Your privacy matters to us.
This policy explains how we collect, use and protect your personal data in accordance with GDPR.
1. Data Controller
Fiscal.ia SAS
17 Chemin du Prieuré, 79260 La Crèche
Email: fiscalia.group@gmail.com
2. Data Collected
2.1 Identification Data
- Email (required to create an account)
- First and last name (optional)
2.2 Usage Data
- Tax questions asked (anonymized to improve the service)
- Connection logs (IP address, dates, times)
- Conversation history
2.3 Payment Data
- Payment information (processed by Stripe, not stored on our servers)
- Transaction history
3. Purposes of Processing
Your data is used to:
- Provide and improve the IFG service
- Manage your user account
- Process your payments
- Send service-related communications
- Ensure security and prevent fraud
- Comply with legal obligations
4. Legal Basis
We process your data based on:
- Contract performance: providing the requested service
- Consent: marketing communications (revocable at any time)
- Legitimate interest: service improvement, security
- Legal obligation: accounting, taxation
5. Data Sharing
Your data may be shared with:
- Supabase: database hosting (GDPR compliance, EU servers)
- Stripe: payment processing (PCI-DSS certified)
- AI services: AI processing (anonymized data, certified providers)
We never sell your data to third parties.
6. Your Rights (GDPR)
Under GDPR, you have the following rights:
- Right of access: obtain a copy of your data
- Right to rectification: correct inaccurate data
- Right to erasure: delete your data (“right to be forgotten”)
- Right to restriction: restrict processing of your data
- Right to data portability: receive your data in a structured format
- Right to object: object to processing
- Right to withdraw consent: at any time
To exercise these rights: fiscalia.group@gmail.com
7. Data Retention
- Account data: for the duration of your subscription + 3 years
- Payment data: 10 years (accounting obligation)
- Connection logs: 12 months (security)
8. Security
We implement appropriate security measures:
- Encryption in transit (HTTPS/TLS)
- Encryption at rest
- Secure authentication
- Restricted access to personal data
- Monitoring and incident detection
9. Cookies
We use essential cookies required for the website to function (session, authentication). You can disable cookies in your browser, but some features may no longer work.
10. Complaints
If you believe your rights are not respected, you may lodge a complaint with the CNIL (French Data Protection Authority):
CNIL
3 Place de Fontenoy - TSA 80715
75334 PARIS CEDEX 07
www.cnil.fr
11. Changes
This policy may be updated. We will inform you of any material changes by email.