개인정보 처리방침
Thank you for choosing Dash systems (SIREN: 101 541 142). We value your trust and are committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose and protect your personal information when you use our website core-dash.com and the full suite of developer utilities, networking tools and related services (collectively, the “Services”).
By using our Services, you agree to the practices described in this policy.
As a service based in France, we process your data in accordance with the General Data Protection Regulation (GDPR) and applicable French law.
1. Who we are – Data Controller
Dash systems is a digital services provider specialised in developer utilities and networking tools.
The project is managed and operated by Sébastien Aglaé, acting as an independent entrepreneur (Micro-Entreprise).
- Operator & Publication Director: Sébastien Aglaé
- Legal Status: Micro-Entreprise (Entreprise Individuelle)
- SIREN: 101 541 142
- Code APE: 62.01Z
- Website: core-dash.com
Under the GDPR, Sébastien Aglaé is the Data Controller and is responsible for deciding how your personal data is processed and for ensuring its protection.
2. Information we collect
2.1 Information you provide directly
Account Details
Email address, username, password
When you sign in with Google or GitHub, we receive your name and email address to create your profile.
AI Interactions (Kortex_)
Conversation history with the Kortex_ assistant is stored in our database so you can access previous conversations.
These prompts are sent to the Google Gemini API or xAI Grok API (paid/enterprise versions).
Web Terminal & Tool Activity
Commands you enter, certain tool lookup inputs, and recent tool activity may be stored in your account history so you can retrieve them later across sessions and devices.
Active session data, recent lookups, preferences, and temporary interface state may also be stored in your browser’s Local Storage for continuity and performance reasons.
2.2 Information collected automatically
- Network identifiersYour IPv4 and/or IPv6 address (required for security, rate-limiting and abuse prevention)
- AnalyticsConsent-based usage statistics collected through our own analytics systems and, where enabled, Google Analytics in non-personalised mode
- AdvertisingNon-personalised contextual advertisements via Google Ads
- Error & crash reportsTechnical metadata + IP address when a crash or major error occurs (to help us fix bugs)
3. How and why we process your data
We process your personal data only when we have a valid legal basis under the GDPR.
| Purpose | Data categories | Storage period | Legal basis |
|---|---|---|---|
| Account creation & management | Email, username, password / SSO ID | Duration of the account + 30-day grace period | Performance of a contract |
| Provide persistent tool history | Terminal commands, saved tool activity, recent lookups, Kortex_ conversations | Until user deletes them or account is closed | Performance of a contract |
| Provide Kortex_ AI assistant | User prompts & AI responses | Until user deletes them | Performance of a contract |
| Security, abuse & DDoS protection | IP address, technical logs | 12 months (French legal obligation – LCEN) | Legal obligation + legitimate interest |
| Usage analytics | Consent-based identifiers, page and tool interaction events, anonymised / aggregated usage data, diagnostics | 14 months | Consent (via cookie banner) |
| Display contextual (non-personalised) ads | Page content & very basic session data | Duration of the session | Legitimate interest |
3.1 Operating the platform
- Deliver the requested developer & networking tools
- Maintain recent tool history, saved lookups, command history and AI conversations
- Authenticate you securely (including via Google / GitHub SSO)
- Debug and improve the tools
3.2 Security & Legal
- Prevent automated abuse / DDoS attacks
- Enforce fair usage limits on AI API calls
- Comply with the French obligation to retain connection data for 12 months
3.3 Advertising
We display contextual (not behavioural) advertisements via Google Ads in non-personalised mode to help fund free access to the tools.
4. Transparency – AI system disclosure
In accordance with the EU AI Act and French transparency rules:
Kortex_ is an artificial intelligence system powered by large language models (Google Gemini or xAI Grok).
It is not a human.
We have configured our API agreements so that your prompts and the generated responses are not used to train the underlying models of Google or xAI.
AI-generated content may contain errors. Always verify important code, commands or technical information before using it.
5. Data retention & deletion
We apply a data minimisation principle.
| Data type | Retention period | Location |
|---|---|---|
| Account information | Until account deletion | Database |
| Kortex_ conversations | Until deleted by the user | Database |
| Tool history, recent lookups & terminal command history | Until cleared by the user, removed by feature controls, or account closure | Database + Local Storage |
| Connection logs (IP) | 12 months (French legal requirement) | Server logs |
When you request deletion, your data enters a 30-day recovery period (“soft delete”). After 30 days it is permanently and irreversibly purged from our production databases and regular backups.
Some session data, recent lookups, UI preferences and temporary tool state remain in your browser until you clear your cache, remove site storage or manually reset the relevant tool.
6. Data security
We implement reasonable technical and organisational measures to protect your data:
The Web Terminal and Kortex_ are not secure vaults. Never input production secrets, passwords or other highly sensitive data.
7. Who can access your data
We do not sell your personal data.
Access is strictly limited to:
You
via your account
Infrastructure Providers
under strict data processing agreements
- Hosting → France
- Cloud storage (e.g. AWS S3) → EU region (maybe in the future)
- AI model providers → Google (Gemini) & xAI (Grok) – only for generating responses (maybe in the future)
Authentication Providers
Google, GitHub – only the minimum data needed for login
Analytics & Advertising Partners
Dash systems first-party analytics under your consent preferences, plus Google Analytics and Google Ads where enabled and in non-personalised mode
French Judicial Authorities
only when required by law (e.g. valid court order)
8. International data transfers
Our core infrastructure is located in the European Union.
However, when you use Kortex_, your prompts are processed by Google or xAI servers located in the United States.
These transfers are covered by:
- Standard Contractual Clauses (SCCs)
- The EU-U.S. Data Privacy Framework
9. Cookies & similar technologies
Essential cookies
required for the site to function (login session, tool stability)
Analytics cookies
Dash systems consent cookie and first-party analytics identifiers, plus Google Analytics where enabled (optional - you can refuse via the banner)
Advertising cookies
Google Ads – non-personalised (used for frequency capping)
You can manage your preferences via our cookie banner or your browser settings. Refusing analytics disables optional measurement, while essential cookies remain required for login, consent storage and core stability.
10. Your rights under the GDPR
How to exercise your rights
Send your request to: [email protected]
We will normally reply within one month. We may ask for proof of identity.
11. Age requirements & children’s privacy
In accordance with French law (Loi "Majorité Numérique") and the GDPR:
- 15+Minimum age15 years old to create an account
- 13+13–14 years oldpossible only with the consent and involvement of a parent or legal guardian
- <13Under 13 years oldwe do not knowingly collect data. If we discover such data, we will delete it immediately.
If you are a parent or guardian and believe we have collected data from a child under your responsibility without proper consent, please contact us at [email protected].
12. Contact & complaints
Right to lodge a complaint
If you believe we are not handling your data correctly, you may lodge a complaint with the French supervisory authority: