exclude any column from the analysis at any time by clicking the exclusion button (the "no entry" icon) present on each row of the column header list.

Any excluded column — whether by the user's decision via OptiBot or via manual exclusion — is entirely ignored by all AI processing, including analysis, data cleaning, and report generation.

4.7 Data Cleaning (Clean Data)

The add-in offers an automated data cleaning feature. When the user activates this function:

• The AI engine receives the headers of non-excluded columns along with a representative sample of the data in those columns.
• The AI identifies data requiring cleaning, particularly free-text responses (for example: "Other, please specify…" fields) where wording varies from one respondent to another.
• The AI proposes groupings and standardizations of these responses to reduce the number of distinct occurrences and enable reliable statistical analysis.
• Proposed changes are presented to the user as a preview. No changes are applied without the user's explicit confirmation.
• Columns previously excluded by the user are never included in the cleaning process.

Data cleaning is subject to the same privacy rules as analysis: data is processed by the AI engine selected by the user, according to the terms described in sections 4.1 through 4.3.

---

5. Security

• The add-in operates largely locally for table generation.
• Exchanges with the backend server use secure HTTPS connections.
• Communications between the backend server and the private GPU container (OptIA Online) are protected by a dedicated authentication key and encrypted via TLS 1.3.
• Passwords are never stored in plain text.
• Authentication and password storage are managed by Supabase, using secure encryption.
• Thomas LEQUEUX Consulting never has access to passwords.
• Authentication tokens are securely managed and linked to user identifiers.
• The private GPU container automatically shuts down after a period of inactivity (scale-to-zero), limiting data exposure surface.
• GPU containers are isolated using gVisor technology, preventing cross-workload access.

---

6. Data Retention Period

• Data related to subscriptions and payments is retained for the duration of the subscription, then archived for the legal tax retention period (5 years).
• Technical data (number of API calls, logs) is retained only for the duration necessary for service management.
• Support exchanges may be retained for service improvement or technical archiving purposes.
• User data processed by AI engines is not retained beyond the processing time of the request, except for OpenAI and Mistral AI which may retain it for 30 days for quality control and abuse monitoring (see sections 4.1 and 4.1b). For the OptIA Online engine, Modal deletes all function inputs and outputs as soon as results have been retrieved. The Zero Data Retention (ZDR) option is available upon request from OpenAI and Mistral AI to eliminate this 30-day retention.

---

7. User Rights (GDPR)

In accordance with Articles 15 to 22 of the GDPR, you have the following rights:

• Right of access to your data
• Right to rectification
• Right to object and to erasure
• Right to restriction of processing
• Right to data portability

To exercise your rights: 📧 thomas.lequeux.consulting@gmail.com

---

8. Hosting and Subprocessors

8.1 Supabase — Database Management

• Used for authentication and secure storage of user data (email address, identifier, subscriptions).
• Passwords are encrypted and managed exclusively by Supabase, with no plain-text access by Thomas LEQUEUX Consulting.
• Servers located in the European Union, GDPR compliant.

8.2 Stripe — Payments and Subscriptions

• Used for payment and subscription management.
• Stripe processes payment data according to PCI-DSS standards.
• Thomas LEQUEUX Consulting never has access to users' banking data.
• Stripe is established in Ireland for European customers (GDPR compliance).

8.3 Render — Backend Hosting

• Backend server hosted via Render, located in Frankfurt (EU).
• Manages API calls, license validation, and request routing to the selected AI engine.
• The backend server does not retain or log the content of AI requests or responses.
• All communications use secure HTTPS.

8.4 OpenAI — AI Analysis (OpenAI Engine)

• Used only when the user chooses the OpenAI engine to analyze their data.
• Data transmitted is limited to the Excel selection made by the user.
• "No training" mode enabled; temporary storage of up to 30 days for quality control.
• OpenAI acts as a subprocessor and applies its Data Processing Addendum.
• Data transfer to the United States is governed by Standard Contractual Clauses (SCCs) in compliance with the GDPR.

8.4b Mistral AI — AI Analysis (Mistral AI Engine)

• Used only when the user chooses the Mistral AI engine to analyze their data.
• Data transmitted is limited to the Excel selection made by the user.
• Mistral AI is a French company (SAS, registered office: 15 rue des Halles, 75001 Paris — SIREN: 952418325), natively subject to the GDPR.
• By default, data is hosted in the European Union.
• Thomas LEQUEUX Consulting uses the Mistral AI Scale plan, under which user data is not used for model training.
• Mistral AI retains API request inputs and outputs for 30 rolling days for abuse monitoring purposes, after which the data is deleted.
• Mistral AI acts as a subprocessor and provides a GDPR-compliant Data Processing Addendum (DPA).
• No transfer of data outside the European Union is required by default with this engine.
• The Zero Data Retention (ZDR) option is available upon request, allowing the elimination of the 30-day retention for abuse monitoring.
• Mistral AI's data processing terms are available at legal.mistral.ai/terms/data-processing-addendum and legal.mistral.ai/terms/privacy-policy.

