Privacy Policy

    Last Updated: February 2026

    We are delighted that you have shown interest in our enterprise. Data protection is of a particularly high priority for the management of Spoon Consulting Ltd.

    The use of the Internet pages of Spoon Consulting is possible without any indication of personal data; however, if a data subject wants to use special enterprise services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we generally obtain consent from the data subject.

    The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the General Data Protection Regulation (GDPR) and the Mauritius Data Protection Act 2017 (DPA).

    1. Name and Address of the Controller

    The “Controller” for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in Member states of the European Union, and other provisions related to data protection is:
    Spoon Consulting Ltd
    Represented by: Georges Guigui
    Mountain View Building, 1st floor,
    Vivéa Business Park, 81430 Moka, Mauritius
    Phone: +230 433 34 77

    Email: contact@spoonconsulting.com

    Website: www.spoonconsulting.com

    2. Name and Address of the Data Protection Officer (DPO)

    Any data subject may, at any time, contact our Data Protection Officer directly with all questions and suggestions concerning data protection.
    Mr. Jérémy GACHET
    Spoon Consulting Ltd
    Mountain View Building, 1st floor,
    Vivéa Business Park, 81430 Moka, Mauritius
    Phone: +230 433 34 77

    Email: contact@spoonconsulting.com

    3. Collection of Data and Information

    A. General Log Data

    The website of Spoon Consulting collects a series of general data and information when a data subject or automated system calls up the website. This general data and information are stored in the server log files. Collected may be:
    The browser types and versions used.
    The operating system used by the accessing system.
    The website from which an accessing system reaches our website (so-called referrers).
    The date and time of access to the Internet site.
    An Internet protocol address (IP address).
    Purpose: This information is needed to deliver the content of our website correctly, optimize the content, and ensure the long-term viability of our IT systems. Spoon Consulting analyzes this anonymously collected data statistically to increase data protection and data security.

    B. Contact Possibility via the Website

    The website of Spoon Consulting contains information that enables a quick electronic contact to our enterprise (e.g., email address, contact form).

    If a data subject contacts the controller by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis by a data subject to the data controller (including Name, Email address, Job Title, Phone, Company, and message content) are stored for the purpose of processing or contacting the data subject. There is no transfer of this personal data to third parties.

    4. Routine Erasure and Blocking of Personal Data

    The data controller shall process and store the personal data of the data subject only for the period necessary to achieve the purpose of storage, or as far as this is granted by the applicable laws.

    If the storage purpose is not applicable, or if a storage period prescribed by law expires, the personal data are routinely blocked or erased in accordance with legal requirements.

    5. Rights of the Data Subject

    Under the GDPR and the Mauritius Data Protection Act, you have the following rights:
  1. Right of confirmation & access: You can ask us if we hold data about you and request a copy of it.
  2. Right to rectification: You can ask us to correct inaccurate or incomplete data.
  3. Right to erasure (Right to be forgotten): You can ask us to delete your data if it is no longer necessary or if you withdraw your consent.
  4. Right of restriction of processing: You can ask us to limit how we use your data in certain cases.
  5. Right to data portability: You can ask to receive your data in a structured, machine-readable format.
  6. Right to object: You can object to the processing of your data for direct marketing or based on our legitimate interests.
  7. Right to withdraw consent: If processing is based on consent, you can withdraw it at any time.
    8. To exercise any of these rights, please contact our Data Protection Officer (see Section 2).

    6. Cookies and Web Analytics (Google Analytics)

    This website uses Google Analytics (with the anonymization function). Google Analytics is a web analytics service.

    A. Consent and Opt-In

    We only use Google Analytics cookies if you have given your explicit consent via our Cookie Banner upon your first visit to the website. You can withdraw this consent at any time by changing your cookie settings on our website.

    B. Anonymization

    We use the application _gat._anonymizeIp. By means of this application, the IP address of the Internet connection of the data subject is abridged by Google and anonymised when accessing our websites from a Member State of the European Union or another Contracting State to the Agreement on the European Economic Area.

    C. Data Transfer to the USA

    Google Analytics transmits data to servers in the United States. Google ensures compliance with data protection standards through appropriate legal mechanisms (such as the Data Privacy Framework or Standard Contractual Clauses).

    The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, United States.

    You may also prevent the collection of data generated by Google Analytics by downloading and installing the browser add-on available at: https://tools.google.com/dlpage/gaoptout

    7. Social Media Plug-ins (Twitter / X)

    Our website may include components (buttons or links) from Twitter (X), operated by Twitter, Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA.

    When you click on a Twitter button or link on our site, you may be redirected to Twitter, and data (such as your IP address and the page you visited) may be transmitted to Twitter. If you are logged into your Twitter account, Twitter can associate your visit with your profile. To prevent this, please log out of Twitter before visiting our website or interacting with the plugins.

    For more information, please review Twitter's privacy policy: https://twitter.com/privacy

    8. Legal Basis for the Processing

  8. Consent (Art. 6(1) lit. a GDPR): For newsletters, cookies, or specific requests.
  9. Contract Performance (Art. 6(1) lit. b GDPR): When processing is necessary for the supply of goods or services.
  10. Legal Obligation (Art. 6(1) lit. c GDPR): For tax or accounting obligations.
  11. Legitimate Interests (Art. 6(1) lit. f GDPR): To ensure the security of our website and carry out our business in favor of the well-being of our employees and shareholders.

    12. 9. Competent Supervisory Authority

    If you believe that the processing of your personal data infringes data protection regulations, you have the right to lodge a complaint with a competent supervisory authority.

    In Mauritius:

    The Data Protection Office

    5th Floor, SICOM Tower,

    Wall Street, Ebene, Mauritius

    dataprotection.govmu.org

    In the European Union:

    You may contact the Data Protection Authority of your country of residence.