Privacy Policy

Who we are

The data controller is Marc Reverdin, sole proprietorship (ditta individuale), Italy — VAT IT17458801002 — mr@reverdin.eu.

What we collect

• Account data: name, email address, hashed password (never stored in clear text).
• Subscription data: plan, billing status. Payments are processed by Stripe — we never see or store your card details.
• Technical data: session cookies (strictly necessary for sign-in), server logs (IP, user agent) kept for security.

We use no advertising trackers and no third-party analytics. The only cookies set are essential session cookies.

Why we process it (legal basis)

• Providing the service you signed up for — performance of contract (Art. 6(1)(b) GDPR).
• Billing and accounting — legal obligation (Art. 6(1)(c)).
• Service security and abuse prevention — legitimate interest (Art. 6(1)(f)).

Who receives your data

Stripe (payment processing, PCI-DSS certified) and Hetzner Online GmbH (hosting, Germany). Your data is hosted in the European Union. We do not sell or share your data with anyone else.

How long we keep it

Account data: for the life of your account, deleted within 30 days of account deletion. Billing records: 10 years (legal obligation). Server logs: 12 months.

Your rights

Under the GDPR you can access, rectify, erase, restrict or port your data, and object to processing. Write to mr@reverdin.eu — we respond within 30 days. You may also lodge a complaint with your supervisory authority (in Italy, the Garante per la protezione dei dati personali).

Legal Notice · Terms of Service