8.5 Modal — GPU Hosting (OptIA Online Engine)

• Used only when the user chooses the OptIA Online engine.
• Modal (Modal Labs, Inc.) is a serverless cloud infrastructure platform. Thomas LEQUEUX Consulting deploys and exclusively operates its own AI model in an isolated container.
• Modal is SOC 2 Type II certified, attesting to the implementation and effective maintenance of security, availability, confidentiality, and data protection controls over an extended period, verified by an independent auditor.
• Modal is HIPAA compliant and offers Business Associate Agreements (BAA) for health data.
• Modal contractually commits to a least-privilege approach: it never views, uses, or accesses source code, function inputs and outputs, or data stored in its clients' images and volumes.
• Modal deletes all function inputs and outputs as soon as results have been retrieved by the client.
• Containers are isolated using gVisor technology (open-source sandboxing developed by Google, used in Google Cloud Run and Google Kubernetes Engine), ensuring defense in depth at the lowest operating system level.
• All data is encrypted in transit via TLS 1.3 and at rest via AES-256.
• The client (Thomas LEQUEUX Consulting) retains full intellectual property rights over their data. Modal may only use aggregated and de-identified data for internal purposes (platform improvement).
• No user data is written to the GPU container's disk; processing is performed entirely in RAM.
• The container automatically shuts down after a period of inactivity (scale-to-zero).
• Modal's terms of use and data processing policy are available at modal.com/legal/terms and modal.com/legal/dpa.

8.6 Hostinger — Website

• Hosts the showcase website https://lequeux-thomas.com (WordPress).
• Cookie management and CNIL compliance implemented.
• No sensitive data related to the add-in is stored via Hostinger.

---

9. Cookies and Website

The website https://lequeux-thomas.com may use cookies for audience measurement (Google Analytics) or operational purposes. An information banner and consent system are in place in compliance with CNIL requirements.

---

10. International Data Transfers

Personal data processed in connection with the add-in may be transferred outside the European Union in the following cases:

• OpenAI engine: transfer to the United States, governed by Standard Contractual Clauses (SCCs) approved by the European Commission.
• Mistral AI engine: data is hosted in the European Union by default. Mistral AI is a French company natively subject to the GDPR. No transfer outside the EU is required by default. Some of Mistral AI's subprocessors may be located outside the EU; in such cases, transfers are governed by Standard Contractual Clauses (SCCs) in compliance with the GDPR, as detailed in Mistral AI's DPA.
• OptIA Online engine: inference data passes through Modal's infrastructure (United States). However, Modal contractually commits to never accessing function input and output content and to deleting them after retrieval. The AI model is operated exclusively by Thomas LEQUEUX Consulting in an isolated container. Data is never transmitted to a third-party AI provider. Modal's data processing terms are governed by their Data Processing Addendum (DPA), which provides the necessary safeguards for data transfers in compliance with the GDPR.

When the user chooses the OptIA Offline engine, no data transfer takes place.

---

11. Updates to This Policy

This policy may be updated at any time depending on changes to product features or regulations.

Last revision: March 2026

---

🧭 1. Our Vision

Opti' is a service developed by Thomas LEQUEUX Consulting, a French micro-enterprise specializing in supporting humanitarian and development actors.

Aware of our ethical responsibility as a provider of technical solutions serving humanitarian action, we commit to respecting the fundamental principles guiding the humanitarian sector.

---

🤝 2. Fundamental Humanitarian Principles

We adhere to universal humanitarian principles:

• Humanity: to alleviate human suffering wherever it is found.
• Neutrality: to take no side in any conflict.
• Impartiality: to provide services without discrimination.
• Independence: to guarantee the autonomy of our technical decisions.

---

🚫 3. Prevention of Sexual Exploitation and Abuse (PSEA)

We adopt zero tolerance towards any form of:

• Abuse of power
• Sexual exploitation or harassment
• Discriminatory or oppressive behavior

We commit to working only with partners and users who adhere to these same principles.

---

⚖️ 4. Data and AI Ethics

Our tool uses AI to assist with data analysis. As such:

• No sensitive personal data is collected or retained.
• Data sent to the AI is exclusively that explicitly chosen by the user during the analysis setup phase.
• Requests sent to the AI are solely intended to provide data interpretation for the user, and are never used for commercial purposes.

We encourage our users to anonymize data before any analysis.

---

🕊️ 5. Commitment Against Violence, Terrorism and Corruption

We commit to providing our services only to actors who respect international humanitarian law.

We refuse any collaboration with persons or entities involved in:

• Financing or supporting terrorism
• Serious human rights violations
• Acts of corruption, abuse or oppression

We regularly verify our compliance with European and international regulations regarding sanctions and security.

---

🧪 6. Accountability and Transparency

We make every effort to offer a service that is:

• Transparent in its operation
• Respectful of data confidentiality
• GDPR-compliant

Any legitimate ethical concern or report can be addressed directly to: 📧 thomas.lequeux.consulting@gmail.com

---

📝 7. Review and Improvement

This charter may be updated to remain aligned with the evolution of ethical practices and humanitarian sector standards.

Last revision: August 14, 2025