Privacy Policy

• • [À COMPLÉTER : legal name]
• • Email: data@palettebuddy.com
• • DPO: data@palettebuddy.com

Your photos never leave your browser and are never stored on our servers.

• Email, username, password — authentication (contract)
• Gender, language, avatar — personalization (consent)
• Selected season, analysis history — service (contract)
• Name, billing address — invoicing (legal obligation)
• Subscription status, Stripe ID — subscription (contract)
• Technical logs — security (legitimate interest)

• Active account: while active, deletion within 30 days of request.
• Inactive account: auto-deletion after 36 months.
• Invoices: 10 years (legal obligation).
• Technical logs: max 12 months.

• Supabase (DB + auth) — EU.
• Stripe Payments Europe Ltd — Ireland.
• Lovable (frontend hosting) — EU.

No data is sold or shared for advertising purposes.

• Access, rectification, erasure, portability (export JSON in "My account"), objection.
• Withdraw consent anytime.
• Complaint to CNIL: https://www.cnil.fr/fr/plaintes

Only strictly necessary technical cookies (auth + language). No tracking.

HTTPS/TLS encryption. Passwords hashed (bcrypt). Row-level security on database.

The Service is restricted to users 15+ (French digital consent age).

For any question: data@palettebuddy.com