Privacy Policy — Relance 2030 Data Protection and User Rights
Privacy Policy — Relance 2030 Data Protection and User Rights
This Privacy Policy describes how Relance 2030, operated by The Vanderbilt Portfolio (“we,” “us,” or “our”), collects, uses, stores, shares, and protects personal information when you visit our website at relance2030.com, subscribe to our publications, download our reports, use our premium intelligence services, or otherwise interact with our platform. This policy is designed to comply with the General Data Protection Regulation (GDPR, Regulation EU 2016/679), France’s Loi Informatique et Libertés (as amended), and other applicable European and French data protection legislation.
Effective Date: March 22, 2026 Last Updated: March 22, 2026
1. Data Controller
The data controller responsible for the processing of your personal data is:
The Vanderbilt Portfolio Relance 2030 Paris, France Email: info@relance2030.com
As data controller, we determine the purposes and means of processing your personal data and are responsible for ensuring that all processing activities comply with applicable data protection law.
2. Personal Data We Collect
We collect personal data through several channels and in various categories, depending on how you interact with our Services.
2.1 Data You Provide Directly
Newsletter Registration. When you subscribe to our weekly intelligence briefing, we collect your email address and, optionally, your name and professional affiliation. This information is necessary to deliver the newsletter and to personalize content to your professional context.
Report Download Registration. When you access our research report library, we collect your email address, name, organizational affiliation, and professional role. This information enables us to provide access to the report library and to understand the professional profile of our research audience.
Premium Subscription Registration. Institutional subscribers provide organizational details including company name, billing address, designated administrator name and email, and authorized user information. Payment information is processed by our third-party payment processor and is not stored on our servers.
Contact Form and Email Correspondence. When you contact us through our website or via email, we collect the information you provide, including your name, email address, and the content of your communication. This information is necessary to respond to your inquiry and to maintain records of our correspondence.
Event Registration. If you register for webinars, conferences, or other events organized or hosted by Relance 2030, we collect registration information including your name, email address, organizational affiliation, and any dietary or accessibility requirements you choose to share.
2.2 Data Collected Automatically
Website Usage Data. When you visit our website, we automatically collect certain technical and behavioral data through cookies and similar technologies, as described in our Cookie Policy. This includes your IP address (anonymized in our analytics implementation), browser type and version, operating system, device type, screen resolution, referring website, pages visited and time spent on each page, scroll depth, click patterns, search queries entered on our site, and the date and time of your visit.
Email Engagement Data. When we send you emails, including newsletter editions and transactional communications, we may collect data on whether you opened the email, which links you clicked, and the time and device used to access the email. This information helps us assess the effectiveness of our communications and improve content relevance.
Log Data. Our servers automatically record information about each request made to our website, including the requesting IP address, the requested URL, the HTTP method, response status code, response size, and the user agent string. Log data is used for security monitoring, performance optimization, and troubleshooting purposes.
2.3 Data From Third Parties
We may receive limited personal data from third-party sources in the following circumstances. Social media platforms may provide data when you interact with our content shared on social networks, subject to the privacy settings of the respective platform. Business data providers may provide organizational and professional contact information to support our institutional outreach activities, in compliance with applicable data protection requirements. Analytics partners may provide aggregated insights about our audience demographics and interests, without identifying individual users.
3. Purposes and Legal Bases for Processing
We process your personal data for specific, defined purposes, each supported by a legal basis under Article 6 of the GDPR.
3.1 Performance of Contract (Article 6(1)(b))
We process personal data as necessary to perform our contractual obligations to you. This includes delivering newsletter subscriptions to your email address, providing access to downloaded reports and premium intelligence products, managing your account and subscription, processing payments for premium services (via our payment processor), and providing customer support related to the Services.
3.2 Legitimate Interests (Article 6(1)(f))
We process certain data based on our legitimate interests, where those interests are not overridden by your fundamental rights and freedoms. Our legitimate interests include improving and optimizing our website and Services through analytics, ensuring the security and integrity of our website and infrastructure, understanding our audience to improve content relevance and quality, communicating service updates and changes that affect your use, preventing fraud and enforcing our Terms of Service, and maintaining business records for accounting and operational purposes.
3.3 Consent (Article 6(1)(a))
Where required by law, we process personal data based on your freely given, specific, informed, and unambiguous consent. This applies to placement of non-essential cookies as described in our Cookie Policy, sending marketing communications beyond transactional service updates, and any other processing that requires consent under applicable law. You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal. Instructions for withdrawing consent are provided in Section 8 of this policy.
3.4 Legal Obligation (Article 6(1)(c))
We may process personal data as necessary to comply with legal obligations to which we are subject, including tax and accounting requirements, response to lawful requests from public authorities, and compliance with data protection regulations including data subject rights requests.
4. Data Sharing and Disclosure
We do not sell your personal data. We share personal data only in the following limited circumstances.
4.1 Service Providers
We engage third-party service providers to perform functions on our behalf, including email delivery services for newsletter distribution, payment processors for subscription billing, cloud hosting and infrastructure providers, analytics services (specifically Google Analytics, configured with IP anonymization), and advertising services (specifically Google AdSense, for serving advertisements on our website). Service providers are contractually bound to process personal data only on our instructions and in accordance with applicable data protection law. We require all service providers to implement appropriate technical and organizational security measures.
4.2 Legal Requirements
We may disclose personal data if required to do so by law, regulation, legal process, or governmental request. We may also disclose personal data if we believe in good faith that disclosure is necessary to protect our rights, property, or safety, or that of our users or the public, to detect, prevent, or address fraud, security issues, or technical problems, or to enforce our Terms of Service.
