Skip to content
Negotiaelle← Negotiaelle

Privacy Policy

Last updated: 24 April 2026

Plain-language summary; please review with your own legal counsel before launch.

Negotiaelle ("we", "us") is committed to protecting your personal data. This policy explains what we collect, why, the legal bases we rely on, and the rights you have under the EU/UK GDPR. Negotiaelle is currently a pre-launch waitlist — we collect only what's needed to keep you informed.

1. Who we are

Negotiaelle is the data controller for the personal data described here. For any privacy question, or to exercise the rights set out in section 8, contact us via our support page.

2. Data we collect

We collect only what's needed to run the waitlist and respond to support requests:

  • Email address — to add you to the waitlist and notify you when Negotiaelle launches.
  • Optional preferred language — captured from your browser when you submit the form, used to localise the emails we send you.
  • Support ticket content — the email and message you submit on our support page, plus an order reference if you provide one.
  • Email delivery logs — message IDs and delivery status from our email provider, used for support and deliverability.
  • Basic technical data — IP address, browser type and pages viewed, kept in short-lived server logs for security and abuse prevention.
  • Analytics — aggregated, cookieless page views via Plausible, plus optional Google Analytics measurement (no advertising cookies).

3. Legal bases (GDPR Art. 6)

We process your data on the following bases:

  • Consent — to add you to the waitlist and send you launch updates. You can withdraw consent at any time via the unsubscribe link in any email.
  • Legitimate interests — fraud prevention, service security, and aggregated analytics to improve the product.
  • Performance of a contract — to handle your support requests when you contact us.

4. How we use your data

We use the information above to operate the waitlist, notify you when Negotiaelle becomes available, respond to your support requests, prevent fraud, and keep the service secure. We do not sell your data, and we do not use it to train AI models.

5. Third-party processors

We rely on a small number of trusted processors. Each is bound by a data processing agreement and processes data only on our instructions:

  • Lovable Cloud (Supabase, EU region) — application hosting and database (https://supabase.com/privacy).
  • Our email infrastructure — transactional email delivery from notify.negotiaelle.com (operated through Lovable Cloud).
  • Plausible Analytics — privacy-friendly, cookieless analytics (https://plausible.io/privacy).
  • Google Analytics — optional measurement, configured without advertising features (https://policies.google.com/privacy).
  • Google Fonts — font delivery for the website.

6. International transfers

Your data is stored in the European Union by default. Where a processor is located outside the EU/UK, transfers are protected by the European Commission's Standard Contractual Clauses and supplementary measures where required.

7. Retention

We keep personal data only as long as needed:

  • Waitlist subscriber records — until you unsubscribe, after which your address is moved to a suppression list (see below).
  • Support tickets and messages — up to 24 months after the last activity on the ticket.
  • Email delivery logs — 12 months.
  • Suppression list (people who unsubscribed) — kept indefinitely so we don't email you again by mistake.
  • Server logs — up to 30 days.

8. Your rights

Under the EU/UK GDPR you have the right to:

  • Access the personal data we hold about you.
  • Have inaccurate data rectified.
  • Request erasure of your data, subject to our legal retention obligations.
  • Restrict or object to certain processing.
  • Receive your data in a portable, machine-readable format.
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with your local supervisory authority (in France, the CNIL — www.cnil.fr).

How to exercise these rights

Get in touch via our support page from the address linked to your subscription. We'll respond within one month, as required by GDPR.

9. Cookies and tracking

We use only essential cookies needed to make the site work (for example, to remember your language). We do not use advertising cookies. Plausible Analytics is cookieless. Google Analytics, where enabled, runs without advertising features.

10. Security

Data is transmitted over TLS, encrypted at rest, and access is restricted to authorised personnel on a need-to-know basis. We review our security practices regularly. No system is 100% secure; if we ever suffer a personal data breach affecting your rights, we will notify you and the relevant supervisory authority as required by law.

11. Changes to this policy

We may update this policy from time to time. The "last updated" date at the top reflects the most recent change. Material changes will be communicated by email where appropriate.