Privacy Policy
Last update: 03/18/2025
In compliance with GDPR (General Data Protection Regulation), this policy explains how Audio Deals Alert collects, uses, and protects your personal data.
1. Data Controller
The data controller for your personal information is:
SAS Boring Vic
- Address: 5 rue Henri le Chatelier, 38000 Grenoble, France
- Registration: Grenoble Trade Register #978 440 972
- Contact: info@audiodealsalert.com
2. Data We Collect
2.1 Account Information
When you create an account, we collect:
- Email address (required)
- Name (optional)
- Password (encrypted with bcrypt)
- Account creation date
- Last login timestamp
2.2 OAuth Information
If you sign up with Google OAuth, we collect:
- Google account ID
- Email address
- Name
- Profile picture URL
2.3 Usage Data
We collect information about how you use our service:
- Products you track (SKUs, product names)
- Notification history (sent emails, open/click events)
- Email engagement (opens, clicks, bounces)
- Dashboard activity
- Login history
2.4 Technical Data
We automatically collect technical information:
- IP address
- Browser type and version
- Device information
- Session data
- Cookie data (session cookies only)
3. How We Use Your Data
3.1 Service Delivery
- Send B-Stock alert notifications for products you track
- Manage your account and authenticate your identity
- Provide access to your dashboard and watchlist
- Process your product tracking requests
3.2 Service Improvement
- Analyze email engagement to optimize notification timing
- Monitor service performance and reliability
- Identify and fix technical issues
- Improve product recommendations
3.3 Communications
- Send B-Stock alerts (twice daily at 10:00 and 16:00 your local time)
- Send account-related notifications (security, updates)
- Respond to your support requests
- Send service announcements (optional, with consent)
3.4 Legal Compliance
- Comply with legal obligations
- Prevent fraud and abuse
- Protect our rights and those of our users
4. Legal Basis for Processing
We process your data based on:
- Contract: Processing necessary to provide the service you requested
- Consent: You explicitly consent to receive marketing communications
- Legitimate Interest: Service improvement and fraud prevention
- Legal Obligation: Compliance with applicable laws
5. Data Sharing
We share your data with:
Service Providers:
- Neon (database hosting - AWS US East)
- Vercel (web hosting)
- AWS SES (email delivery - EU West)
- Upstash Redis (caching - optional)
Affiliate Partner:
- Thomann (receives click data when you visit product links)
Analytics (Optional):
- PostHog (usage analytics) - only if configured
We never sell your personal data to third parties. All service providers are contractually bound to protect your data and use it only for the specified purposes.
6. Data Retention
We retain your data for the following periods:
- Account data: Until you delete your account
- Email events: 90 days after sending
- Product history: 90 days
- Analytics data: 12 months
- Logs: 30 days
After account deletion, we permanently remove all personal data within 30 days, except where retention is required by law.
7. Your Rights (GDPR)
You have the following rights regarding your data:
Right of Access
Request a copy of your personal data in JSON format
Use: Dashboard → Export Data or email us
Right to Erasure ("Right to be Forgotten")
Request deletion of your account and all data
Use: Dashboard → Delete Account or email us
Right to Data Portability
Receive your data in a structured, machine-readable format
Right to Object
Object to processing of your data for marketing purposes
Use: Unsubscribe link in any email
Right to Withdraw Consent
Withdraw consent for marketing communications at any time
To exercise any of these rights, contact us at: info@audiodealsalert.com
We will respond to your request within 30 days.
8. Data Security
We implement industry-standard security measures to protect your data:
- HTTPS/TLS encryption for all data in transit
- Database encryption at rest (Neon PostgreSQL)
- Bcrypt password hashing (cost factor 10)
- Secure session management with HTTP-only cookies
- Regular security audits and updates
- Access controls and authentication requirements
- Rate limiting to prevent abuse
However, no method of transmission over the internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.
9. International Data Transfers
Your data may be transferred to and stored in countries outside the European Economic Area (EEA):
- Database (Neon): AWS US East (Ohio) - GDPR-compliant with standard contractual clauses
- Email (AWS SES): EU West (Paris) - data stays in EU
- Hosting (Vercel): Distributed globally - GDPR-compliant
All transfers are protected by appropriate safeguards in accordance with GDPR (standard contractual clauses, Privacy Shield successor frameworks).
10. Cookies
We use the following types of cookies:
Essential Cookies (Required)
- Session cookies: Maintain your login state
- CSRF tokens: Prevent cross-site request forgery
Optional Analytics Cookies
- PostHog analytics (if enabled): Track usage patterns
We do not use third-party advertising cookies. You can disable non-essential cookies in your browser settings, though this may affect service functionality.
11. Children's Privacy
Our service is not intended for users under 18 years of age. We do not knowingly collect personal data from children. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at info@audiodealsalert.com and we will delete it immediately.
12. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes by email or through a notice on our website. Your continued use of the service after changes constitutes acceptance of the updated policy.
Last update date is shown at the top of this page.
13. Data Breach Notification
In the event of a data breach that affects your personal data, we will notify you and the relevant supervisory authority within 72 hours, as required by GDPR.
14. Supervisory Authority
If you believe we have not adequately addressed your concerns, you have the right to lodge a complaint with the French data protection authority:
CNIL (Commission Nationale de l'Informatique et des Libertés)
3 Place de Fontenoy - TSA 80715
75334 Paris Cedex 07
Website: cnil.fr
15. Contact Us
For any questions about this privacy policy or your data:
Email: info@audiodealsalert.com
Mail: SAS Boring Vic, 5 rue Henri le Chatelier, 38000 Grenoble, France