Harness Engineering 6 months ahead, in a few hours.

Privacy policy

Last updated: 14 April 2026

1. Data controller

The data controller for personal data collected on harness-engineering.fr is Thomas Poulain Consulting (SASU), reachable at contact@harness-engineering.fr.

2. Data collected

We collect only the data strictly necessary for the service to operate:

  • Email address: at purchase (via Stripe) or newsletter signup.
  • Payment data: processed exclusively by Stripe; we never have access to credit card information.
  • Technical cookie (he_access): HMAC-signed cookie, valid one year, used to maintain access to the course after payment. This cookie contains no personal data.
  • Anonymous navigation data: via Umami Analytics, with no cookie or personal identifier.

3. Purposes and legal bases

  • Contract performance (art. 6.1.b GDPR): order processing, delivery of course access, sending the confirmation email with recovery link.
  • Consent (art. 6.1.a GDPR): newsletter signup, revocable at any time via the unsubscribe link.
  • Legitimate interest (art. 6.1.f GDPR): aggregated anonymous audience measurement via Umami Analytics.
  • Legal obligation (art. 6.1.c GDPR): retention of invoices and accounting data.

4. Recipients and subprocessors

Your data is shared only with the following providers, strictly for their mission:

  • Stripe, Inc. — payment processing (United States, Standard Contractual Clauses).
  • Resend — transactional email delivery (United States, Standard Contractual Clauses).
  • Netlify, Inc. — site hosting (United States, Standard Contractual Clauses).
  • Umami Analytics — anonymous audience measurement, no cookies (United States, Standard Contractual Clauses).

No data is sold to third parties.

5. Retention periods

  • Order data: legal invoice retention period (10 years).
  • Newsletter email: until unsubscribe.
  • Access cookie: 1 year, renewable on each recovery.
  • Magic recovery link: 30 days.

6. Your rights

Under the General Data Protection Regulation (GDPR), you have the following rights:

  • Right of access, rectification and erasure of your data.
  • Right to restrict and object to processing.
  • Right to data portability.
  • Right to withdraw consent at any time.
  • Right to lodge a complaint with the CNIL (cnil.fr), the French data protection authority.

To exercise these rights, contact us at contact@harness-engineering.fr. A response will be provided within one month.

7. Cookies

The site uses no tracking cookies and no advertising cookies. Only a strictly necessary cookie (he_access) is set after a purchase to maintain your access to the course. Under the ePrivacy Directive, this cookie does not require prior consent.

Umami Analytics, used for audience measurement, sets no cookies.

8. Security

The site is served over HTTPS. Access cookies are cryptographically signed (HMAC-SHA256) and marked HttpOnly, Secure and SameSite=Lax.

9. Changes

This policy may be updated at any time. The date of the last update is shown at the top of this page.