4.3 Business Transfers
In the event of a merger, acquisition, reorganization, bankruptcy, or other corporate transaction involving The Vanderbilt Portfolio, personal data may be transferred to the acquiring entity or successor organization. We will provide notice of any such transfer and any changes to applicable privacy terms.
4.4 Aggregated and Anonymized Data
We may share aggregated, anonymized data that does not identify individual users with third parties for research, analysis, or reporting purposes. Such data is not personal data under the GDPR and is not subject to the restrictions of this privacy policy.
5. International Data Transfers
Relance 2030 is based in France, and your personal data is primarily processed within the European Economic Area (EEA). However, some of our service providers, particularly Google (for Analytics and AdSense services), may process data in locations outside the EEA, including the United States.
When personal data is transferred outside the EEA, we ensure that appropriate safeguards are in place as required by the GDPR. These safeguards include European Commission adequacy decisions recognizing that the receiving country provides an adequate level of data protection, Standard Contractual Clauses (SCCs) approved by the European Commission, binding corporate rules of the receiving organization, and supplementary measures as recommended by the European Data Protection Board where necessary.
You may request information about the specific safeguards applied to international transfers of your data by contacting us at the address provided in Section 1.
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, as described in this policy, or as required by applicable law. Specific retention periods are as follows.
Account and Subscription Data is retained for the duration of your account or subscription, plus three years following account closure or subscription termination, to comply with legal and accounting requirements.
Newsletter Subscription Data is retained until you unsubscribe, plus six months to process your unsubscription and to maintain suppression lists that prevent unwanted re-subscription.
Website Analytics Data is retained in anonymized, aggregated form for up to 26 months, in accordance with our Google Analytics configuration.
Log Data is retained for 12 months for security and troubleshooting purposes, after which it is deleted or anonymized.
Contact and Correspondence Records are retained for three years following the last communication, unless a longer retention period is required for legal or regulatory purposes.
Payment Records are retained for ten years in accordance with French commercial and tax law requirements.
When personal data is no longer required for any identified purpose or legal obligation, it is securely deleted or anonymized so that it can no longer be associated with you.
7. Data Security
We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit using TLS/SSL protocols, access controls limiting data access to authorized personnel on a need-to-know basis, regular security assessments and vulnerability testing, incident response procedures for detecting and responding to data breaches, employee training on data protection obligations and security practices, and secure disposal procedures for data that is no longer needed.
While we take data security seriously and implement industry-standard protections, no method of transmission over the internet or method of electronic storage is completely secure. We cannot guarantee absolute security but commit to responding promptly and transparently in the event of any security incident affecting your personal data.
8. Your Rights Under GDPR
Under the GDPR and French data protection law, you have the following rights regarding your personal data. These rights are not absolute and may be subject to exceptions or limitations under applicable law.
Right of Access (Article 15). You have the right to obtain confirmation of whether we process your personal data and, if so, to access that data along with information about the processing purposes, categories of data, recipients, retention periods, and your rights.
Right to Rectification (Article 16). You have the right to request correction of inaccurate personal data and completion of incomplete personal data.
Right to Erasure (Article 17). You have the right to request deletion of your personal data in certain circumstances, including when the data is no longer necessary for the purposes for which it was collected, when you withdraw consent and there is no other legal basis for processing, or when you object to processing and there are no overriding legitimate grounds.
Right to Restriction of Processing (Article 18). You have the right to request restriction of processing in certain circumstances, including while we verify the accuracy of data you have contested or while we assess whether our legitimate interests override your objection.
Right to Data Portability (Article 20). You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where processing is based on consent or contract and is carried out by automated means.
Right to Object (Article 21). You have the right to object to processing based on legitimate interests, including profiling. You also have the absolute right to object to processing for direct marketing purposes at any time.
Right to Withdraw Consent. Where processing is based on consent, you may withdraw your consent at any time by using the unsubscribe link in any email we send, adjusting your cookie preferences through our cookie consent mechanism, contacting us at info@relance2030.com, or updating your account settings where applicable.
Right to Lodge a Complaint. If you believe that our processing of your personal data violates applicable data protection law, you have the right to lodge a complaint with the Commission Nationale de l’Informatique et des Libertés (CNIL), France’s data protection supervisory authority. The CNIL can be reached at cnil.fr or by post at 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France.
Exercising Your Rights
To exercise any of the rights described above, please contact us at info@relance2030.com with a clear description of the right you wish to exercise and sufficient information to verify your identity. We will respond to all valid requests within one month of receipt, as required by the GDPR. This period may be extended by up to two additional months for complex or numerous requests, in which case we will inform you of the extension and the reasons for it within the initial one-month period.
9. Automated Decision-Making
Relance 2030 does not engage in automated decision-making, including profiling, that produces legal effects or similarly significant effects on individuals. Content recommendations and personalization features use automated processing to suggest relevant content based on your reading history, but these features do not produce legal or similarly significant effects and you may opt out by adjusting your cookie and personalization preferences.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data processing practices, applicable law, or regulatory guidance. When we make material changes, we will notify registered users by email and post a prominent notice on our website. The “Last Updated” date at the top of this policy indicates when the most recent revision was made. We encourage you to review this policy periodically.
11. Contact Information
For all privacy-related inquiries, data protection requests, or complaints, please contact:
Relance 2030 The Vanderbilt Portfolio Paris, France Email: info@relance2030.com
We aim to resolve all privacy inquiries promptly and thoroughly. If you are not satisfied with our response, you have the right to escalate your concern to the CNIL as described in Section 8.
Legal Framework
Relance 2030 operates under French law. All content is provided for informational purposes only and does not constitute investment advice, legal counsel, or official government communication. Data and analysis are provided in good faith but without warranty of completeness or accuracy. Users are responsible for their own investment and policy decisions.
Copyright 2026 The Vanderbilt Portfolio. All rights reserved.