logo Pegasia

Privacy Policy

Legal Information

Publisher:

Covenant AI SAS Simplified joint-stock company (SAS) Registered with the La Rochelle Trade and Companies Register under number 123 456 789 VAT number: FR61123456789 Email address: contact@pegasia.ai

Publishing Director:

Mr. Jonas GABORIT, Chief Executive Officer of Covenant AI.

Hosting Provider:

The website pegasia.ai is hosted by: Vercel Inc. Head office: 440 N Barranca Ave PMB 4133, Covina, CA 91723, USA Email address: support@vercel.com

Effective as of July 23, 2025

Confidentiality and security are of the utmost importance to Pegasia.ai (hereinafter referred to as "Pegasia.ai", "the provider", "we", "the application" or "the site") and we strive to ensure that the technical and organizational measures in place respect your data protection rights.

This privacy policy describes how we manage, process, and store personal data submitted in the context of providing our services.

"Personal data" means any information relating to an identifiable person or their personal identity. It applies to the processing of personal data carried out on Pegasia.ai and supplements the legal notices and the general terms of use, available at the following address: General Terms of Use.

We use the personal data submitted to us in accordance with Regulation (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the "GDPR") and the French Data Protection Act of January 6, 1978 (collectively referred to as the "Applicable Regulation").

The data controller

When you browse our website or for customer relationship management, the data controller is Covenant AI SAS, a French company ("We").

However, when we provide our services to our clients, we process personal data on their behalf and for their own purposes. Our clients therefore act as data controllers, in accordance with Article 4 of the GDPR, while we act as a data processor.

If you have any questions, please contact our data protection officer: privacy@pegasia.ai.

Personal data collected

When you subscribe to our services, the following data is collected and managed: first name, last name, email, phone number, intra-community VAT number (if applicable), postal address, country, IP address(es) and domain name, login, password.

By using our services, the following data is collected and managed: login data and Browse data when you authorize it, order history, complaints, incidents, subscription information, and messages on our site.

Some data is collected automatically as a result of your activity on the site.

The data submitted must not include sensitive personal data, such as government identifiers (social security, driver's license, or tax identification numbers), full credit card or personal bank card numbers, medical records, or information related to healthcare or treatment requests associated with individuals.

Purposes of processing and legal basis

Your personal data is processed to meet one or more of the following purposes. Each purpose is associated with a legal basis, the list of which is below:

Based on our legitimate interest in offering you a safe, optimal, effective, and personalized experience, we carry out processing operations for the following purposes:

  • To resolve any issues and improve the use of our sites and services.
  • To customize, evaluate, and improve our services, content, and materials.
  • To analyze the volume and history of your use of our services.
  • To inform you about our services as well as the services and/or promotional offers of our partners.
  • To sign you up for our newsletters, use case studies, and marketing materials.

Based on the performance of a contract to which you are a party, we carry out processing operations for the following purposes:

  • To provide our services.
  • To facilitate performance, including checks concerning you.

Based on your consent, we carry out processing operations for the following purposes:

  • To use cookies, as described in our cookie policy.

Based on compliance with our legal and regulatory obligations, we carry out processing for the following purposes:

  • To prevent, detect, and investigate any potentially prohibited, illegal, or contrary to good practice activities and to ensure compliance with our terms of use and our sending policy.
  • To respond to the exercise of rights.

Disclosures to third parties

The personal data concerning you collected on our website is intended for Pegasia.ai's own use and may be transmitted to Pegasia.ai's partner companies so that we can obtain assistance and support in the context of providing our services.

Pegasia.ai ensures that it has clear data protection requirements for all of its third-party providers.

We do not sell or rent your personal data to third parties for marketing purposes.

Furthermore, Pegasia.ai does not disclose your personal data to third parties, unless:

  • You (or your account administrator acting on your behalf) request or authorize its disclosure.
  • The disclosure is required to process transactions or provide the services you have requested.
  • Pegasia.ai is obliged to do so following a request issued by a governmental authority or a regulatory body, in the case of a court decision, a subpoena, or any other similar request from a government or the judiciary, or to establish or defend a legal claim.
  • The third party is a subcontractor or a sub-processor of Pegasia.ai in the performance of services (Pegasia.ai uses the services of an internet provider, a telecommunications company, a hosting provider, CRM tools, customer support tools, billing tools, payment tools, analysis tools).

