Request an analysis

Updated: 2026-05-07

How your data is handled

Here, plainly, is what reaches me when you describe a case on this site, what I do with it, and the say you keep over it. I work alone, auditing how ChatGPT names and recommends French businesses. There is no newsletter, no sales desk, and no office inbox circulating your details.

Who answers for it

This site is run by Cassandre Vermeil, who examines why ChatGPT misnames, mis-describes, or under-recommends French consumer-facing businesses. Under the General Data Protection Regulation (GDPR) and comparable laws, the person answerable for the information described here is the operator of chatgptseofrance.com. For a privacy question, or to exercise one of your rights, write to hello@chatgptseofrance.com.

What you send me

When you describe a case through the form, this is what I receive:

  • Your name and email address, so I can reply and address you properly.
  • Another contact route, if you give one (phone, LinkedIn, Signal), for when email does not suit you.
  • The case you describe: the business name and category, its site, its service area, the ChatGPT answer that bothers you, the prompt that produced it, and which language track — French or English — you tested. Only name and email are required; everything else is yours to share or hold back.

These details serve one purpose only: reading the recommendation case you entrusted to me. No list is built, your details go to nobody, and nothing is harvested beyond our exchange. Held with the message are the time it was sent and a salted SHA-256 hash of your IP address, which only keeps automated abuse at bay. The raw IP is never written down, and neither are browser fingerprints or device traits.

What I do not touch

  • No tracking cookies. The analytics I use is cookie-free and keeps no per-visitor identifier.
  • No retargeting pixels, no marketing-automation tags, no ad-network trackers anywhere on the site.
  • No automated profiling, and no automated decisions that carry a legal effect for you.
  • No selling or sharing of personal data with commercial partners. That is simply not how this practice earns a living.

The legal basis I rely on

Case messages are handled under GDPR art. 6(1)(b), as steps taken at your request before any possible engagement. The IP hash that shields the form from abuse rests on GDPR art. 6(1)(f), a legitimate interest in keeping the form usable. Where payment-outcome data exists, it sits on the contractual basis.

How long I keep it

  • Case messages: kept through the engagement and for 24 months after, so the record of the recommendation work stays whole, then removed. Cases that never become work are kept for 12 months, then removed.
  • Payment records: kept for as long as tax and accounting duties require (commonly 5–6 years), then removed.
  • IP hashes: kept for 90 days, enough for abuse protection, then removed.
  • Email threads: kept while we work together, or for 24 months after our last contact, whichever is longer.

Your rights

Under GDPR and comparable laws you can ask to see your information, correct it, delete it, take it elsewhere, restrict how it is used, or object to its use. For any of these, write to hello@chatgptseofrance.com and I respond within 30 days. If you believe the law has been broken, you may complain to your data-protection authority (in France, the CNIL).

Where the data lives

The servers behind this site sit in European Union (Germany). If any further processors (email provider) happen to operate outside the European Union, those transfers rely on standard contractual clauses together with the safeguards each one publishes.

Changes to this text

I update this text whenever the way I handle information changes in a way that matters. The "Updated" date at the top marks the current version. When a change truly counts, I flag it on the home page for 30 days so returning readers notice it.