Privacy Policy
Last updated: January 23, 2026
1. Data Controller
GO PROTECT
Simplified Joint Stock Company (SAS)
4 Allée du Colonel Fabien, APP 2064
93320 Les Pavillons-sous-Bois, France
Data protection contact:
Email: [email protected]
2. Data Collected
2.1 Data You Provide
| Category | Data | Purpose |
|---|---|---|
| Identification | Name, surname, email | Account creation and management |
| Professional | Company, SIRET, address, phone | Billing, support |
| Billing | Payment information | Payment processing (via Stripe) |
| Business content | Quotes, invoices, clients, contacts | Service provision |
2.2 Automatically Collected Data
| Category | Data | Purpose |
|---|---|---|
| Connection | IP address, connection date/time | Security, logs |
| Device | Device type, OS, app version | Compatibility, technical support |
| Usage | Features used, errors encountered | Service improvement |
3. Legal Basis
We process your data on the following legal bases:
- Contract performance (Art. 6.1.b GDPR): provision of the Link service
- Legal obligation (Art. 6.1.c GDPR): invoice retention, tax obligations
- Legitimate interest (Art. 6.1.f GDPR): service improvement, security, support
- Consent (Art. 6.1.a GDPR): marketing communications, non-essential cookies
4. Data Sharing
4.1 We Never Sell Your Data
GO PROTECT does not sell, rent or share your personal data for advertising or commercial purposes with third parties.
4.2 Sharing Necessary for Service
| Recipient | Purpose | Location |
|---|---|---|
| Stripe | Payment processing | USA (Data Privacy Framework) |
| OVH | Data hosting | France |
| Cloudflare | CDN, security | USA (Standard Contractual Clauses) |
5. Data Security
We implement technical and organizational measures to protect your data:
- Encryption: data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Restricted access: limited access to employees with need to know
- Authentication: hashed passwords (bcrypt), two-factor authentication available
- Backups: encrypted daily backups
- Monitoring: 24/7 infrastructure monitoring
6. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Contract duration + 3 years |
| Business content (quotes, invoices) | Contract duration + 30 days after termination |
| Billing data | 10 years (legal accounting obligation) |
| Connection logs | 1 year |
| Cookies | 13 months maximum |
7. Your Rights
Under GDPR, you have the following rights:
- Right of access: obtain a copy of your personal data
- Right to rectification: correct inaccurate or incomplete data
- Right to erasure: request deletion of your data
- Right to restriction: limit processing of your data
- Right to portability: receive your data in a structured format
- Right to object: object to processing of your data
- Right to withdraw consent: at any time for consent-based processing
How to Exercise Your Rights
To exercise your rights, contact us at:
Email: [email protected]
Mail: GO PROTECT - Data Protection
4 Allée du Colonel Fabien, APP 2064
93320 Les Pavillons-sous-Bois, France
8. Complaint to Supervisory Authority
If you believe the processing of your personal data violates GDPR, you have the right to lodge a complaint with the French Data Protection Authority (CNIL):
CNIL
3 Place de Fontenoy, TSA 80715
75334 Paris Cedex 07, France
www.cnil.fr
9. Contact
Data Protection Officer
GO PROTECT
4 Allée du Colonel Fabien, APP 2064
93320 Les Pavillons-sous-Bois, France
Email: [email protected]