Privacy Policy

The data controller for personal data is:

We collect the following data:

• Identification data: last name, first name, email address
• Connection data: IP address, browser type, operating system, pages visited, date and time of connection
• Communication data: messages sent via the contact form
• Account data: information related to the creation and management of a user account on the platform (email, encrypted password, role, organization)

Your data is collected for the following purposes:

• Managing contact requests and responding to inquiries
• Creating and managing user accounts on the SaaS platform
• Providing and improving our services (dashboard, analytics, CRM)
• Sending communications related to our services (with your consent)
• Statistical analysis of website traffic to improve performance
• Compliance with our legal and regulatory obligations

The processing of your data is based on the following legal grounds:

• Your consent (Article 6.1.a GDPR): for sending commercial communications
• Performance of a contract (Article 6.1.b GDPR): for managing your account and providing our services
• Legitimate interest (Article 6.1.f GDPR): for statistical analysis and service improvement
• Legal obligation (Article 6.1.c GDPR): for retaining certain data required by law

Your data is retained for the following periods:

Your data may be shared with the following recipients:

• Our internal team, strictly within the scope of their duties
• Supabase Inc. (data hosting and authentication) — servers located in the EU
• Vercel Inc. (website hosting) — with standard contractual clauses for transfers outside the EU
• Any technical service provider acting on behalf of RLCore, bound by confidentiality obligations

Some of our processors (Vercel) may be located outside the European Union. In such cases, data transfers are governed by standard contractual clauses approved by the European Commission (Article 46.2.c GDPR), ensuring an adequate level of protection.

Under the GDPR and the French Data Protection Act, you have the following rights:

• Right of access: obtain confirmation that data concerning you is being processed and receive a copy
• Right to rectification: request the correction of inaccurate or incomplete data
• Right to erasure: request the deletion of your data in cases provided by law
• Right to restriction: request the restriction of processing of your data
• Right to data portability: receive your data in a structured, machine-readable format
• Right to object: object to the processing of your data on legitimate grounds
• Right to withdraw consent: at any time, without affecting the lawfulness of prior processing

Our website uses only strictly necessary cookies:

• Session cookies: to maintain your connection and preferences
• Language preference cookies: to remember your language choice (French/English)

We do not use any advertising, tracking or third-party analytics cookies. No additional consent is therefore required for these essential cookies, in accordance with Article 82 of the French Data Protection Act.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, modification, disclosure or destruction. These measures include: encryption of data in transit (HTTPS/TLS), password hashing (bcrypt), secure authentication via Supabase Auth, principle of least privilege with Row Level Security (RLS), and regular backups.

We reserve the right to modify this privacy policy at any time. Any substantial changes will be notified on the website. The date of the last update is indicated at the top of this page. We encourage you to review this page regularly.

For any questions regarding this privacy policy or to exercise your rights, contact us: