Get a demo

Privacy Policy

At AroundLink, we are committed to protecting the privacy of our users, customers, and partners. This Privacy Policy is intended to inform visitors to the aroundlink.com website as well as users of the AroundLink SaaS platform about how their personal data is collected, used and protected, in accordance with applicable regulations (Regulation (EU) 2016/679, the “GDPR”, and the French Data Protection Act – Informatique et Libertés).

Identity of the Data Controller

AroundLink (SAS with a share capital of €1,000, registered office: 27 Rue Alfred Kastler, 76130 Mont-Saint-Aignan, RCS Rouen 992 530 477) is the data controller for the personal data collected in connection with the use of its website and its commercial activities.

You can contact us with any questions relating to data protection at: aroundlink.app@gmail.com

Note: For data processed through the AroundLink platform on behalf of client educational institutions (data of students and authorized staff), AroundLink acts as a processor for these clients. In accordance with our contractual commitments, the client institution remains the data controller, and AroundLink processes the data solely on the client’s instructions.

Data Collected and Purposes of Processing

We only collect personal data that is relevant and necessary with regard to the explicit purposes set out below:

Contact data (prospects/clients)

When you request a demo, a quote, or contact us via the website (for example by using the contact form or an appointment scheduling tool), we may collect your first name, last name, professional email address, phone number, the name of your organization, and any information you choose to share with us.

These data are used to respond to your requests, organize a demonstration of the solution, contact you about our services and ensure commercial follow-up (customer relationship management).

The legal basis for this processing is either your consent (for example, when you voluntarily submit your information) or the performance of pre-contractual measures taken at your request.

Browsing data

When you browse our website, we may process technical data such as IP address, pages visited, browser type, cookies and other trackers.

These data are collected in order to ensure the proper functioning and security of the site, compile anonymized statistics on traffic, and improve your user experience.

The legal basis for these processing activities is our legitimate interest in ensuring the security of the website and understanding how it is used. For non-essential cookies, your consent will be requested in accordance with applicable regulations.

Data of AroundLink platform users

As part of the provision of our SaaS service, we process data relating to end-users of the platform (for example, students and coordinators of client institutions).

These data may include login identifiers (name, first name, email address, user ID), academic or mobility-related information (choice of destination, status of applications, uploaded documents, etc.) and any other data necessary for the management and monitoring of international student mobility.

Important: users do not create their own accounts on our public site; user access is created by AroundLink or by the client institution at the time of service deployment.

These data are used exclusively to provide the platform and associated services (management of student mobilities, exchanges via the Erasmus Without Paper network, user support, etc.), in accordance with the contract signed with the client.

The legal basis for these processing activities is the performance of the contract between AroundLink and the client (services provided to authorized users). In this context, as indicated above, AroundLink acts as a processor for the client; the processing is governed by the Data Processing Agreement (DPA) concluded with each client.

We do not collect any special categories of sensitive data (such as health data, racial/ethnic origin, political opinions, etc.) via our website or platform, except for any documents required in the context of mobility programmes (for example a scanned passport, where applicable), and only if this is necessary and supervised by the responsible client.

Recipients of the Data

The personal data collected are intended for authorized personnel of AroundLink, within the limits of their respective responsibilities (for example, sales team for demo requests, technical team for platform support).

AroundLink does not sell or rent your personal data to third parties.

Processors and service providers

AroundLink may use trusted technical service providers for data hosting, sending emails, analyzing website traffic or managing demo requests.

The use of such processors is carried out in compliance with the GDPR: they act only on AroundLink’s instructions and provide sufficient guarantees in terms of security and confidentiality.

For example, our solution is hosted on secure servers located in Europe. Similarly, if we use a third-party service to schedule demonstrations (online calendar, etc.), your contact details may be processed by this service solely for the purpose of organizing the appointment.

In all cases, AroundLink ensures contractually that these providers comply with applicable personal data regulations.

Legal obligations

Your data may be disclosed if required by law or in response to a court decision or a request from legally authorized authorities. AroundLink may also communicate certain data in order to defend its rights in court in the event of a dispute.

Apart from these cases, only you (and, where applicable, the client institution you belong to for use of the platform), AroundLink and its authorized processors have access to your personal data.

Data Transfers Outside the EU

As a principle, your data are hosted and processed within the European Union or in countries recognized as providing an adequate level of protection. AroundLink favors partners and processors established in the EU.

If, exceptionally, some data need to be transferred outside the EU (for example through the use of a tool whose servers are located outside the EU), AroundLink undertakes to ensure that such transfer takes place within an appropriate legal framework offering adequate protection for your information.

This may include the implementation of Standard Contractual Clauses approved by the European Commission or any other suitable safeguards in accordance with Articles 44 et seq. of the GDPR.

You can contact us for more information on this subject if concerned.

Data Retention Periods

We retain personal data only for as long as necessary to fulfill the purposes for which they were collected, and in compliance with legal and regulatory requirements:

Prospects and business contacts

Data collected via the website (demo requests, contact messages) are kept for the time necessary to process the request and for follow-up of the relationship.

If no contract is concluded, they may be stored for up to 3 years from your last contact, for commercial prospecting purposes, unless you object.

In the event of an objection on your part (request not to be contacted), we will delete or archive your contact data for evidential purposes.

Clients

If you represent a client (institution) that has subscribed to AroundLink services, the professional data concerning you (e.g. contact details of the designated contact person, contractual information) are retained for the duration of the contractual relationship, extended by the legal limitation period (generally 5 years) for evidential and administrative purposes.

Contractual documents or invoices that may contain your data may be retained longer in order to comply with legal obligations (accounting or tax obligations, generally 10 years for accounting records).

Platform users (students, staff)

User account and mobility data are hosted for the entire duration of the contract between AroundLink and the client (institution).

Upon the client’s instruction or at the end of the contract, AroundLink will delete or return these data within a reasonable timeframe (for example, export and deletion of data within 30 days following the end of the service, unless a longer legal retention period is required).

Certain technical data (connection logs, system logs) may be retained for a few months for security and maintenance purposes.

Cookies

Cookies and trackers placed on your device via the website have varying lifetimes. See the “Cookies” section below for more details.

Beyond these periods, personal data are either deleted or irreversibly anonymized.

Cookies and Trackers

Our website uses cookies and similar technologies to improve your browsing experience and perform audience measurements. A cookie is a small text file stored on your device (computer, smartphone, etc.) when you visit a website.

We use the following categories of cookies:

Strictly necessary cookies

These technical cookies enable essential features (such as access to secure areas of the site).

They are exempt from consent and cannot be disabled, as the site would not function properly without them.

Audience measurement (analytics) cookies

These cookies help us understand how visitors navigate the site (e.g. most visited pages, duration of visits) so that we can improve our services.

They may be placed by a third-party tool (for example Google Analytics). We use these cookies in an anonymous manner, without personally identifying visitors.

They are only placed with your consent (via the cookie banner displayed on your first visit). You can choose to disable them at any time.

Functionality or third-party cookies

Some features of our site may rely on services provided by third parties (e.g. an online chat tool, embedded multimedia content, appointment scheduling via a third-party calendar).

These features use their own cookies, which are subject to your consent. Refusing these cookies may prevent these third-party services from functioning on our site.

Cookie management

When you first visit our site, a banner informs you about the presence of cookies and invites you to set your preferences. You can accept all cookies, refuse them (except for strictly necessary cookies), or configure them in more detail.

Your choice will be stored for a maximum of 6 months, after which we will ask you again.

You can also manage your cookies at any time by configuring your browser (blocking, selective deletion) or by using our cookie preference module (if available on the site).

For more information on cookie configuration, please refer to your browser’s help menu.

