Privacy policy

When you create an account and use the service, we collect: first and last name, professional email address, company name and billing address, payment information (handled by our partner Stripe, never stored on our systems), technical connection logs (IP address, user agent, timestamps), and anonymization job metadata (without the content of source databases).

Data is processed to: provide and bill the subscribed service, ensure platform security and detect abusive use, inform you of important service evolutions, send you commercial communications with your consent (revocable at any time).

Service contract performance (article 6(1)(b) GDPR) for data strictly necessary to provide the service. Legal obligation (article 6(1)(c) GDPR) for accounting and tax obligations. Legitimate interest (article 6(1)(f) GDPR) for security and fraud detection. Consent (article 6(1)(a) GDPR) for commercial communications.

Account data: during subscription then 3 years from termination for contractual obligations, or 10 years for accounting records. Technical logs: 12 months. Browsing data and cookies: per your consent settings (see cookie policy).

You have rights of access, rectification, erasure, restriction, portability and objection under GDPR. You can exercise these rights by writing to privacy@anonyx.io. You also have the right to file a complaint with the CNIL (www.cnil.fr) or your national supervisory authority.

No transfer of your personal data is made outside the European Union. Our entire infrastructure and our technical subcontractors (hosting, transactional email) are EU-based and not subject to the US CLOUD Act.

Anonyx applies appropriate technical and organizational measures: encryption in transit (TLS 1.3) and at rest (AES-256-GCM), multi-factor authentication, environment isolation, regular security audits, business continuity plan.