Privacy Policy

Privacy Policy

Effective Date: November 12, 2025

Operator: Recovert SAS ("Recovert", "we", "us", or "our")

Website: https://recovert.fr

1. Introduction

This Privacy Policy explains how Recovert SAS collects, uses, shares, and protects your personal data when you use the Recovert website, platform, and related services ("Services").

We are committed to protecting your privacy and processing your data in accordance with the EU General Data Protection Regulation (GDPR), the French Data Protection Act (Loi Informatique et Libertés), and other applicable international privacy laws.

By accessing or using our Services, you agree to this Privacy Policy.

2. Data Controller

Recovert SAS

Rue du Rocher, 75008 Paris, France

📧 info@recovert.fr | 📞 +33 678001839

REN: 978646628 | VAT: FR59978646628

3. Categories of Data We Collect

We may collect and process the following types of personal and technical data:

A. Personal and Authentication Data

• Email address, hashed password, OAuth provider data (Google, Apple)
• Display name, avatar/profile picture, bio, user ID

B. Contact and Business Information

• Email, phone number, company name, physical address (from consultation requests)
• VAT number, company registration number

C. Financial and Transaction Data

• Stripe Customer ID, subscription status, payment intents, and transaction history
• Subscription details (plan type, status, expiry, credits purchased or remaining)
• Credit transactions (purchase history, expiration, usage records)

D. User Activity and Behavior

• Activity logs (action types, timestamps, IP addresses, user agents)
• Calculation history (product data, CO₂ values, client notes)
• Consultation requests (requested dates/times, topics, messages, admin notes)

E. Technical and Preference Data

• CO₂ and pricing configuration preferences
• Locale preferences (language, currency, measurement units)
• Cookie consent preferences (necessary, analytics, marketing, preferences)
• Browser and device data (IP address, user agent, geolocation)

F. Product Access Data

• Product unlocks, unlock method (subscription or credits), expiration dates

G. Automatically Generated Data

• System-generated IDs (UUIDs), timestamps (created_at, updated_at), session data (Supabase Auth)

4. How We Use Your Data

We use your data to:

• Provide and manage user accounts and authentication
• Process payments and subscriptions via Stripe
• Deliver calculation, consultation, and reporting tools
• Communicate with you and respond to requests
• Improve website performance and user experience
• Fulfill legal and regulatory obligations

5. Legal Bases for Processing (GDPR Article 6)

We process your data on the following legal grounds:

• Contractual necessity – to deliver our services and process payments
• Consent – for marketing, analytics, and cookie usage
• Legitimate interests – to enhance and secure our services
• Legal obligation – for accounting, taxation, and compliance

6. Data Sharing and Third Parties

All processors operate under GDPR-compliant agreements and, where necessary, Standard Contractual Clauses (SCCs) for international transfers.

7. Data Retention

• Account data – retained while the account remains active
• Financial data – retained for up to 10 years for compliance purposes
• Logs and analytics – retained for up to 24 months

After these periods, data is securely deleted or anonymized.

8. International Data Transfers

When data is transferred outside the European Economic Area (EEA), Recovert ensures adequate safeguards such as:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with certified third-party providers

9. Data Security

Recovert implements appropriate technical and organizational measures to protect your data, including encryption, access controls, and secure hosting.

Despite these measures, no online service is completely risk-free, and we cannot guarantee absolute security.

10. Your Rights (GDPR Articles 15–22)

You have the right to:

• Access – obtain a copy of your personal data
• Rectification – correct inaccurate or incomplete information
• Erasure – request deletion of your data ("right to be forgotten")
• Restriction – limit how your data is used
• Portability – request a copy in a machine-readable format
• Objection – oppose processing based on legitimate interests or direct marketing
• Withdraw consent – at any time without affecting previous lawful processing

Requests can be sent to info@recovert.fr.

You may also contact the CNIL (Commission Nationale de l'Informatique et des Libertés) via www.cnil.fr.

11. Cookies and Tracking

Recovert uses cookies and similar technologies to:

• Enable essential website functionality
• Remember your preferences
• Measure performance and usage
• Support personalized experiences

You can manage or withdraw your cookie consent via our cookie banner or browser settings.

(See our Cookie Policy for full details.)

12. Children's Privacy

Our services are not intended for users under 16 years of age. We do not knowingly collect personal data from minors.

If such data is discovered, it will be promptly deleted.

13. Changes to This Policy

We may update this Privacy Policy from time to time.

The latest version will always be published on https://recovert.fr and indicate a new "Effective Date."

14. Contact Us

For any questions about this Privacy Policy or your personal data, please contact:

Recovert SAS

Rue du Rocher, 75008 Paris, France

📧 info@recovert.fr | 📞 +33 678001839