Does your website use third-party services? Get GDPR compliant in minutes.
Try FlowConsentFree plan · 10-min setup
E-monsite is a French SaaS website builder operated by Comongo SAS that lets users create websites, blogs, online shops, and member areas without coding. Sites are hosted on infrastructure located in France and the platform bundles built-in statistics, contact forms, and eCommerce features. Visitor cookies and the integrated audience measurement tool fall under the GDPR and the French ePrivacy rules.
E-monsite is a French SaaS website builder operated by Comongo SAS, headquartered in Lille, France. The platform allows users to create static websites, blogs, e-commerce stores and member areas through a hosted editor. As a managed publishing platform it provides hosting, templates, plugins and an administration backend, and it serves both visitor traffic and the website owner's editorial workflow from infrastructure located primarily in France.
E-monsite uses first party HTTP cookies for session management, authentication of site administrators, CSRF protection and visitor preferences. Depending on activated modules, additional cookies may be set for shopping cart state, language selection or audience statistics. When site owners enable third party widgets (social embeds, external statistics, payment buttons, chat tools), those vendors may set their own cookies on the visitor's browser.
Cookies that are strictly necessary for the website to function (session, CSRF, cart) do not require prior consent under Article 82 of the French Data Protection Act and the ePrivacy Directive. Cookies used for audience measurement, advertising, social integrations or behavioural analysis fall outside the strictly necessary scope and therefore require informed, prior, granular and revocable consent from the visitor before they are deposited or read.
Get GDPR compliant in 10 minutes
Free plan available · No credit card required
Site owners building on E-monsite remain the data controllers for content delivered through their site. They must implement a consent mechanism that blocks non essential cookies and third party scripts until the visitor accepts them, document each consent, and offer an equally accessible refuse option. The CNIL guidelines (2020 deliberations and 2021 recommendation) apply directly because Comongo SAS and most of its clients are established in France.
E-monsite hosts visitor and customer data in France, which keeps the processing inside the European Economic Area and removes the need for transfer safeguards under Chapter V of the GDPR. However, if a site owner installs external modules (Google Analytics, Facebook Pixel, US chat or marketing tools), personal data may be transferred outside the EEA. Standard Contractual Clauses and a transfer impact assessment then become necessary.
Sign the data processing agreement offered by Comongo SAS, list E-monsite in your record of processing activities, classify each cookie set on the site, deploy a CMP that blocks non essential tags until consent is captured, and keep an internal log of consent events. Publish a clear cookie policy, link it from every page, and review the configuration whenever a new plugin is enabled.
Websites using E-monsite must obtain user consent under GDPR regulations.
DPIA considerations
E-monsite collects visitor IP addresses for its built in audience measurement and for security. The integrated stats can be configured to fall under the CNIL consent exemption (anonymised IP, no cross site tracking, limited retention); otherwise consent is required. Account holder data (name, email, billing) is processed in France. Risk factors: third party scripts the site owner may activate (Google Analytics, Meta Pixel) create transfers to the United States and additional persistent identifiers. A DPIA is generally not mandatory when only the native stats are used, but becomes recommended as soon as third party advertising or analytics widgets are installed.
Sample consent text
This site is built with E-monsite and uses cookies to keep your session active, remember your preferences, and measure how visitors interact with our pages. The built in statistics are processed in France by Comongo SAS. If you accept, we also activate additional analytics or advertising cookies from third party providers such as Google Analytics or Meta. You can change your choice at any time from the cookie settings.
Third-party domains contacted
e-monsite.comstatic.e-monsite.comcdn.e-monsite.compaiement.e-monsite.comCookies placed
| Name | Type | Duration | Purpose |
|---|---|---|---|
| PHPSESSID | first_party | Session | Server side session identifier used to maintain user state between page requests on the E-monsite site. |
| em_lang | first_party | 1 year | Stores the visitor's language preference for the multilingual versions of an E-monsite site. |
| em_cart | first_party | 30 days | Shopping cart identifier that persists the items added to the e-commerce cart between visits. |
| em_admin | first_party | Session | Authentication cookie for the back office that identifies a logged in administrator. |
| em_csrf | first_party | Session | Anti CSRF token that protects form submissions from cross site request forgery attacks. |
| em_stats | first_party | 13 months | Internal audience measurement cookie used by the optional E-monsite statistics module when enabled. |
This service may collect user data. Ensure GDPR compliance with FlowConsent.
E-monsite sets first party cookies for session management, administrator authentication, CSRF protection, language and shopping cart state. When site owners enable optional modules such as audience statistics or third party widgets, additional cookies may be deposited by E-monsite or by the integrated vendors.
Consent is not required for strictly necessary cookies such as session and CSRF tokens. Consent is required for non essential cookies, including audience measurement that is not CNIL exempted, advertising tags, social widgets and any analytics tools added by the site owner.
The strictly necessary cookies rely on the legitimate interest of the site owner to operate the website. All other cookies and the personal data they collect require consent under Article 6(1)(a) of the GDPR and Article 82 of the French Data Protection Act.
The core E-monsite service is hosted in France and does not transfer data outside the EEA. Transfers can occur indirectly when site owners enable US based plugins, statistics tools or payment providers, in which case Standard Contractual Clauses and a transfer impact assessment are needed.
A DPIA is usually not required for a standard E-monsite website. It becomes mandatory when the site processes special category data at scale, performs systematic profiling, targets vulnerable audiences or combines several data sources for behavioural analysis.
Sign the data processing agreement with Comongo SAS, list E-monsite in your record of processing activities, audit every cookie, deploy a consent management platform that blocks non essential scripts until the visitor accepts, and document each consent with a clear refusal option.
European alternatives include WordPress.com hosted in the EU, Webflow with an EU data residency option, Jimdo (Germany) and Wix with EU configuration. Self hosted WordPress or Ghost with a French provider also offer strong control over data location.
List the new module, the cookies it sets, the purpose, the retention period and the recipients. Update the CMP categories accordingly, refresh the consent banner so visitors are asked again, and version the cookie policy with the publication date for traceability.