A
audio dealsAlert

Privacy Policy

Last update: 03/18/2025

In compliance with GDPR (General Data Protection Regulation), this policy explains how Audio Deals Alert collects, uses, and protects your personal data.

1. Data Controller

The data controller for your personal information is:

SAS Boring Vic

  • Address: 5 rue Henri le Chatelier, 38000 Grenoble, France
  • Registration: Grenoble Trade Register #978 440 972
  • Contact: info@audiodealsalert.com

2. Data We Collect

2.1 Account Information

When you create an account, we collect:

  • Email address (required)
  • Name (optional)
  • Password (encrypted with bcrypt)
  • Account creation date
  • Last login timestamp

2.2 OAuth Information

If you sign up with Google OAuth, we collect:

  • Google account ID
  • Email address
  • Name
  • Profile picture URL

2.3 Usage Data

We collect information about how you use our service:

  • Products you track (SKUs, product names)
  • Notification history (sent emails, open/click events)
  • Email engagement (opens, clicks, bounces)
  • Dashboard activity
  • Login history

2.4 Technical Data

We automatically collect technical information:

  • IP address
  • Browser type and version
  • Device information
  • Session data
  • Cookie data (session cookies only)

3. How We Use Your Data

3.1 Service Delivery

  • Send B-Stock alert notifications for products you track
  • Manage your account and authenticate your identity
  • Provide access to your dashboard and watchlist
  • Process your product tracking requests

3.2 Service Improvement

  • Analyze email engagement to optimize notification timing
  • Monitor service performance and reliability
  • Identify and fix technical issues
  • Improve product recommendations

3.3 Communications

  • Send B-Stock alerts (twice daily at 10:00 and 16:00 your local time)
  • Send account-related notifications (security, updates)
  • Respond to your support requests
  • Send service announcements (optional, with consent)

3.4 Legal Compliance

  • Comply with legal obligations
  • Prevent fraud and abuse
  • Protect our rights and those of our users

4. Legal Basis for Processing

We process your data based on:

  • Contract: Processing necessary to provide the service you requested
  • Consent: You explicitly consent to receive marketing communications
  • Legitimate Interest: Service improvement and fraud prevention
  • Legal Obligation: Compliance with applicable laws

5. Data Sharing

We share your data with:

Service Providers:

  • Neon (database hosting - AWS US East)
  • Vercel (web hosting)
  • AWS SES (email delivery - EU West)
  • Upstash Redis (caching - optional)

Affiliate Partner:

  • Thomann (receives click data when you visit product links)

Analytics (Optional):

  • PostHog (usage analytics) - only if configured

We never sell your personal data to third parties. All service providers are contractually bound to protect your data and use it only for the specified purposes.

6. Data Retention

We retain your data for the following periods:

  • Account data: Until you delete your account
  • Email events: 90 days after sending
  • Product history: 90 days
  • Analytics data: 12 months
  • Logs: 30 days

After account deletion, we permanently remove all personal data within 30 days, except where retention is required by law.

7. Your Rights (GDPR)

You have the following rights regarding your data:

Right of Access

Request a copy of your personal data in JSON format

Use: Dashboard → Export Data or email us

Right of Rectification

Update or correct inaccurate information

Use: Dashboard → Account Settings

Right to Erasure ("Right to be Forgotten")

Request deletion of your account and all data

Use: Dashboard → Delete Account or email us

Right to Data Portability

Receive your data in a structured, machine-readable format

Use: Dashboard → Export Data

Right to Object

Object to processing of your data for marketing purposes

Use: Unsubscribe link in any email

Right to Withdraw Consent

Withdraw consent for marketing communications at any time

Use: Dashboard → Email Preferences

To exercise any of these rights, contact us at: info@audiodealsalert.com

We will respond to your request within 30 days.

8. Data Security

We implement industry-standard security measures to protect your data:

  • HTTPS/TLS encryption for all data in transit
  • Database encryption at rest (Neon PostgreSQL)
  • Bcrypt password hashing (cost factor 10)
  • Secure session management with HTTP-only cookies
  • Regular security audits and updates
  • Access controls and authentication requirements
  • Rate limiting to prevent abuse

However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

9. International Data Transfers

Your data may be transferred to and stored in countries outside the European Economic Area (EEA):

  • Database (Neon): AWS US East (Ohio) - GDPR-compliant with standard contractual clauses
  • Email (AWS SES): EU West (Paris) - data stays in EU
  • Hosting (Vercel): Distributed globally - GDPR-compliant

All transfers are protected by appropriate safeguards in accordance with GDPR (standard contractual clauses, Privacy Shield successor frameworks).

10. Cookies

We use the following types of cookies:

Essential Cookies (Required)

  • Session cookies: Maintain your login state
  • CSRF tokens: Prevent cross-site request forgery

Optional Analytics Cookies

  • PostHog analytics (if enabled): Track usage patterns

We do not use third-party advertising cookies. You can disable non-essential cookies in your browser settings, though this may affect service functionality.

11. Children's Privacy

Our service is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at info@audiodealsalert.com and we will delete it immediately.

12. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.

Last update date is shown at the top of this page.

13. Data Breach Notification

In the event of a data breach that affects your personal data, we will notify you and the relevant supervisory authority within 72 hours, as required by GDPR.

14. Supervisory Authority

If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the French data protection authority:

CNIL (Commission Nationale de l'Informatique et des Libertés)

3 Place de Fontenoy - TSA 80715

75334 Paris Cedex 07

Website: cnil.fr

15. Contact Us

For any questions about this privacy policy or your data:

Email: info@audiodealsalert.com

Mail: SAS Boring Vic, 5 rue Henri le Chatelier, 38000 Grenoble, France