Privacy Policy

Last updated on 17/06/2026

PDF Version

Who are we?

Script & Go SAS (hereinafter referred to as “the Company”, “we”), affiliated with Script & Go Limited, places great importance on the protection of your personal data and on compliance with applicable regulations, including the General Data Protection Regulation (GDPR) and the French Data Protection Act (Loi Informatique et Libertés).

This privacy policy explains how we collect, use, store, and share your personal data when you use our services, including:

The website Site Diary (https://sitediary.com/) (hereinafter the “Site”);

The application Site Diary, Task and Supervision (hereinafter the “Application”);

By visiting our Site or subscribing to our Application, your personal data is collected and processed in accordance with the purposes described in this privacy policy.

The aim of this policy is to clearly explain how your personal data is processed through our Application and our Site, as identified above.

Who is responsible for processing your data?

Script & Go SAS, located at 43 Square de la Mettrie – 35700 Rennes, France, is the data controller for the personal data collected for the purposes described in this policy.

However, when you use our Application, you are the data controller for the data you or your users upload to the Application. Script & Go acts solely as a data processor by providing hosting for the data uploaded to the Application, without controlling its content or destination.

What is Personal Data?

In accordance with Article 4 of Regulation (EU) 2016/679 (the “GDPR”), personal data means any information relating to an identified or identifiable natural person, directly or indirectly.

What is Sensitive Personal Data?

The term “sensitive personal data” refers to specific categories of personal data that European laws and other data protection laws recognize as requiring special processing, including the need to obtain your consent.

Sensitive data includes information that directly or indirectly reveals a person’s racial or ethnic origin, political opinions, philosophical or religious beliefs, trade union membership, or information relating to their health or sex life.

We do not collect sensitive personal data through our Site or Application. However, if you choose to provide us with unsolicited sensitive personal data, you authorize us to process the submitted data in accordance with applicable laws.

What Data Do We Collect?

We may process the following categories of personal data:

• Identification Data: full name, customer number, job title, etc.
• Contact Data: professional email address, professional phone number, postal address.
• Billing and Financial Data: billing address, order history, payment methods (credit card), and transaction data.
• Usage Data: events related to the use of the Application (creation or deletion of items, invitations, exports), and statistics functionality.
• Communication and Support Data: data necessary to receive, process, and track contact, information, assistance, or support requests submitted by users or prospects via the Site, online forms, or email correspondence.
• Technical and Connection Data: IP address, technical identifiers, browsing data, technical logs, etc.

The specific categories of data processed for each purpose are detailed in the relevant processing sections of this privacy policy.

Note: For certain processing activities, fields marked with an asterisk (*) indicate data that is mandatory and must be provided.

How Do We Use This Information?

When You Visit Our Website “Site Diary”

Data Processed to Ensure Site Functionality and Navigation

Certain technical data are collected to ensure proper website operation, secure access, and to improve the user experience. These data are processed in accordance with your cookie preferences.

Processing Purpose	Data Category	Legal Basis (GDPR)	Retention Period	Recipients / Access
Site Diary navigation	Technical and connection data (IP address, operating system, platform, device information)	Consent (cookies) / Legitimate interest (site operation – Art. 6(1)(f) GDPR)	Until consent is withdrawn or the cookie’s lifespan expires	Technical team

For more information, please consult our dedicated cookie policy [link].

Data Processed in Relation to Contact Forms and Demo Requests

While browsing the Site Diary website, certain data are collected to provide services to users.
When a user completes a contact form or interacts with support, the data provided are processed to manage the request and ensure proper connection with the relevant teams.

Processing Purpose	Data Category	Legal Basis (GDPR)	Retention Period	Recipients / Access
Contact form management	Identification and contact data (first and last name, email, phone), usage data (message content)	Legitimate interest (site operation – Art. 6(1)(f) GDPR)	Duration necessary to handle the request, then retained for 3 years from last contact	Technical team
Chatbot usage	Identification and connection data (if logged in, usage data)	Legitimate interest (provision of automated support service, improving user experience, and tracking requests – Art. 6(1)(f) GDPR)	Tracking of request for 1 month	Relevant internal team, service providers (Intercom)
Contact via email	Identification and contact data (first and last name, email address, company if provided), content of correspondence	Consent (Art. 6(1)(a) GDPR) / Legitimate interest (handling request and commercial follow-up – Art. 6(1)(f) GDPR)	Duration necessary to handle the request, then retained for 3 years from last contact	Internal team (support, sales, account management), service provider (Mailgun)

 

When You Create an Account and Use the Application

Subscribing to the Application requires the creation of a user account via the Site. In this context, personal data are processed to provide the services, manage user accounts, and deliver customer support.

Data Collected for Account and Service Management

Processing Purpose	Data Category	Legal Basis (GDPR)	Retention Period	Recipients / Access
Account creation and management	Identification data (name, organization, email address, login credentials, password)	Performance of the contract (Art. 6(1)(b) GDPR)	Until account deletion or inactivity for 2 years	Internal team
Customer relationship management	Identification and usage data	Performance of the contract / Legal obligation	10 years after last interaction	Administrative team, accounting, and authorized processors (Pipedrive)
Subscription and payment management	Payment data (card number, expiration date, cardholder name, billing information)	Performance of the contract (Art. 6(1)(b) GDPR)	10 years in accordance with legal accounting obligations	Administrative team and processor (Stripe)

 

When You Contact Us via the Application

When you use the contact forms or submit an information request, we collect only the personal data strictly necessary to process your request and provide a response.

Data Collected for Request Management

Processing Purpose	Data Category	Legal Basis (GDPR)	Retention Period	Recipients
Management of contact form requests	Identification data (name, email address, organization, phone number)	Consent (Art. 6(1)(a) GDPR)	Duration necessary to process the request, then archived for 3 years	Internal team, email service provider (Mailgun)
Management of demo requests	Identification data (name, email address)	Consent (Art. 6(1)(a) GDPR)	3 years from last interaction; message history retained for 5 years based on legitimate interest	Internal team, appointment scheduling provider (Calendly)
Sending responses via email	Identification and contact data	Consent (Art. 6(1)(a) GDPR)	Duration necessary to handle the request	Email service provider (Mailgun)
Chatbot usage	Identification, connection, and usage data (if the user is logged in)	Legitimate interest (provision of automated support service, improving user experience, and tracking requests – Art. 6(1)(f) GDPR)	Request tracking for 1 month	Relevant internal team, chatbot provider (Intercom)

 

When You Receive Our Communications and Invitations

Data Processed for Marketing and Business Prospecting Activities

When you browse our Sites or Applications or interact with our content (forms, etc.), certain personal data are processed to manage our marketing and business prospecting activities (reporting, etc.), in compliance with applicable regulations.

Processing Purpose	Data Category	Legal Basis (GDPR)	Retention Period	Recipients
Management of marketing activities (newsletters, sending offers)	Identification and contact data (first and last name, professional email address, phone number), participation data	Consent (Art. 6(1)(a) GDPR)	3 years after last contact or until the right to object is exercised	Internal marketing and sales teams, relevant service providers (Intercom)
B2B business prospecting	Identification and professional data (first and last name, professional email, phone number, company, position, industry)	Legitimate interest (B2B – Art. 6(1)(f) GDPR)	3 years after last active contact or after objection	Internal marketing and sales teams, internal CRM (Pipedrive and Cognism)

 

When We Need to Comply with Legal Obligations and Protect Our Interests

We collect and process certain personal data when necessary to comply with our legal or regulatory obligations, or to protect our legitimate interests, notably to secure our services, prevent fraud, manage user requests, and fulfill accounting and legal obligations.

These data are used to:

• Ensure the security of our services;
• Respond to user rights requests (access, rectification, deletion, etc.);
• Manage security incidents and data breaches;
• Retain accounting documents and billing records in accordance with legal requirements;
• Respond to requests in the context of judicial or administrative proceedings;
• Ensure payment of subscriptions related to the application;
• Manage disputes and establish evidence for the protection of our interests.

The legal basis for these processing activities is either a legal obligation (Articles 6(1)(c) and 12–23 GDPR) or our legitimate interest (Article 6(1)(f) GDPR), depending on the purpose of the processing.

