Privacy Policy

1. Data Controller

Vitrin is published by Ludovic Fussen (sole trader). For any data-related question: info@vitrin-catalog.com

2. Data Collected

Vitrin only collects data necessary for the service to function:

• Email and password (authentication)
• Company name and URL slug
• Logo and brand settings (optional)
• Catalog content (products, images, descriptions)
• Quote requests received (names, emails, phones of end customers)
• Payment information — processed directly by Stripe, not stored by Vitrin

3. Legal Basis for Processing

4. Cookies

Vitrin only uses cookies strictly necessary for operation. No tracking, advertising or third-party analytics cookies are used.

As these cookies are strictly necessary, no explicit consent is required (ePrivacy Directive, CNIL interpretation).

5. Sub-processors and Hosting

Vitrin uses the following sub-processors. All data is hosted in Europe.

6. Data Retention

• Account data: until account deletion
• Catalog and quote data: until account deletion
• Billing data: 10 years (legal accounting obligation)
• After account deletion: all data is erased within 30 days

7. Your Rights (GDPR)

Under GDPR, you have the following rights:

• Right of access — obtain a copy of your data
• Right to rectification — correct inaccurate data
• Right to erasure — delete your account and data
• Right to portability — receive your data in a readable format
• Right to object — object to certain processing activities
• Right to complain — to the CNIL (cnil.fr) or your local authority

Account deletion is available directly from your settings. For any other request: info@vitrin-catalog.com

8. Changes to This Policy

Vitrin may update this policy at any time. The last updated date is shown at the top of this page. Continued use of the service after changes constitutes acceptance.