Data Security

AroundLink implements appropriate technical and organizational security measures to ensure the confidentiality and integrity of your personal data.

We use industry-standard technologies to protect the website and platform against unauthorized access, misuse, loss or destruction:

  • Encrypted communications: the website and platform are secured using TLS (HTTPS), ensuring encryption of data in transit between your browser and our servers.

  • Secure hosting: as indicated, your data are hosted on highly secure servers located in Europe, benefiting from state-of-the-art physical and logical protections (firewalls, access control, redundancy, etc.).

  • Access control: internally, access to personal data is strictly limited to AroundLink employees who need it in the course of their duties. Each platform user has personal login credentials and must keep their password confidential. Robust access and password management policies are in place.

  • Backups and logging: regular backups of databases are carried out to prevent any data loss. Security logs are also kept to detect and analyze any abnormal activity or incident, in accordance with AroundLink’s security plan.

  • Testing and updates: we keep our platform and tools up to date with the latest security patches. Regular tests (including penetration tests and audits) may be conducted to verify the robustness of our measures.

Despite all our efforts, no system is completely infallible. In the event of a personal data breach (a security incident affecting data) that is likely to result in a high risk to your rights and freedoms, AroundLink undertakes to inform you as soon as possible and to notify the competent supervisory authority (the CNIL) in accordance with Article 33 of the GDPR.

Your Rights Regarding Your Data

In accordance with applicable regulations, you have the following rights over your personal data:

  • Right of access: you can obtain confirmation as to whether or not data concerning you are being processed by AroundLink and, where applicable, receive a copy along with information about the processing (purposes, categories of data, recipients, etc.).

  • Right to rectification: if you find that the personal data held by AroundLink are inaccurate or incomplete, you may request that they be corrected or updated.

  • Right to erasure (right to be forgotten): in certain cases, you may request the deletion of your data, for example if they are no longer necessary for the purposes for which they were collected, if you withdraw your consent (for processing based on consent), or if you object to the processing. This right may be limited by our legal obligations (mandatory retention of certain data, etc.).

  • Right to restriction of processing: in certain cases, you may obtain temporary restriction of processing of your data (for example while we verify the accuracy of disputed data or the legitimacy of a contested processing).

  • Right to object: you have the right to object at any time, on grounds relating to your particular situation, to processing of your data based on our legitimate interests.

    For direct marketing purposes, you may object at any time and without justification (absolute right to object, including the right to refuse any newsletter or marketing communication from us).

  • Right to data portability: for processing based on your consent or a contract and carried out by automated means, you may request to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, or to have them transmitted directly to another controller where technically feasible.

  • Post-mortem directives (France): in France, you may define instructions regarding the fate of your personal data after your death (retention, deletion or communication of your data). These instructions may be general or specific. You may inform us of any such directives so that we can respect them when the time comes.

To exercise your rights, you can contact us at any time by email at contact@aroundlink.com or by post at our registered office address (listed above), specifying the subject of your request and providing proof of your identity if necessary.

We will respond as soon as possible and in any event within the one-month period provided by law (which may be extended exceptionally to two months for complex requests, in which case you will be informed).

The exercise of these rights is free of charge (except in the case of manifestly unfounded or excessive requests, where a reasonable fee may be charged in accordance with regulations).

If, after contacting us, you consider that your rights regarding your data have not been respected, you may lodge a complaint with the competent supervisory authority.

In France, this is the Commission Nationale de l’Informatique et des Libertés (CNIL – www.cnil.fr). You may also use the usual legal channels (court action) in case of breach of personal data regulations.

Updates to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in our data processing practices or to comply with legal or regulatory developments.

In the event of a substantial change, we will post a notice on the website or inform you by any appropriate means.

We invite you to consult this page regularly to review the most recent version of our policy.

Last updated: 28/11/2025.

We thank you for your trust. If you have any questions or concerns regarding your personal data or this policy, please contact us at aroundlink.app@gmail.com – we are here to help.