We retain personal data only for as long as necessary to fulfill the purpose for which it was collected, in compliance with legal retention and security obligations. For example, certain information may be retained for several years to meet legal or contractual requirements, or until the expiration of legal remedies in the context of judicial proceedings.

With Whom Do We Share Your Data?

SCRIPT & GO SAS doesn’t sell any personal data of its users. However, in the context of providing its services, including the operation of the Sites and Applications, your personal data may be shared with our internal teams and, where applicable, with third parties or partners, in accordance with the purposes described above.

• Transfer to Internal Teams for Service Provision (Employees):

Depending on the processing purposes described above, these data may be accessible to authorized employees of the relevant departments, including customer service, marketing, sales, legal, and technical teams, strictly within the scope of their respective roles.

• Transfer to Third Parties or Partners for Service Provision (Processors):

We may rely on third-party service providers for the following purposes:

• Customer relationship management
• Technical development and support
• Business prospecting

In accordance with Article 28 of the GDPR, our processors’ access to your personal data is governed and limited by contracts that comply with applicable data protection laws. These contracts set out the regulatory obligations of our processors regarding the protection of personal data. In the event of any data transfer by a processor, we undertake to implement appropriate and adequate safeguards.

SCRIPT & GO SAS reserves the right to disclose personal data to authorized third parties when necessary, notably to comply with:

• A legal or regulatory obligation;
• A court order or judicial procedure;
• Any request from a competent authority, in connection with the execution of an agreement or an investigation regarding an actual or suspected violation of the law, to detect, prevent, or identify fraud, security breaches, or technical issues, or to protect the rights, property, and safety of the Company, its users, and subscribers.

The Data Processing Agreement (DPA) governing the processing of personal data is available upon request from our Compliance Department or Data Protection Officer (DPO) at: legal@scriptandgo.com.

Data Transfers Outside the EU

All personal data collected by Script & Go SAS are hosted on servers located within Europe and are processed in France by Script & Go teams.
In the event of any transfer of data outside the European Union, Script & Go will implement appropriate safeguards in accordance with applicable regulations.

Data Security

Technical, organizational, and physical measures are implemented to ensure the confidentiality, integrity, and availability of data.

The Sites may occasionally contain links to partner websites or be accessible from the websites of our partners, advertisers, or affiliated companies. If you follow any of these links, please note that these sites have their own privacy policies, and Script & Go SAS cannot be held responsible for those policies. It is recommended that you review their privacy policies before submitting any personal data.

What Are Your Rights?

You have the following rights depending on the purpose of the processing:

• To be informed about the use of your personal data;
• To access your data and obtain a copy;
• To correct inaccurate or incomplete information;
• To restrict the use of your data;
• To object to certain processing activities based on legitimate interest;
• To withdraw your consent when it has been given;
• To delete unnecessary or non-mandatory data;
• To transfer your data to another service (data portability).

How Can You Exercise Your Rights?

By email: legal@scriptandgo.com

A proof of identity may be requested if there is serious doubt regarding your identity. Once your identity is verified by our Data Protection Officer (DPO), any documents provided will be destroyed, and no personal data will be retained.

Complaints to Supervisory Authorities

If you do not agree with this policy, you may contact:

CNIL – Lead Supervisory Authority (France)

• Online: via the complaint form available at https://www.cnil.fr/fr/plaintes
• By mail: CNIL, 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07, France

ICO – Relevant Authority (United Kingdom)

• Online: https://ico.org.uk/make-a-complaint/
• By mail: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom

These authorities can be contacted directly if you believe your rights are not being respected. The ICO will cooperate with the CNIL to ensure your rights are protected under both the GDPR and the UK GDPR.

Changes to This Privacy Policy

We may update this policy from time to time. Please check back regularly. We are committed to publishing any changes to our policy on our website and within our suite of Applications. If a change is likely to directly affect our practices regarding personal data already collected, we will inform you in advance by highlighting the modification(s) on our Sites.

Do You Have a Question?

