Privacy Policy
Effective Date: November 1, 2025
Your privacy matters to us. This policy explains how we collect, use, and protect your personal data.
Introduction
Favicolor is committed to protecting your personal data. By using our service, you accept this privacy policy.
Data Controller
Organization: FirstTry Studio SASU
Address: 149 chemin du puits de la bastidasse, 13122 Ventabren
Contact: privacy@favicolor.com
Data Collected
3.1 Identification Data
- First and last name
- Email address
3.2 Connection Data
- IP address
- Browser type and version
- Connection dates and times
- Pages visited
3.3 Usage Data
- API calls and domains queried
- Favorite domains and preferences
- Service usage patterns
- Interactions with our platform
3.4 Payment Data
Payment data is processed directly by our provider Stripe. We do not store your banking information.
Processing Purposes
We use your data to:
- Provide and deliver our services
- Improve and optimize our services
- Personalize your user experience
- Manage accounts and orders
- Communicate with you (support, updates)
- Analyze usage and performance
- Comply with legal obligations
- Prevent fraud and ensure security
Legal Basis for Processing
- Contract execution: Processing necessary to provide our services
- User consent: For marketing communications and optional features
- Legitimate interests: Service improvement, fraud prevention, security
- Legal obligations: Compliance with applicable laws and regulations
Data Retention Periods
- Account data: 3 years after account closure
- Order data: 10 years (French accounting requirements)
- Cookies: 13 months maximum
- Connection logs: 1 year
Data Sharing
Service Providers
- Railway: Application hosting and infrastructure
- Railway (PostgreSQL): Database hosting and management
- Stripe: Secure payment processing
- Cloudflare: Content delivery and performance
- Resend: Email transmission and communications
- Umami (self-hosted): privacy.providerAnalytics
Legal Obligations
We may disclose your data when required by law or in response to valid legal requests from authorities.
International Transfers
Some of our service providers are located outside the European Union. These transfers are governed by appropriate safeguards such as standard contractual clauses approved by the European Commission.
Data Security
We implement appropriate technical and organizational measures to protect your data:
- Encryption of sensitive data in transit and at rest
- Secure authentication (OAuth 2.0, API keys)
- HTTPS protocol for all communications
- Regular backups and disaster recovery
- Restricted access to personal information
- Staff training on data protection
Your Rights (GDPR)
Under the General Data Protection Regulation (GDPR), you have the following rights:
- Right of access: Obtain copies of your personal data
- Right to rectification: Correct inaccurate or incomplete information
- Right to erasure: Request deletion of your personal data
- Right to restriction: Limit the processing of your data
- Right to data portability: Receive your data in a structured, machine-readable format
- Right to object: Object to the processing of your personal data
- Right to withdraw consent: Withdraw your consent at any time
To exercise your rights, contact: privacy@favicolor.com
Minors
Our service is not intended for persons under 16 years of age. We do not knowingly collect personal data from minors.
Policy Changes
We may update this privacy policy from time to time. Significant changes will be communicated via email or notification on our website.
Contact & Complaints
Support contact: support@favicolor.com
Address: 149 chemin du puits de la bastidasse, 13122 Ventabren
Regulatory authority:
French Data Protection Authority (CNIL) - www.cnil.fr