Privacy Policy

Last updated: January 2025

1. Introduction

Decimly ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal data when you use our marketing campaign tracking platform. We operate in compliance with the General Data Protection Regulation (GDPR) and applicable French data protection laws.

2. Data Controller

Decimly is operated by an individual auto-entrepreneur registered in France. For any privacy-related inquiries, please contact us at support@decimly.com

3. Data We Collect

We collect the following categories of personal data:

  • Account Information: Email address, first name, and last name
  • Payment Data: Processed securely by Stripe (we do not store card details)
  • Campaign Data: Marketing metrics, descriptions, and performance data you enter
  • Usage Data: How you interact with our Service (via analytics)
  • Technical Data: IP address, browser type, device information

4. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To provide and maintain our platform
  • AI Analysis: To generate insights and recommendations for your campaigns
  • Account Management: To manage your subscription and billing
  • Customer Support: To respond to your inquiries and provide assistance
  • Product Improvement: To analyze usage patterns and improve our Service
  • Communication: To send service-related notifications and updates

5. Legal Basis for Processing

We process your personal data based on:

  • Contract Performance: Processing necessary to provide our Service
  • Legitimate Interests: For product improvement and security
  • Consent: For analytics and marketing communications
  • Legal Obligations: To comply with applicable laws

6. Third-Party Services

We share data with the following third-party service providers:

  • Stripe: Payment processing
  • Anthropic: AI-powered campaign analysis
  • Supabase: Database and authentication services
  • Vercel: Hosting and infrastructure
  • Google Analytics: Website analytics
  • Microsoft Clarity: User behavior analytics

These providers process data on our behalf and are contractually bound to protect your data.

7. Data Retention

We retain your personal data for as long as your account is active or as needed to provide our Service. When you delete your account, we will delete or anonymize your personal data within 30 days, except where retention is required for legal purposes or to resolve disputes.

8. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of data processing
  • Right to Data Portability: Receive your data in a portable format
  • Right to Object: Object to certain types of processing
  • Right to Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at support@decimly.com

9. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure data storage, and access controls. However, no method of transmission over the Internet is 100% secure.

10. International Data Transfers

Your data may be transferred to and processed in countries outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

11. Children's Privacy

Our Service is not intended for users under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

13. Supervisory Authority

If you believe we have not adequately addressed your privacy concerns, you have the right to lodge a complaint with a supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL).

14. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at support@decimly.com