Your privacy is important to us. This policy explains how we collect, use, and protect your personal data in accordance with the GDPR.
1. Data Controller
The data controller is:
- Name: EasyReportGen
- Contact: Contact form
- Website: https://easyreportgen.com
2. Data Collected
2.1 Data you provide to us
User Account
First name, last name, email address, password (encrypted)
Company Profile
Company name, address, phone number, registration number, logo
Reports
Content of the reports you create (client information, observations, photos)
Payment
Billing information (processed by Stripe; we do not store your card numbers)
2.2 Data collected automatically
- Technical data: IP address, browser type, operating system
- Usage data: Pages visited, features used, date and time of access
- Cookies: See the dedicated section below
3. Purposes and Legal Bases
| Purpose | Legal Basis |
|---|---|
| Provide the service (report creation, storage) | Performance of contract |
| Manage your account and subscription | Performance of contract |
| Process payments | Performance of contract |
| Send service emails (invoices, updates) | Legitimate interest |
| Improve the service (usage analytics) | Legitimate interest |
| Prevent fraud and secure the service | Legitimate interest |
| Comply with legal obligations | Legal obligation |
4. Data Sharing
We never sell your personal data. We may share your data with:
- Stripe: For payment processing (secure, PCI-DSS certified)
- Hosting provider (OVH/Scaleway): To store your data on servers in Europe (EU)
- Authorities: If required by law (court order)
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account data | Duration of registration + 3 years after account deletion |
| Reports | Duration of registration + 1 year after account deletion |
| Billing data | 10 years (legal accounting obligation) |
| Connection logs | 1 year |
6. Your Rights (GDPR)
In accordance with the General Data Protection Regulation, you have the following rights:
Right of Access
Obtain a copy of your personal data
Right to Rectification
Correct inaccurate data
Right to Erasure
Request the deletion of your data ("right to be forgotten")
Right to Data Portability
Receive your data in a structured format (JSON)
Right to Object
Object to the processing of your data
Right to Restriction
Restrict processing in certain cases
To exercise these rights, contact us via the form. We will respond within 30 days.
7. Cookies
7.1 Essential cookies (always active)
- Session: Maintain your login session
- Preferences: Save your choices (theme, language)
7.2 Analytics cookies (optional)
We may use analytics tools to understand how the service is used. This data is anonymized.
8. Security
We implement appropriate security measures:
- HTTPS encryption (TLS 1.3) for all communications
- Passwords hashed with bcrypt
- Secure session tokens
- Servers hosted in the European Union
- Regular encrypted backups
- Restricted data access (principle of least privilege)
9. International Transfers
Your data is stored on servers located in the European Union. We do not transfer your data outside the EU, except:
- Stripe (US): Transfer governed by the European Commission's Standard Contractual Clauses
10. Minors
EasyReportGen is not intended for persons under 16 years of age. We do not knowingly collect data from minors.
11. Changes
We may modify this policy at any time. Significant changes will be notified by email. The date of the last update is indicated at the top of this page.
12. Complaints
If you believe that your rights are not being respected, you may file a complaint with your national data protection authority. For EU residents, you can find your local authority at:
- EU DPA list: European Data Protection Board - Members
- France (CNIL): www.cnil.fr - 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07
Questions about your data?
Our team is available to answer your questions regarding the protection of your personal data.
Contact us