Cookie Policy

Last updated: 9 May 2026

This policy describes the cookie posture of the enclair.ai website and the EnClair application, operated by H2V SAS. It complements our Privacy Policy.

1. What is a cookie?

A cookie is a small text file placed on your device by a website during your visit. Depending on its purpose, it can maintain an active session, store preferences or track activity.

2. Cookies used by EnClair

EnClair uses only two cookies, both strictly necessary for application authentication:

• session: active session token, limited to the signed-in user’s session lifetime.
• refresh_token: session refresh token, used to extend the signed-in window without forcing a new authentication.

Both cookies are essential to the service; disabling them prevents access to the user workspace.

3. Cookies NOT used

EnClair does not set any of the following cookies:

• analytics cookies (Google Analytics, Matomo, etc.);
• marketing, advertising or retargeting cookies;
• social-network cookies;
• third-party cross-site tracking cookies;
• third-party audience-measurement cookies.

4. No cookie banner

EnClair does not display a cookie consent banner. Under Article 82 of the French Data Protection Act and the CNIL guidelines, cookies strictly necessary for a service expressly requested by the user (authentication) are exempt from the consent requirement.

5. Cookie management

You can delete or block cookies at any time from your browser settings:

• Chrome: Settings → Privacy and security → Cookies.
• Firefox: Settings → Privacy & Security → Cookies and Site Data.
• Safari: Preferences → Privacy.
• Edge: Settings → Cookies and site permissions.

Blocking session and refresh_token prevents access to the user workspace.

6. Retention period

• session: cleared on sign-out or session expiry.
• refresh_token: limited lifetime, automatically expires after extended inactivity or on explicit sign-out.

7. Your rights

Your rights of access, rectification, erasure, objection, restriction and portability are described in our Privacy Policy. Requests can be addressed to the Data Protection Officer at dpo@enclair.ai.

8. Changes

This policy may be updated to reflect changes in the service. Substantial changes are notified to active users.

9. Legal references

• Regulation (EU) 2016/679 (GDPR), articles 5, 6 and 7.
• ePrivacy Directive 2002/58/EC, article 5(3).
• French Data Protection Act of 6 January 1978, article 82.
• CNIL recommendations and guidelines.

10. Contact

For any question about this policy, email dpo@enclair.ai.