Privacy Policy

Introduction

LABOR CONTROL, publisher of the Cards Control application, is committed to protecting the privacy of its service users. This privacy policy explains how we collect, use, share, and protect your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

2. Data Collected

We collect the following categories of data:

• Identification data: name, first name, profile photo
• Contact data: email, phone, address
• Professional data: company, position, website, social networks
• Technical data: IP address, browser type, device used
• Usage data: card sharing statistics, connection history

3. Processing Purposes

• Management of your user account
• Creation and sharing of digital business cards
• Management of your professional contacts
• Statistics and analytics of your cards
• Customer support and service improvement
• Compliance with legal and contractual obligations

4. Legal Basis for Processing

• Contract performance: processing necessary to provide our services
• Consent: for non-essential cookies and marketing communications
• Legitimate interest: improvement of our services, security
• Legal obligation: retention of billing data

5. Data Recipients

Your data may be transmitted to:

• Firebase/Google Cloud: hosting and authentication
• Stripe: payment processing
• CRM Services: only if you enable the integration (HubSpot, Salesforce, etc.)

6. Transfers Outside the EU

Some of our subcontractors (Google/Firebase, Stripe) may process data in the United States. These transfers are governed by standard contractual clauses approved by the European Commission or by the EU-US Data Privacy Framework (DPF).

7. Data Retention Period

• Account data: retained during service use + 3 years after account deletion
• Analytics data: 25 months maximum
• Billing data: 10 years (legal obligation)

8. Your Rights

Under GDPR, you have the following rights:

• Right of access: obtain a copy of your data
• Right to rectification: correct inaccurate data
• Right to erasure: request deletion of your data
• Right to restriction: limit processing of your data
• Right to data portability: receive your data in a structured format
• Right to object: object to processing of your data

To exercise your rights, contact us at: Contact@labor-control.fr

You can also file a complaint with the CNIL (French Data Protection Authority): www.cnil.fr

9. Data Security

We implement appropriate technical and organizational measures to protect your data: AES-256 encryption, secure authentication (JWT), restricted data access, regular security audits, hosting on ISO 27001 certified infrastructure.

10. Cookies

For more information about cookie usage, please see our Cookie Policy.

11. Changes

We may modify this privacy policy at any time. In case of substantial changes, we will notify you by email or notification in the application.