Legal Notice (Mentions Légales)
Company Identification
| Field | Details |
|---|---|
| Company Name | Letztec Sàrl |
| Legal Form | Société à Responsabilité Limitée (Sàrl) — Luxembourg |
| Registration | Registered with the Luxembourg Trade and Companies Register (RCS Luxembourg) |
| Registered Office | 6, Rue de l'Ecole, L-7391 Lorentzweiler, Grand Duchy of Luxembourg |
| Managing Director | Cyrille Gerhardt |
| VAT Number | LU35802769 |
| service@letztec.com | |
| Telephone | +352 661 231 239 |
| Website | www.letztec.com |
Website Publisher & Hosting
This website is published and operated by Letztec Sàrl. Hosting is provided via OVH SAS, 2 rue Kellermann, F-59100 Roubaix, France — a European provider ensuring data residency within the European Union.
Intellectual Property
All content on this website — including but not limited to text, graphics, logos, icons, images, software, and design — is the exclusive property of Letztec Sàrl or its content suppliers and is protected under applicable Luxembourg and EU intellectual property law.
Reproduction, distribution, modification, or use of any content from this website, in whole or in part, is strictly prohibited without prior written consent from Letztec Sàrl.
Disclaimer
Letztec Sàrl endeavours to ensure the accuracy and completeness of information published on this website. However, we cannot guarantee that information is free from errors or that it is current at all times. Letztec Sàrl accepts no liability for any direct or indirect damages arising from the use of this website.
Links to third-party websites are provided for convenience only. Letztec Sàrl accepts no responsibility for the content or practices of external sites.
Privacy Policy
🔒 Our commitment: Letztec Sàrl processes personal data in accordance with Regulation (EU) 2016/679 (GDPR), the Luxembourg Data Protection Act of 1 August 2018, and the ePrivacy Directive. We are committed to transparency and to protecting your privacy.
This Privacy Policy explains how Letztec Sàrl ("we", "us", "our") collects, uses, stores, and protects personal data when you visit our website (www.letztec.com), contact us, or use our services.
Data Controller
| Controller | Letztec Sàrl |
| Address | 6, Rue de l'Ecole, L-7391 Lorentzweiler, Luxembourg |
| Contact | service@letztec.com |
Data We Collect
Data You Provide Directly
When you complete our contact form or reach out to us by email, we may collect:
- First name and last name
- Professional email address
- Company name and job title
- Phone number (optional)
- Content of your message
- Subject of enquiry
Data Collected Automatically
When you visit our website, our server may automatically record:
- IP address (anonymised after 24 hours)
- Browser type and version
- Operating system
- Pages visited and time spent
- Date and time of access
- Referring website URL
ℹ️ No tracking cookies are placed without your consent. We do not use Google Analytics or third-party advertising trackers. Server logs are retained for a maximum of 30 days for security purposes.
Data We Do Not Collect
We do not collect or process special categories of personal data (Article 9 GDPR) such as health data, racial or ethnic origin, political opinions, religious beliefs, or biometric data. We do not collect payment card data through this website.
Legal Basis for Processing
| Processing Activity | Legal Basis (GDPR Art. 6) |
|---|---|
| Responding to a contact form enquiry | Art. 6(1)(b) — Pre-contractual measures / Art. 6(1)(a) — Consent |
| Sending a confirmation email to the sender | Art. 6(1)(b) — Contract performance |
| Security and server log analysis | Art. 6(1)(f) — Legitimate interests (IT security) |
| Business communications with existing clients | Art. 6(1)(b) — Contract performance |
| Compliance with legal obligations | Art. 6(1)(c) — Legal obligation |
How We Use Your Data
We use your personal data only for the purposes for which it was collected:
- To respond to your enquiries and provide the information or services you requested
- To send you a confirmation of receipt of your message
- To manage our business relationship and deliver contracted services
- To maintain the security and integrity of our website and IT systems
- To comply with applicable legal and regulatory obligations
🚫 We never sell your data. We do not share your personal data with third parties for marketing or advertising purposes. Your data is not used for automated profiling or decision-making.
Data Sharing & Third Parties
Letztec Sàrl does not sell, rent, or trade your personal data. Data may be shared only in the following limited circumstances:
| Recipient | Purpose | Safeguards |
|---|---|---|
| OVH SAS (hosting provider) | Website and email hosting — server infrastructure | EU data residency · DPA in place · ISO 27001 |
| Letztec Group companies (consortium members) | Only where necessary to deliver a contracted service you requested | Contractual obligations · GDPR compliance required |
| Legal authorities | Where required by Luxembourg or EU law | Strictly as required by applicable law |
All service providers acting on our behalf are bound by appropriate data processing agreements (DPAs) and are required to comply with GDPR.
Data Retention
| Category | Retention Period | Basis |
|---|---|---|
| Contact form submissions (prospects) | 3 years from last contact | Legitimate interest — business relationship |
| Client contractual data | 10 years from end of contract | Legal obligation (Luxembourg commercial law) |
| Invoice and accounting data | 10 years | Art. L.60 Luxembourg Commercial Code |
| Server/access logs | 30 days (anonymised) | IT security — legitimate interest |
| Email correspondence | 3 years from last exchange | Legitimate interest |
| GDPR consent records | Until consent withdrawn + 1 year | Legal obligation (GDPR accountability) |
Once the retention period expires, data is securely deleted or anonymised in accordance with our internal data management procedures.
