Basedig
Sign Up Sign In

Try Basedig free

Create an account to test the service — it only takes a minute.

Create your free account Sign in

privacy

Privacy Policy

Last updated: [DATE]

Note: This document is a template prepared for the Basedig Services platform. It must be reviewed and completed by a qualified legal or data-protection professional before publication. Items in [BRACKETS] require your specific company information.

1. Introduction

This Privacy Policy explains how [COMPANY LEGAL NAME] ("Basedig Services", "we", "us") collects, uses, stores and protects personal data when you use the website https://basedigservices.com and its applications, including Reportomator and RFQ Automator (together, the "Services").

We are committed to processing personal data in accordance with Regulation (EU) 2016/679 (the "GDPR") and the French Data Protection Act (Loi n° 78-17 du 6 janvier 1978, "Loi Informatique et Libertés").

By using the Services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller for the processing described here is:

  • [COMPANY LEGAL NAME], [LEGAL FORM]
  • Registered office: [STREET ADDRESS], [POSTAL CODE] Paris, France
  • Email: contact@basedigservices.com
  • Data protection contact / DPO (if appointed): [DPO NAME / EMAIL]

3. Data We Collect

We collect the following categories of personal data, depending on how you use the Services.

3.1 Account and identification data

  • Name, email address, password (stored in hashed form), and authentication credentials.
  • Account preferences and settings.

3.2 Company and accounting data

When you use Reportomator, you may upload or generate data relating to companies, including:
- Company identifiers (e.g. SIREN), names and structural information.
- Accounting entries, FEC files, chart-of-accounts data, reporting nodes, charts, templates and related financial information.

This data may incidentally contain personal data (for example, where an accounting entry refers to an identified individual). You are responsible for ensuring you have a lawful basis to upload such data.

3.3 Billing and payment data

  • Billing name and address.
  • Subscription and transaction history.
  • Payment processing is handled by Stripe. We do not store full card numbers on our servers; card data is processed directly by Stripe under its own privacy terms.

3.4 Technical and usage data

  • IP address, browser type, device and operating system information.
  • Log data, activity records (e.g. user actions logged within the application), access timestamps and error reports.
  • Cookies and similar technologies (see Section 9).

4. Purposes and Legal Bases

Purpose Legal basis (GDPR Art. 6)
Creating and managing your account Performance of a contract
Providing the Services (reporting, RFQ automation, etc.) Performance of a contract
Processing payments and managing subscriptions Performance of a contract / Legal obligation
Ensuring security, preventing fraud and abuse Legitimate interest
Maintaining activity logs and audit trails Legitimate interest / Legal obligation
Responding to support requests Performance of a contract / Legitimate interest
Sending service-related communications Performance of a contract
Sending marketing communications (where applicable) Consent
Complying with accounting, tax and legal obligations Legal obligation

5. How We Use Accounting Data

Accounting and financial data you upload is used solely to provide the Services to you — for example, to compute reporting node values, generate reports, charts and dashboards. We do not sell this data and do not use it for advertising. Data is processed on a per-user basis and access is restricted to your own account.

6. Data Sharing and Recipients

We do not sell personal data. We may share data with:

  • Hosting provider: OVH SAS (France), where the Services are hosted.
  • Payment processor: Stripe, for payment and subscription management.
  • Email provider: OVH Email Pro, for transactional and service emails.
  • Service providers and subprocessors acting on our behalf and under contract (e.g. infrastructure, monitoring).
  • Authorities, where required by law or to protect our legal rights.

A list of subprocessors is available on request at contact@basedigservices.com.

7. International Transfers

Personal data is primarily stored and processed within the European Union. Where a recipient (such as a payment processor) processes data outside the EU/EEA, such transfers are governed by appropriate safeguards (e.g. Standard Contractual Clauses or an adequacy decision).

8. Data Retention

We retain personal data only for as long as necessary for the purposes described above:

  • Account data: for the duration of your account, then deleted or anonymized within [RETENTION PERIOD — e.g. 12 months] of account closure.
  • Accounting and uploaded data: for the duration of your account, unless you delete it earlier through the Services.
  • Billing records: retained for the period required by accounting and tax law (in France, generally 10 years).
  • Technical logs: retained for [RETENTION PERIOD — e.g. 6 to 12 months].

9. Cookies

We use cookies and similar technologies to operate the Services and to remember your session and preferences. We distinguish between:

  • Strictly necessary cookies (e.g. authentication, security), which do not require consent.
  • Functional, analytics or marketing cookies (if used), which are placed only with your consent.

You can manage your preferences through your browser settings and, where provided, through our cookie banner.

10. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data.
  • Rectify inaccurate or incomplete data.
  • Erase your data ("right to be forgotten").
  • Restrict or object to processing.
  • Data portability.
  • Withdraw consent at any time, where processing is based on consent.
  • Define directives regarding the fate of your data after death.

To exercise these rights, contact us at contact@basedigservices.com. We will respond within the timeframe required by law (generally one month).

You also have the right to lodge a complaint with the French supervisory authority:

  • Commission Nationale de l'Informatique et des Libertés (CNIL)
  • 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
  • https://www.cnil.fr

11. Data Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit (HTTPS/TLS), hashed password storage, access controls, user-scoped data isolation, and regular backups. No method of transmission or storage is fully secure, and we cannot guarantee absolute security.

12. Children

The Services are not directed at children under the age of [AGE — e.g. 16], and we do not knowingly collect data from them.

13. Changes to This Policy

We may update this Privacy Policy from time to time. The "Last updated" date reflects the latest revision. Material changes will be notified through the Services or by email.

14. Contact

For any question about this Privacy Policy or your data:

  • Email: contact@basedigservices.com
  • Postal address: [COMPANY LEGAL NAME], [STREET ADDRESS], [POSTAL CODE] Paris, France

Ready to get started?

Sign up and start using Basedig in minutes.

Create your free account