Data retention periods

Your personal data is kept for the periods indicated below:

  • Personal data collected for the performance of the services as well as information on how and when you use the services: the time necessary to provide you with our services, and in no case more than 3 years after the closure of your account (unless otherwise provided by law).
  • Personal data collected in order to send newsletters, requests, and direct marketing: 3 years from the collection of the data or the last active contact with the prospect.
  • Personal data collected for evidentiary purposes: Duration of the legal statute of limitations (generally 5 years).
  • Personal data collected in the context of the data subject's rights: if we ask you for proof of identity, we only keep it for the time necessary to verify your identity. Once the verification is carried out, the proof is deleted.
  • If you exercise your right to object to direct marketing: we keep this information for 3 years. The information allowing the management of your requests to exercise your rights under the GDPR will be kept for 3 years from the date of the request.

Location of data storage and transfers

The host servers on which Pegasia.ai processes and stores its databases are located exclusively within the European Union.

With regard to the tools we use, your personal data may be transferred outside the European Union. The transfer of your data in this context is secured by the following guarantees:

  • This data is transferred to a country considered to offer an adequate level of protection by the European Commission.
  • Or we have entered into a specific contract with our subcontractors governing the transfer of your data outside the European Union, based on the standard contractual clauses approved by the European Commission between a data controller and a data processor.

Security

As part of its services, Pegasia.ai attaches the utmost importance to the security and integrity of its clients' personal data.

Thus and in accordance with the GDPR, Pegasia.ai undertakes to take all relevant precautions in order to preserve the security of the data and, in particular, to protect it against any accidental or illegal destruction, any accidental loss, any corruption, any unauthorized dissemination or access, as well as against any other form of illicit processing or disclosure to unauthorized persons.

To this end, Pegasia.ai implements industry-standard security measures to protect personal data from unauthorized disclosure. By using industry-recommended encoding methods, Pegasia.ai takes the necessary measures to protect information related to payments and credit cards.

Furthermore, in order to avoid in particular any unauthorized access, as well as to guarantee the accuracy and proper use of the data, Pegasia.ai has put in place the appropriate electronic, physical, and managerial procedures with a view to safeguarding and preserving the data collected through its services.

Despite this, there is no absolute security against hacking or hackers. This is why, in the event that a security breach affects you, Pegasia.ai undertakes to inform you of it as soon as possible and to do its best to take all possible measures to neutralize the intrusion and minimize its impacts. If you suffer any loss due to the exploitation by a third party of a security breach, Pegasia.ai undertakes to provide you with all the necessary assistance so that you can assert your rights. Moreover, if, in certain exceptional cases, the direct damage suffered is due to a fault or gross negligence on the part of Pegasia.ai, you may be able to request compensation within the limits of liability indicated in our terms of use.

You should keep in mind that any user, client, or hacker who discovers and takes advantage of a security breach is liable to criminal prosecution and that Pegasia.ai will take all measures, including filing a complaint and/or taking legal action, to preserve the data and rights of its users and of itself, as well as to limit its impact.

Your data protection rights

In accordance with the French data protection laws and the European General Data Protection Regulation 2016/679 (GDPR), you have several rights related to the collection of your personal data:

  • Right to be informed: this is precisely why we have written this privacy policy.
  • Right of access: You have the right to access all of your personal data at any time.
  • Right to rectification: You have the right to rectify your inaccurate, incomplete, or outdated personal data at any time.
  • Right to restriction of processing: You have the right to restrict the processing of your personal data in certain cases provided for in Article 18 of the GDPR.
  • Right to erasure ("right to be forgotten"): you have the right to demand that your personal data be deleted and to prohibit any future collection.
  • Right to lodge a complaint with a competent supervisory authority (in France, the CNIL), if you consider that the processing of your personal data constitutes a violation of the applicable regulations.
  • Right to define instructions relating to the storage, deletion, and communication of your personal data after your death.
  • Right to withdraw your consent at any time: for purposes based on consent, Article 7 of the GDPR provides that you can withdraw your consent at any time. This withdrawal will not affect the lawfulness of the processing carried out before the withdrawal.
  • Right to data portability: You have the right to receive the personal data that you have provided to us in a standard machine-readable format and to demand its transfer to the recipient of your choice.
  • Right to object: You have the right to object to the processing of your personal data. Please note, however, that we may continue to process your personal data despite this objection for legitimate reasons or for the defense of legal rights.

How to exercise your rights

You can exercise these rights by sending us a support ticket directly on the support chat (on the website or on the application) or by sending an e-mail to privacy@pegasia.ai. Your requests will be processed within 30 days. We may require that your request be accompanied by a photocopy of proof of identity or authority.

You can also modify your personal data at any time by logging into your account and accessing the "User Settings".