If you cannot find the information you are looking for or have any questions regarding this policy, you may contact us by email at: legal@scriptandgo.com

 

 

 

[cc1]Même App avec les trois produits

Cookie Policy

Last Updated on 17/06/2026

PDF Version Available for Download

SCRIPT & GO SAS (hereinafter “the Company” or “We”) places cookies on its website https://sitediary.com/fr/) (hereinafter the “Site”) to ensure the smoothest and most relevant user experience possible. This policy is intended to inform you about the nature and use of cookies, as well as the tools available to manage your cookie preferences.

We may update this policy without prior notice. We therefore recommend that you review it regularly.

What is a Cookie?

A cookie is a small file stored by your browser when you visit a website. It is retained by the browser for a certain period and is sent back to the web server each time you return to the website.

Cookies are primarily used to operate the Site, remember your preferences, facilitate your use of the Site, and provide personalized content.

Cookies alone do not allow you to be personally identified. However, they do enable the recording of information related to your browsing on the Site, including your preferences. This information is then read directly by our servers when you visit the Site again or submit requests.

How Our Sites Use Cookies: Types, Purpose, and Providers?

We use different types of cookies:

• Essential or functional cookies: Necessary for the proper operation of the Site (to use the features offered and secure your connection). These cookies do not collect any personal data about you. They are used solely to facilitate your navigation and give you access to certain services. Refusing these cookies may degrade your browsing experience (these cookies cannot be disabled).
• Analytics cookies: Used to measure the audience and traffic of the Site.
• Preference cookies: Used to remember your choices regarding cookie settings.

We rely on various processors to place the cookies mentioned above. These processors are contractually obliged to comply with applicable data protection laws.

Cookies Set on the “Site Diary” Website

Cookie Type	Purpose	Provider	Retention Period
First-party	Tracks visitors, sessions, and campaigns for analytics	Google	13 months
First-party	Site usage tracking and analytics report generation	Google	13 months
First-party	Maintains a unique ID for analytics tracking	Google	13 months
First-party	Tracks and stores page views	Google	13 months
First-party	Ensures proper functioning of Intercom services	Intercom	13 months
First-party	Allows you to save and remember the user's choice regarding cookie storage	Didomi	6 mois

What Data is Collected by the Cookies Placed?

Cookies placed on the Sites may collect data relating to a device (computer, tablet, smartphone, etc.) or to user behavior at a given time, including:

• The IP address of the connected device;
• The date, time, and duration of a visit to a page or the entire Site;
• The number of pages viewed;
• The navigation path;
• The type of operating system;
• The type and version of the browser used;
• The brand and model of the mobile or tablet device;
• The language used.

In addition, certain cookies may collect:

• Anonymous or unique identifiers to distinguish visitors or sessions (e.g., Google Analytics, Tag Manager);
• Information related to consent preferences and choices (e.g., hu-config, hu-session);
• User and device identifiers to ensure continuity of messaging or support services (e.g., Intercom);
• Information on the effectiveness of advertising campaigns (e.g., _gcl_au).

Can I Refuse or Manage the Placement of These Cookies?

“Essential” and “functional” cookies are automatically placed and are not subject to your prior consent.

Audience measurement cookies, however, require your prior consent. On your first visit to the Site, a dedicated consent banner appears, allowing you to accept all cookies, refuse all cookies, or customize your selection.

You have the ability to manage your consent and modify your choices at any time using the consent management tool located at the bottom left of the homepage.

In accordance with the table above, the technical cookie storing your choice is placed on your device for a period of 6 months, after which you will be prompted again to accept, configure, or refuse cookies.

Other so-called “permanent” cookies remain stored on your device until their expiration (maximum 13 months) or until you choose to delete them using your browser settings (see dedicated section).

How to Configure Cookies via Your Browser

You also have the option to configure your browser to disable cookies across all websites you visit, by following the instructions provided for your specific browser:

• Google Chrome: Follow the instructions in Google Account Help.
• Internet Explorer: Follow the instructions on the browser’s help page.
• Mozilla Firefox: Follow the instructions on the browser’s help page.
• Safari: Follow the instructions on Apple’s web settings help for iPhone, iPad, iPod touch, or Mac.
• Opera: Follow the instructions on the browser’s help page.
• Qwant: This browser does not use cookies, but you can contact them directly at privacy@qwant.com.

Do you have a Question?

For any questions regarding this policy, you may contact us by email at: legal@scriptandgo.com