Security & trust
This page is written and maintained by Creative Fair to answer common questions about the site's security and privacy. It describes the practices in place; it is not a certification or an independent audit.
Shared responsibility
Security relies on several parties. Creative Fair manages the application configuration and its access controls, its technical providers (hosting, database) operate the infrastructure, and you protect access to your inbox and your devices.
Access control
- admin area protected by authentication
- database-level security rules that partition data
- strict separation between public and administrator access
- least-privilege principle: each role only accesses what it needs
Data protection
- secrets and API keys are stored server-side, never publicly exposed
- data submitted through forms is validated before processing
- Creative Fair only collects data necessary to operate the site
- personal data is never sold
For details on the data collected and its retention, see the privacy policy.
Cookies & analytics
- consent requested for non-essential cookies
- internal analytics, with no resale of data
- cookie preferences can be changed at any time
Hosting & infrastructure
The site relies on established technical providers for hosting, database and deployment. The list of providers is available in the privacy policy.
Your rights
You can request access, correction or deletion of your data, or withdraw your consent at any time: legal@creativefair.fr.
Report a vulnerability
If you believe you have found a security issue, email us at legal@creativefair.fr. Please do not publicly disclose the issue before it has had a chance to be fixed.
Limitations
No system is entirely free of risk. Creative Fair applies reasonable measures and keeps improving them, without being able to guarantee absolute security.
Last updated : June 18, 2026
