SeerDesk Logo

SeerDesk

Privacy Policy

How SeerDesk collects, uses, and protects your personal data.

Last updated: February 2026

Data Controller

Seer SAS is the data controller responsible for your personal data. We are a company registered in France and subject to the General Data Protection Regulation (GDPR).

Seer SAS

3 Rue du Pré du Bois, 35000 Rennes, France

contact@seerdesk.com

Data We Collect

Website Visitors

When you visit the SeerDesk website, we collect minimal data. We do not use analytics or tracking tools.

  • - Language preference (stored locally in your browser)
  • - Contact form submissions: name, email, company, and message content
  • - No analytics, no tracking pixels, no behavioral profiling

Platform Users

When you use the SeerDesk platform, we collect the data necessary to provide and secure the service.

  • - Account information: username, email address, hashed password
  • - Session data: authentication tokens with 24-hour expiry
  • - Audit logs: user actions, IP addresses, timestamps, HTTP methods, and status codes
  • - Organization and group membership
  • - Invitation records: email, assigned role, status, and expiration

Registered Machines

Machines registered on the platform store technical identifiers required for secure connectivity.

  • - Machine name, description, and unique identifier (UUID)
  • - Network information: IP address and MAC address
  • - Public key for Ed25519 authentication
  • - Connection status and last-seen timestamp
  • - Organization and group assignments

Legal Basis for Processing

We process your personal data under the following legal bases as defined by GDPR Article 6:

  • - Contract performance (Art. 6(1)(b)) - To provide the SeerDesk platform and fulfill our service agreement with your organization
  • - Legitimate interest (Art. 6(1)(f)) - To maintain platform security, prevent abuse, and improve our services
  • - Legal obligation (Art. 6(1)(c)) - To comply with applicable laws, including data retention and audit requirements
  • - Consent (Art. 6(1)(a)) - For optional communications such as newsletters, which you can withdraw at any time

How We Use Your Data

We use the data we collect strictly for the purposes described below. We do not sell, rent, or share your personal data with advertisers or data brokers.

  • - Authenticate users and machines to the platform
  • - Enforce role-based access control and permissions
  • - Maintain audit trails for security and compliance
  • - Process contact form inquiries and respond to support requests
  • - Send transactional emails (invitations, password resets)
  • - Monitor platform health and detect security incidents
  • - Rate-limit API requests to prevent abuse

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected.

  • - User sessions: automatically deleted after 24 hours
  • - Audit logs: retained for 12 months, then deleted
  • - Account data: retained while the account is active, deleted upon contract termination
  • - Contact form submissions: retained for up to 12 months to handle your inquiry
  • - Rate limiting records: automatically purged after the rate window expires
  • - Full data export and deletion available upon contract termination

International Data Transfers

All SeerDesk infrastructure is hosted exclusively in European Union data centers. We do not transfer your personal data outside the EU or EEA. All databases, application servers, messaging systems, and authorization services are self-hosted on EU infrastructure that we operate and control.

Your Rights

Under the GDPR, you have the following rights regarding your personal data:

Right of Access

Request a copy of the personal data we hold about you.

Right to Rectification

Request correction of inaccurate or incomplete data.

Right to Erasure

Request deletion of your personal data when it is no longer necessary.

Right to Restrict Processing

Request that we limit how we use your data in certain circumstances.

Right to Data Portability

Receive your data in a structured, machine-readable format.

Right to Object

Object to processing based on legitimate interests at any time.

To exercise any of these rights, contact us at contact@seerdesk.com. We will respond within 30 days as required by the GDPR.

Security Measures

We implement technical and organizational measures to protect your personal data against unauthorized access, loss, or misuse.

  • - Passwords securely hashed - we never store plaintext passwords
  • - Machine authentication via Ed25519 public-key cryptography
  • - End-to-end encrypted remote desktop sessions (DTLS/SRTP via WebRTC)
  • - Zero-knowledge architecture - streaming data never passes through our servers
  • - Rate limiting (200 requests per minute per IP) to prevent brute-force attacks
  • - Session tokens with automatic 24-hour expiry
  • - Per-request authorization enforcement
  • - Private mesh networking between internal services
  • - Append-only audit logs with cryptographic integrity verification

Cookies

SeerDesk uses only essential functional cookies (language preference). We do not use analytics, advertising, or tracking cookies. For full details, see our Cookie Policy.

Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or legal requirements. When we make material changes, we will update the date at the top of this page. We encourage you to review this policy periodically.

Questions About Your Privacy?

If you have any questions about this privacy policy or how we handle your data, contact us:

Email: contact@seerdesk.com

Address: 3 Rue du Pre du Bois, 35000 Rennes, France

You also have the right to lodge a complaint with your local data protection authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertes).