Sworn interpreting and translation between French, Classical Arabic and Somali

Privacy Policy

This policy informs users of the amina-haji.com website of the conditions under which their personal data is collected and processed, pursuant to Regulation (EU) 2016/679 of 27 April 2016 (GDPR) and French Act No. 78-17 of 6 January 1978 as amended, on information technology, data files and civil liberties. Last updated: 9 May 2026.

1. Data controller

The controller of the data collected via the amina-haji.com website is Mrs. HAJI Amina, sole trader operating under the trade name AHIT, whose place of business is at 18 rue Guillaume Pellicier, 34070 Montpellier, registered under SIRET number 811 814 383 00030.

For any question relating to data protection or to exercise your rights, you may contact rgpd@amina-haji.com. A postal request must be sent to the registered office above, for the attention of Mrs. HAJI Amina.

2. Data collected and purposes

The following data is collected via the contact form, solely at the user's initiative: surname, first name, email address, telephone number (optional), nature of the request (interpreting, translation, asylum, mediation, etc.), source and target languages, context of use, level of urgency, free-text message, and where applicable the attachments useful for assessing the request (supporting documents, documents to translate).

Technical data collected automatically: connection IP address, form access logs (date, time, correlation identifier), security information (anti-spam and antivirus check results). This data is strictly necessary for the security of the service.

Processing purposes: (i) responding to quote and information requests; (ii) establishing, performing and invoicing the contractual service; (iii) ensuring the security of the website (abuse prevention, detection of malicious submissions, antivirus); (iv) complying with legal and accounting obligations (retention of supporting documents); (v) responding to GDPR rights requests.

3. Legal bases for processing

Article 6 GDPR: (i) performance of pre-contractual measures taken at the request of the data subject — for processing quote and information requests (Art. 6.1.b); (ii) performance of the service contract, where concluded (Art. 6.1.b); (iii) compliance with legal obligations to which the controller is subject, in particular accounting and tax obligations (Art. 6.1.c); (iv) the controller's legitimate interest in ensuring the security of the website and preventing fraudulent use (Art. 6.1.f); (v) the data subject's free, specific, informed and unambiguous consent for optional processing such as audience-measurement cookies (Art. 6.1.a).

4. Data recipients

The data collected is strictly intended for Mrs. HAJI Amina, as data controller, and for the technical processors contractually bound to comply with the GDPR (Article 28).

Identified processors: OVH SAS (infrastructure hosting, France); Cloudflare, Inc. (Turnstile anti-spam service, United States — see transfers outside the EU).

No data is assigned, sold or transmitted to third parties for commercial purposes. Data may be disclosed to judicial or administrative authorities upon lawful request.

5. Transfers outside the European Union

The Cloudflare Turnstile service, used for anti-spam protection of the contact form, may result in a transfer of technical data (in particular the visitor's IP address and an anonymous validation token) to the United States.

This transfer is governed by the standard contractual clauses adopted by the European Commission (Decision 2021/914/EU) as well as by Cloudflare's adherence to the EU-US Data Privacy Framework, ensuring an adequate level of protection in accordance with the European Commission's adequacy decision of 10 July 2023.

Use of this service is strictly limited to combating automated submissions and does not involve any marketing exploitation of the data.

6. Retention periods

Form attachments (documents submitted for quotes): 60 days from receipt, unless a contractual relationship begins. In the event of a service, documents are retained according to the periods applicable to accounting records (10 years, Article L. 123-22 of the French Commercial Code).

Contact form data (name, contact details, message): 3 years from the last contact where the request does not lead to a contract (CNIL recommendation on commercial prospecting).

Security logs (audit logs, IP addresses, correlation identifiers): 12 months from creation, in accordance with CNIL deliberation No. 2021-122 of 14 October 2021 on minimum security measures.

Contractual data and invoices: 10 years after the close of the financial year (Article L. 123-22 of the Commercial Code and Article L. 102 B of the French Book of Tax Procedures).

7. Data security

The website implements appropriate technical and organizational measures within the meaning of Article 32 of the GDPR: encryption of communications via TLS 1.3 (certificate issued by Let's Encrypt), systematic antivirus scanning of attachments (ClamAV), limitation of the number of submissions per IP address (rate limiting), strict validation of file type and size, logical separation of environments, logging of security events, encrypted database backups.

Access to data is strictly limited to authorized persons in the performance of their duties. Processors are contractually bound to confidentiality and to implementing equivalent security measures.

8. Data subject rights

In accordance with Articles 15 to 22 of the GDPR, you have the following rights regarding your personal data: right of access (Article 15), right to rectification (Article 16), right to erasure or the 'right to be forgotten' (Article 17), right to restriction of processing (Article 18), right to data portability (Article 20), right to object to processing based on legitimate interest (Article 21).

You also have the right to withdraw your consent at any time, without affecting the lawfulness of processing carried out before such withdrawal (Article 7.3 GDPR), as well as the right to issue directives regarding the fate of your data after your death (Article 85 of the French Data Protection Act).

To exercise these rights, send your request, together with proof of identity, to: rgpd@amina-haji.com. A postal request must be sent to the registered office mentioned in section 1, for the attention of Mrs. HAJI Amina. A response will be provided within one month of receipt, in accordance with Article 12.3 of the GDPR.

9. Complaint to the CNIL

If, after contacting the publisher, you consider that your rights are not being respected, you may lodge a complaint with the French Data Protection Authority (CNIL), the French supervisory authority.

CNIL contact details: 3 place de Fontenoy, TSA 80715, 75334 Paris Cedex 07 — telephone: +33 1 53 73 22 22 — website: https://www.cnil.fr.

10. Changes to this policy

This privacy policy may evolve to take account of legislative, regulatory or technical developments. Any substantial change will be the subject of appropriate information on the website, on the home page or by any other appropriate means.

Users are advised to consult this page regularly. The date of the last update is indicated at the top of the document.