Your privacy is our priority. Discover how we protect your personal data.
Last updated: August 1, 2025
This Privacy Policy describes how Tesseris collects, uses, stores and protects your personal data when you use our route optimization service. We are committed to respecting your privacy and being transparent about our practices.
The Tesseris service is published by Sohmware, SARL with a capital of 5000 euros, registered in the RCS of Strasbourg under SIREN number 749862322, NAF code 62.02A, whose registered office is located at 3 rue Hanau, 67350 Niedermodern, France. Sohmware is responsible for processing your business data. For your end customers' data, you remain the data controller and Tesseris acts as a processor. You can contact us at contact@tesser.is for any questions relating to this policy. Hosting: OVH SAS, 2 rue Kellermann, 59100 Roubaix, France - hosting in France, with possible interactions with external calendars outside the EU.
We collect: (a) Company user data: first names, last names, emails, phone numbers of employees using the service; (b) Company data: business name, billing information; (c) Connection data: IP address, connection logs; (d) Usage data: service interactions, preferences, usage statistics; (e) End customer appointment data: first names, last names, complete addresses, phone numbers, emails and service types; (f) Calendar data: automated consultation of calendars for optimization; (g) Geolocation data: addresses transmitted to external APIs for route calculation and optimization, GPS coordinates of end customers only if they explicitly consent to geolocation via their mobile device.
Your data is used to: (a) Provide and maintain the Tesseris service; (b) Manage your account and billing; (c) Optimize your routes with AI; (d) Contact you for customer support; (e) Send notifications and reminders; (f) Improve our service and develop new features; (g) Comply with our legal obligations.
Our processing is based on: (a) Contract execution for service provision; (b) Our legitimate interests for service improvement and security; (c) Your consent for marketing communications; (d) Compliance with legal obligations for billing and archives; (e) Explicit consent from end customers for their real-time geolocation via mobile device.
We retain your data: (a) Account and route data: during your subscription period + 30 days to allow possible reactivation, then automatic deletion. Technical backups may be kept for up to 90 additional days for security and service continuity purposes, accessible only in case of major technical incident or legal request; (b) Billing data: 10 years in accordance with accounting obligations; (c) Support and follow-up data: 3 years maximum for controls; (d) Connection logs: 1 year maximum; (e) Geolocation cache (address/GPS coordinates): 1 month maximum for performance optimization. You may request early deletion of your data except for legal obligations.
You have the following rights on YOUR business data: (a) Access: obtain a copy of your data; (b) Rectification: correct inaccurate data; (c) Erasure: delete your data under certain conditions; (d) Portability: retrieve your data in a structured format; (e) Objection: object to certain processing; (f) Restriction: request limitation of processing. Exercise of rights: Contact us at contact@tesser.is with proof of identity. Response within 1 month maximum. Data exports: Depending on the complexity of the request (period, filters, specialized format), fees may apply according to our current pricing schedule. IMPORTANT: For your end customers' data, you remain the data controller and must directly handle their GDPR requests. As a processor, we can only communicate this data to you according to your instructions.
Security measures: HTTPS encryption, secure passwords, regular backups, secure OVH hosting. We adapt our security measures to the risk level of the data processed. Despite these measures, no transmission over the Internet is 100% secure.
Although our servers are hosted in France, our service requires interactions with: (a) External calendars (Google, Microsoft) whose servers may be located outside the EU; (b) Geolocation and mapping APIs receiving only addresses for route calculation, route optimization and reverse geocoding; (c) French public services (data.gouv.fr) for geographical enrichment. These transfers are necessary for the service to function and rely on adequacy decisions or standard contractual clauses from these providers. Addresses alone, without association with first/last names, present a reduced risk of re-identification. We maintain a geolocation cache (address/GPS coordinates correspondence, 1 month maximum) to optimize performance and reduce calls to external APIs. We do not control the retention policies of external APIs. By using our service, you expressly consent to these transfers for the proper functioning of optimization.
SHARING AND PROCESSING OF GOOGLE AND MICROSOFT DATA: Tesseris accesses your Google Calendar and Microsoft Exchange/Outlook calendars only within the strict framework of optimizing your routes. DATA ACCESSED: calendar events (title, date, time, location), availability and free slots for automatic appointment scheduling. EXCLUSIVE PURPOSE: read-only consultation to optimize the planning of your routes and avoid appointment conflicts. NO SHARING WITH THIRD PARTIES: Your Google and Microsoft calendar data is never shared, sold or transmitted to commercial third parties. It is only processed by our servers hosted in France (OVH) for algorithmic optimization. LIMITED RETENTION: Calendar information is consulted in real-time and is not permanently stored in our databases. Only a temporary technical cache (maximum 24h) may be maintained to optimize performance. ACCESS REVOCATION: You can revoke Tesseris access to your calendars at any time from your Google/Microsoft account or contact us at contact@tesser.is. SECURITY: All exchanges with Google and Microsoft APIs use standard OAuth 2.0 and HTTPS security protocols. Your Google/Microsoft service login credentials are never stored by Tesseris.
In case of a data breach at risk, notification to CNIL within 72 hours and to concerned persons without excessive delay. Breach register maintained in accordance with GDPR.
IMPORTANT: For end customer data of the company (names, addresses, phone numbers of individuals), Tesseris acts as a processor within the meaning of Article 28 of the GDPR. The user company remains solely responsible for processing this data and must: (a) Collect appropriate consent from its customers; (b) Inform them that Tesseris processes their data for route optimization; (c) Respect their GDPR rights; (d) Ensure the lawfulness of processing; (e) Obtain explicit consent for any real-time geolocation of its end customers and inform them of this optional feature. Tesseris undertakes to process this data only according to the client company's instructions and within the strict framework of the optimization service.
Our service uses only cookies essential for technical operation. Types of cookies used: (a) Authentication cookies: PHPSESSID (PHP session, duration: until browser closure), remember_me ('remember me' option, duration: 14 days maximum), CSRF security cookies (attack protection, duration: session). These cookies are strictly necessary for service operation and do not require your consent according to Article 82 of the Data Protection Act; (b) Single Sign-On (SSO) cookies: if you activate authentication via an external identity provider, additional cookies may be set according to the protocol used (SAML, OAuth, etc.), also exempt from consent as necessary for the requested service. We do not use any tracking, analytics or marketing cookies. Management: You can configure your browser to be alerted when cookies are set. Warning: refusing them will prevent the authentication service from working.
For any questions about this policy or to exercise your rights, contact us: Email: contact@tesser.is - Address: Sohmware, 3 rue Hanau, 67350 Niedermodern, France. You can also file a complaint with CNIL (www.cnil.fr) if you believe your rights are not being respected.
To exercise your rights or for any questions, contact us at: contact@tesser.is