Back to home

Legal

Privacy Policy

Last updated: May 27, 2026

1. Data controller

The data controller for personal data collected through Planelico is:

Quentin Varlet — individual operator
Email: contact@planelico.com

Hereinafter referred to as "the Publisher".

2. Data collected

2.1 Account data

When creating an account: email address, name (optional), password (hashed, never stored in plain text), authentication method (email/password or Google OAuth).

2.2 Usage data

Projects created (name, content, associated PDF files), creation and modification dates, IP address, browser and operating system (access logs).

2.3 Payment data

For Premium purchases: payment data is processed directly by Stripe. Planelico does not store any banking data. Only the Stripe customer ID and subscription status are retained.

2.4 Communication data

Email address used to send transactional emails (account confirmation, purchase confirmation).

3. Purposes of processing

Your data is used to:

  • Create and manage your user account;
  • Provide cloud storage for your projects;
  • Process payments and manage subscriptions;
  • Send transactional communications (account creation, purchase receipt);
  • Improve service quality and fix technical issues.

4. Legal basis

Processing is based on:

  • Contract performance: provision of the service (account, cloud storage);
  • Legal obligation: keeping payment records;
  • Legitimate interest: improving service quality, security.

5. Data retention

Your data is retained for as long as your account is active. After account deletion:

  • Projects and PDF files are permanently deleted within 30 days;
  • Payment records are retained for 10 years (legal obligation);
  • Access logs are retained for 12 months.

6. Data sharing

Your data may be shared with the following service providers (acting as data processors):

  • Supabase (database and authentication hosting — EU servers);
  • Stripe (payment processing);
  • Vercel (application hosting — EU region);
  • Resend (transactional email sending).

No personal data is sold or transferred to third parties for commercial purposes.

7. Your rights

In accordance with applicable data protection law (GDPR), you have the right to:

  • Access your personal data;
  • Rectify inaccurate data;
  • Delete your data (right to be forgotten);
  • Restrict processing;
  • Object to processing;
  • Portability of your data.

To exercise these rights, contact: contact@planelico.com

You also have the right to lodge a complaint with your local data protection authority (in France: CNIL).

8. Cookies

Planelico uses only essential functional cookies (authentication session, language preference). No advertising or tracking cookies are used.

9. Data security

Data is stored on servers located in the European Union. Communications are encrypted via HTTPS/TLS. Passwords are hashed and never stored in plain text. Access to production databases is restricted to authorized personnel only.

10. Contact

For any questions about this privacy policy: contact@planelico.com.