Introduction

Tapbuy SAS (hereinafter Qomit) places particular importance on the protection of personal data.
This policy describes how Qomit collects and processes the data of visitors and users of qomit.com, in compliance with the General Data Protection Regulation (GDPR) and the French Data Protection Act.

Scope: this policy covers processing for which Qomit acts as data controller (corporate site, forms, prospecting, marketing). Data processed by the Qomit platform on behalf of its merchant clients is governed by a separate Data Processing Agreement (DPA), under which Qomit acts as data processor.

Data controller

Contact: hello@qomit.com

Data Protection Officer (DPO): Dov Benitah

Data collected and purposes

Data recipients

Data is intended for authorised Qomit teams. It may be shared with processors for the purposes of the processing:

HubSpot (CRM, marketing, site hosting)

Qomit ensures that each processor offers sufficient guarantees (Article 28 GDPR).

Transfers outside the European Union

Some providers (notably HubSpot) may process data in the United States. These transfers are governed by appropriate safeguards/

Your rights

Under the GDPR, you have the following rights: access, rectification, erasure, restriction, objection, portability, and withdrawal of consent at any time.

To exercise them, contact:  hello@qomit.com. Proof of identity may be requested. You also have the right to lodge a complaint with the French supervisory authority (CNIL, www.cnil.fr).

Security

Qomit implements appropriate technical and organisational measures to protect data against unauthorised access, alteration, or disclosure.

Changes

This policy may be updated. The applicable version is the one published on the site at the date of your visit.

Last updated: 09/06/2026