Your Rights Under GDPR
As a data subject under the GDPR (Regulation EU 2016/679), you have the following rights with respect to your personal data:
📋 Right of Access (Art. 15)
You have the right to obtain confirmation that we process your data and to receive a copy of that data, along with information about how it is used.
✏️ Right to Rectification (Art. 16)
You can request the correction of inaccurate or incomplete personal data we hold about you.
🗑️ Right to Erasure (Art. 17)
You can request deletion of your personal data where there is no compelling reason for its continued processing ("right to be forgotten").
⏸️ Right to Restriction (Art. 18)
You can request that we restrict the processing of your data in certain circumstances, such as while a dispute is resolved.
📦 Right to Portability (Art. 20)
You have the right to receive your data in a structured, machine-readable format and to transmit it to another controller.
🚫 Right to Object (Art. 21)
You can object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds.
🔄 Right to Withdraw Consent (Art. 7)
Where processing is based on consent, you may withdraw it at any time. Withdrawal does not affect the lawfulness of prior processing.
⚖️ Right to Lodge a Complaint (Art. 77)
You have the right to lodge a complaint with the Luxembourg data protection authority (CNPD) if you believe your rights have been infringed.
To exercise any of these rights, contact us at service@letztec.com or write to us at our registered address. We will respond within 30 days in accordance with GDPR requirements. We may request proof of identity before processing your request.
Supervisory Authority — CNPD
The competent supervisory authority for Luxembourg is the Commission Nationale pour la Protection des Données (CNPD):
- Website: cnpd.public.lu
- Address: 15, Boulevard du Jazz, L-4370 Belvaux, Luxembourg
- Tel: +352 26 10 60-1
- Email: info@cnpd.lu
Cookies & Tracking Technologies
What Are Cookies?
Cookies are small text files stored on your device when you visit a website. They serve various purposes including ensuring website functionality, measuring audience behaviour, and enabling personalisation.
Cookies We Use
| Cookie Type | Purpose | Duration | Consent Required? |
|---|---|---|---|
| Strictly Necessary | Ensure basic website functionality, security and session management | Session | No — exempt under ePrivacy |
| Functional | Remember your preferences and settings | 12 months | Yes |
| Analytics | Understand how visitors interact with our site (anonymised) | 13 months | Yes |
| Marketing/Advertising | We do not use advertising or tracking cookies | N/A | N/A — Not used |
Managing Cookies
You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. Instructions for major browsers:
- Chrome: Settings → Privacy and Security → Cookies and other site data
- Firefox: Options → Privacy & Security → Cookies and Site Data
- Safari: Preferences → Privacy → Manage Website Data
- Edge: Settings → Privacy, search, and services → Cookies
Security Measures
Letztec Sàrl implements appropriate technical and organisational measures (TOMs) to protect your personal data against unauthorised access, disclosure, alteration, or destruction, in accordance with Article 32 GDPR.
- Encrypted data transmission via HTTPS/TLS 1.3 across all web pages
- Server access restricted by IP and authentication controls
- Data stored exclusively on EU-based servers (OVH, France)
- Regular security assessments and access reviews
- Staff confidentiality obligations and data protection training
- Incident response procedures aligned with GDPR Article 33 (72-hour breach notification)
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the CNPD within 72 hours and affected individuals without undue delay where required.
International Data Transfers
Letztec Sàrl processes and stores personal data primarily within the European Economic Area (EEA). Our hosting provider OVH SAS operates data centres within the EU, ensuring your data benefits from full GDPR protections.
In the event that a service provider processes data outside the EEA, we ensure adequate protection through one or more of the following mechanisms:
- European Commission adequacy decisions (Article 45 GDPR)
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Binding Corporate Rules where applicable
🇪🇺 Sovereign AI by design: As part of our sovereign AI commitment, we ensure all AI tools and platforms used in delivering client services maintain EU data residency and comply with the EU AI Act where applicable.
Contact Us & Data Protection
For All Privacy Enquiries
If you have any questions about this Privacy Policy, wish to exercise your GDPR rights, or have concerns about how we handle your data, please contact us:
| By email | service@letztec.com — subject: "Data Protection / GDPR" |
| By post | Letztec Sàrl — Data Protection 6, Rue de l'Ecole L-7391 Lorentzweiler Luxembourg |
| By phone | +352 661 231 239 |
| Response time | Within 30 calendar days (GDPR requirement) |
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make significant changes, we will update the "Last updated" date at the top of this page.
We encourage you to review this page periodically. Continued use of our website after any changes constitutes acceptance of the updated policy.
This document was last reviewed and updated in May 2026. It is governed by the laws of the Grand Duchy of Luxembourg. Any disputes arising in connection with this policy shall be subject to the exclusive jurisdiction of the Luxembourg courts.