Right to seize the supervisory authority

If you believe, after contacting us, that your rights over your data are not being respected, you can address a complaint to the competent supervisory authority in your country of residence.

In France, where our head office is located, the supervisory authority is the CNIL.

Newsletters and marketing emails

For those of you who have expressly chosen to receive our Pegasia.ai newsletters, you can easily unsubscribe by following the "unsubscribe" links included in each email sent.

Testimonials

Pegasia.ai publishes a list of clients and testimonials on its sites containing information on the names and job titles of our clients. Pegasia.ai undertakes to obtain the authorization of each client before publishing any testimonial on its websites. If you wish to be removed from this list, you can send us an e-mail to privacy@pegasia.ai and we will remove your information promptly.

Data from third parties

As part of the use of our services, in particular the creation of emailing campaigns and contact lists, Pegasia.ai has access to the information contained in the contact lists that you create in your account, as well as to the subject and content of the e-mails that you send via our services. This data is stored on secure servers and only a limited number of people are authorized to access your contact lists, in particular for the purpose of providing support services. You can easily retrieve your contact lists from your Pegasia.ai account at any time, by clicking on the "export" button. You can also modify and/or delete contacts at any time from your account. Under no circumstances does Pegasia.ai sell, share, or rent your contact lists to third parties, nor does it use them for any purpose other than those stated in this policy. We will use the information from your contact lists only for legal requirements, to bill and collect summaries for our own statistics, and for the purpose of providing you with customer support services. As the creator of the contact lists and the associated email campaigns, you are considered the data controller within the meaning of the GDPR, and Pegasia.ai acts only as a data processor. As such, you are in particular responsible for:

  • Complying with all applicable regulations, including data protection laws,
  • Making all necessary declarations to the competent data protection authority,
  • Obtaining the explicit consent of the persons concerned when collecting their personal data,
  • Ensuring your authority to use the personal data collected in accordance with the defined purposes and refraining from any unauthorized use.

If a recipient of your e-mails sent via our services asks us to modify or delete their personal data, we will honor this request after appropriate verification and we will inform you of it.

Changes to the privacy policy

Pegasia.ai reserves the right to update this Privacy Policy at any time, in particular in accordance with changes to the laws and regulations in force.

Any changes made will be notified to you via our website or by e-mail, as far as possible, at least thirty (30) days before the changes come into effect. We recommend that you consult these rules from time to time to stay informed of our procedures and rules relating to your personal information.

Contact us

If you have any questions, you can send an e-mail directly to the data protection officer at the following address: privacy@pegasia.ai.

Cookie Policy

What is a cookie?

When Browse our sites, cookies, pixels, tags, and other trackers (hereinafter referred to as "Cookies") are installed on your computer. A cookie is a small, often encrypted file that is stored in your browser or device and is identified by a name. It is installed when you visit a site or an application. Each time you return to the said site or application, the cookie is retrieved from your browser or device. This ensures that each time you visit the site or application, the browser is recognized. The installation of these Cookies is likely to allow us to access your Browse data and/or personal data concerning you.

Identification of cookies

Technical and functional cookies

Technical and functional cookies are necessary for the proper functioning of the Site and to provide our services. They are used throughout your navigation, in order to facilitate it and to carry out certain functions. For example, a technical cookie can be used to store your answers to a form or your preferences regarding the language or the layout of the Site, when such options are available.

Advertising cookies

Advertising cookies can be created not only by our sites, but also by other websites and applications that display advertisements, announcements, widgets, or other elements displayed on the page. These cookies can be used, among other things, to personalize and measure the effectiveness of advertising or to carry out targeted advertising.

Analytical cookies

These cookies allow us to measure the number of visits, page views, and user activity. Where applicable, they may collect your IP address in order to know the city from which you are connecting. Analytical cookies allow us to generate statistics on the use and navigation of our site in order to improve our performance. The cookies used also allow us to identify navigation problems and possibly resolve them.

Your cookie preferences

Cookies that can be installed without consent

Some cookies do not require your consent, such as:

  • Technical or functional cookies necessary for the functioning of the site;
  • Certain audience measurement cookies or cookies that allow testing different versions of the site for the purpose of optimizing editorial choices.

Acceptance or refusal of cookies subject to your express consent

All other cookies require your consent. These include advertising cookies, social network cookies, content personalization cookies, and certain audience analysis cookies. You can freely choose to accept or refuse the use of these cookies.

You can accept or refuse these cookies during your first navigation on the site.

Your choices to accept or refuse these cookies will be kept for a period of six (6) months.

You are free to withdraw your consent and more generally to modify your preferences at any time via the "Manage cookies" link at the bottom of each page.