Privacy Policy

inextra.org

portail.inextra.org (Odoo : instance principale)

Group employees + VAR partners + Candidates


1. Data controller

INEXTRA GROUP Ltd, company incorporated under Mauritian law, registered office: Villa dauphine, Avenues des rosiers, La Preneuse, Rivière Noire -90101 - Grande Rivière Noire, Mauritius.

Contact: group@inextra.org


2. Data processed and legal basis

Processing

Legal basis

Data

Retention

Authentication & portal access

Contract (performance)

Credentials, access logs, IP, device

Contract duration + 12 months logs

Employee HR management

Employment contract / Legal obligation

Identity, position, salary, leave, appraisals

Contract duration + 5 years

VAR partner portal (DMS, Sign, Purchases)

Contract

Professional identity, contractual documents (NDA, KYC, VAR), order history

Partnership duration + 5 years

Recruitment applications

Explicit consent

CV, cover letter, experience, salary expectations

2 years if unsuccessful

Google Analytics (public pages)

Consent (cookie)

Anonymised IP, navigation, session duration

26 months


3. Recipients and processors

Your data is accessible to authorised internal teams (HR, management, sales, support) according to your portal profile. Processors:

  • Amazon Web Services EMEA SARL : AWS Paris server (eu-west-3). DPA signed.
  • Google LLC : Google Workspace (emails). DPA signed. Google DPF certified.


4. International transfers

Data is hosted on AWS servers located in France (Paris). Emails transit via Google Workspace. Transfers from Ivory Coast or Mauritius to these processors are governed by Data Processing Agreements (DPAs) compliant with international standards.


5. Retention periods

See table in section 2. Upon expiry, data is deleted or anonymised.


6. Your rights

You have the right to access, rectify, erase, object to, restrict and port your data. To exercise your rights: group@inextra.org(response within 30 days). You may lodge a complaint with the DPC Mauritius (dataprotection.govmu.org) for holding-level employees, or with ARTCI (artci.ci) for Ivorian entities.


7. Security

Role-based access (Odoo 17), multi-factor authentication (MFA), encryption at rest (AWS), HTTPS, access logging, strong password policy.