Privacy policy
We take the protection of your data seriously. This policy explains what we collect, why, for how long, and what you can do.
Last updated · 15 May 2026
1 · Our principles
Three principles guide how we handle your data:
- Minimum. We collect only what is strictly necessary for the service you request.
- Localization. Your data stays on identified servers, hosted in Côte d'Ivoire or in Europe (EU).
- Reversibility. On simple request, we return or delete your data within 30 days.
We do not train any AI model on your data without explicit written consent, and we never resell any data to third parties — ever.
2 · Data collected
We collect the following data, classified by purpose:
- Contact form
- Name, email, phone, company, desired track, timeline, free-text message. Collected with your explicit consent.
- WhatsApp Business
- Phone number, content of the messages exchanged. Limited to the duration of the business relationship + 3 years.
- Analytics cookies
- Plausible Analytics (no cookies, no fingerprint). Anonymized aggregated data. No individual identifier.
- Technical logs
- Truncated IP address, browser type, page viewed. Kept for 30 days for security.
3 · Purposes of processing
Your data is used exclusively to:
- Respond to your contact request (legal basis: pre-contractual performance)
- Perform the contract if a service is agreed (legal basis: contractual performance)
- Keep you informed of your project's progress (legal basis: legitimate interest)
- Comply with our Ivorian legal and accounting obligations (legal basis: legal obligation)
4 · Retention period
- Prospect (no follow-up)
- 3 months after the last contact, then automatic deletion
- Active client
- For the entire contractual relationship
- Former client
- 10 years after the end of the contract (Ivorian accounting obligation)
- Browsing data
- 30 days
- Analytics cookies
- No persistent cookie
5 · Transfers outside UEMOA
Your data is stored in Côte d'Ivoire (VITIB, Grand-Bassam) or in France (OVHcloud, Roubaix). No transfer to the United States, China, or any other third country without your prior consent.
If you subscribe to an AI & Automation track using a language model hosted outside UEMOA (for example Claude by Anthropic or GPT by OpenAI), we tell you so in writing before any processing and we obtain your specific consent.
6 · Your rights
In accordance with law n° 2013-450 on the protection of personal data in Côte d'Ivoire, and with the GDPR for EU citizens, you have the following rights:
- Access — obtain a copy of your data
- Rectification — correct inaccurate data
- Erasure — request the deletion of your data
- Portability — retrieve your data in a structured format
- Objection — refuse a processing operation (in particular for marketing)
- Restriction — freeze a processing operation while a verification is carried out
To exercise these rights, write to dpo@nextgen-consulting.ci. We respond within 30 days.
You may also refer the matter to the Telecommunications/ICT Regulatory Authority of Côte d'Ivoire (ARTCI) or, for EU nationals, your national data protection authority.
7 · Data protection officer
NextGen has appointed a data protection officer (DPO) reachable at dpo@nextgen-consulting.ci, or by postal mail at: DPO NextGen, Cocody Riviera 3, Lot 27, Abidjan.
For any question: info@nextgen-consulting.ci · +225 07 99 64 23 74