Swiss made·Designed in French-speaking Switzerland, AI visibility measurement and weekly sector-specific AI barometers
Privacy

Privacy policy

Last updated: 21 June 2026.

GeoReady serves businesses in France, Belgium and Switzerland. Depending on your country of residence, the legal framework applicable to the protection of your personal data differs:

  • France and Belgium: the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679, directly applicable throughout the European Union;
  • Switzerland: the Federal Act on Data Protection (FADP), revised, in force since 1 September 2023.

This policy applies to all users of the geoready.com site and meets the requirements of both regulatory frameworks. Where a rule is specific to one of them, this is stated explicitly.

1. Data controller

The controller of the personal data collected via this site is GeoReady, publisher of the geoready.com site, headquartered in French-speaking Switzerland.

GeoReady is not legally required to appoint a Data Protection Officer (DPO) within the meaning of the GDPR, given the nature and volume of the processing carried out. For any question about this policy or the exercise of your rights, you can write to us via the Contact page.

2. Personal data collected

We only collect the data necessary for the operation of the site, for responding to the requests received and, where applicable, for audience measurement.

  • Data provided voluntarily: last name, first name, email address, company, role, country and the content of the message when you use a contact form, request a GEO scan or write to us directly.
  • Data related to scan or analysis requests: website, brand name, sector, competitors indicated and information useful for the requested AI visibility analysis.
  • Technical data: IP address, date and time of access, pages visited, browser type, device used, operating system, referring URL and similar information generated automatically by the server.
  • Consent data: choices regarding cookies and trackers, kept so as not to ask you for your preference again on every visit.
  • Audience data: if you accept audience-measurement cookies, information about your browsing may be collected in order to compile traffic statistics.

3. Purposes of processing

Personal data is processed for the following purposes:

  • responding to messages, contact requests, demo requests, GEO scan requests or partnership requests;
  • carrying out the requested AI visibility scans, audits or analyses;
  • ensuring the proper operation, security and maintenance of the site;
  • measuring the site's audience and understanding which content is viewed, only when the relevant trackers are accepted;
  • preventing abuse, spam, intrusion attempts and fraudulent use;
  • complying with our legal obligations or responding to a legitimate request from a competent authority.

4. Legal bases

Each processing operation relies on an identified legal basis. Depending on the case:

  • Consent (Art. 6(1)(a) GDPR / Art. 31(1) FADP): for non-essential cookies, audience-measurement trackers or any communication you subscribe to voluntarily. You can withdraw your consent at any time, without affecting the lawfulness of prior processing.
  • Performance of pre-contractual measures or a contract (Art. 6(1)(b) GDPR / Art. 31(2)(a) FADP): when your request concerns a service, a demonstration, a collaboration or a commercial relationship.
  • Legitimate interest (Art. 6(1)(f) GDPR / Art. 31(1) FADP): to ensure the security of the site, respond to incoming requests and produce minimal technical statistics, insofar as this interest does not override your fundamental rights and freedoms.
  • Legal obligation (Art. 6(1)(c) GDPR / Art. 31(2)(c) FADP): when the retention or transmission of certain information is required by applicable law.

5. Retention periods

We keep data only for as long as necessary for the purposes described above.

  • Messages received via the contact form or by email are kept for up to three years after the last exchange, unless a longer retention is required by a contractual relationship or a legal obligation.
  • Data related to a scan, audit or analysis request is kept for as long as necessary to process the request, then may be kept to ensure the applicable commercial or contractual follow-up.
  • Server technical logs are kept for a limited period, generally twelve months or less, unless a security incident requires longer retention.
  • Cookie choices are kept for a maximum of twelve months, unless you change your preferences before then.
  • Audience data is kept in aggregated or anonymised form where possible.

6. Recipients and processors

Data is intended for GeoReady and, where necessary, for the technical providers that contribute to the operation of the site and services. These providers act as processors and are bound by contractual confidentiality and security obligations.

  • Site host: web hosting provider responsible for storing the site's files and technical logs.
  • Form or email service: provider enabling the transmission of contact, scan or demo requests (Postmark, Wildbit LLC — United States, transfer governed by standard contractual clauses).
  • Audience-measurement tool: only if such a tool is enabled and accepted by the user.
  • External providers: certain resources, such as Google Fonts or links to third-party sites, may trigger a connection to the services concerned when you load the page or click an external link.

We do not sell your personal data and do not pass it to third parties for independent commercial purposes.

7. International transfers

GeoReady is established in Switzerland, a country recognised by the European Commission as providing an adequate level of data protection (adequacy decision).

Some technical providers are located outside the European Economic Area or Switzerland, in particular in the United States. In that case, the transfer relies on appropriate safeguards, such as:

  • the standard contractual clauses adopted by the European Commission (SCCs), applicable to users residing in France and Belgium;
  • the standard contractual clauses or equivalent safeguards recognised by the FDPIC for users residing in Switzerland.

Vous pouvez obtenir des informations sur ces garanties en nous contactant via la page Contact.

8. Cookies and trackers

The site may use cookies or similar technologies. Cookies strictly necessary for the site's operation may be placed without prior consent. Non-essential audience-measurement, marketing or third-party cookies are placed only after your explicit consent.

  • Necessary cookies: site operation, security, remembering your consent preferences.
  • Audience measurement: viewing statistics, pages visited, navigation paths — only with your consent.
  • Marketing or third-party services: external content, advertising pixels or similar tools — only if these services are added and you have accepted them.

You can accept, refuse or customise non-essential cookies via the consent banner shown on your first visit, or change your choices at any time.

Users residing in France or Belgium: in accordance with the CNIL's guidelines and the APD's recommendations, refusing non-essential cookies must be as simple as accepting them. No non-essential cookie is placed before your consent.

9. External links

The site may contain links to third-party sites. When you click these links, you leave our site. Any data processing then carried out by those platforms is governed by their own privacy policies, over which we have no control.

10. Your rights

Depending on your country of residence, you have the following rights:

France and Belgium — GDPR rights

In accordance with the GDPR (Articles 15 to 22), you may exercise the following rights:

  • Right of access: obtain confirmation that data about you is being processed and receive a copy of it.
  • Right to rectification: have inaccurate or incomplete data corrected.
  • Right to erasure (“right to be forgotten”): request the deletion of your data in the cases provided for by the GDPR.
  • Right to restriction: request the temporary suspension of a processing operation.
  • Right to portability: receive your data in a structured, machine-readable format and transmit it to another controller.
  • Right to object: object to processing based on legitimate interest or for direct marketing purposes.
  • Right regarding automated decisions: not to be subject to a decision based solely on automated processing that produces significant legal effects.

We undertake to respond to any request within one month of receipt, in accordance with Article 12 of the GDPR. This period may be extended by two further months in the event of complexity or a high number of requests, with prior notice.

If you consider that your rights are not being respected, you may lodge a complaint with the competent supervisory authority:

  • France: Commission nationale de l'informatique et des libertés (CNIL), 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07.
  • Belgium: Data Protection Authority (APD), Rue de la Presse 35, 1000 Brussels.

Switzerland — FADP rights

In accordance with the revised FADP, you may exercise the following rights:

  • Right of access: obtain information about the personal data concerning you that GeoReady processes (Art. 25 FADP).
  • Right to rectification: have inaccurate data corrected (Art. 32 FADP).
  • Right to erasure and restriction: request the deletion or restriction of processing in the cases provided for by law (Art. 32 FADP).
  • Right to object: object to certain processing, in particular where it relies on an overriding interest.

If you consider that your rights are not being respected, you may contact the Federal Data Protection and Information Commissioner (FDPIC), Feldeggweg 1, 3003 Bern — edoeb.admin.ch.

Exercising your rights

To exercise any of these rights, whatever your place of residence, write to us via the Contact page. We may ask you for proof of identity if this is necessary to prevent any disclosure of data to an unauthorised third party.

11. Security

We implement appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration or disclosure, in accordance with Article 32 of the GDPR and Article 8 of the FADP. As no system is entirely foolproof, we encourage you not to send sensitive information via an unencrypted form or email.

12. Changes to this policy

This policy may be amended to reflect changes to the site, the tools used or legal requirements (GDPR, FADP or any other applicable regulation). The last-updated date shown at the top of the page will be changed accordingly. In the event of a substantial change, we will inform you by any appropriate means.