Privacy Policy
Last updated: March 16, 2026
1. Data Controller
The controller responsible for personal data collected through Geovise is:
- Name: Valentin Bracq
- Status: Sole trader (micro-entrepreneur, France)
- SIRET: 991 105 602 00015
- Email: support@geovise.app
2. Data We Collect
- Account data: email address and password (stored as a secure hash, never readable).
- Service usage data: website URLs and company names you submit for GEO analysis.
- Billing data: managed directly by Stripe — Geovise does not store your payment card details.
We do not collect sensitive data as defined under Article 9 of the GDPR.
3. Purposes and Legal Bases
| Purpose | Legal basis (GDPR) |
|---|---|
| Providing the service (diagnostics, scores, solutions) | Performance of contract — Art. 6(1)(b) |
| Subscription and billing management | Performance of contract — Art. 6(1)(b) |
| Transactional emails (confirmations, invoices) | Performance of contract — Art. 6(1)(b) |
| Service improvement and security | Legitimate interest — Art. 6(1)(f) |
| Compliance with legal obligations | Legal obligation — Art. 6(1)(c) |
4. Data Retention
- Account and usage data: retained for the duration of the account, then deleted within 30 days of account closure.
- Billing data: retained for 10 years from the transaction date, in accordance with French accounting obligations.
5. Data Recipients
Your data may be shared with the following sub-processors solely for the purpose of providing the service:
| Provider | Role | Location |
|---|---|---|
| Supabase Inc. | Database storage | United States |
| Vercel Inc. | Application hosting | United States |
| OpenAI (ChatGPT) | AI visibility diagnostics (URL and company name only) | United States |
| Anthropic (Claude) | AI visibility diagnostics (URL and company name only) | United States |
| Google (Gemini) | AI visibility diagnostics (URL and company name only) | United States |
| Stripe Inc. | Payment and subscription management | United States |
We never sell your data to third parties.
6. International Data Transfers
Several of our sub-processors are based in the United States. These transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46 of the GDPR, ensuring an adequate level of protection for your data.
7. Security
We protect your data with appropriate technical and organisational measures: password hashing, database Row-Level Security (RLS), restricted access, and HTTPS encryption for all communications.
8. Cookies
Geovise does not use tracking or advertising cookies. Session management uses browser localStorage. No cookie consent is required.
Our payment provider Stripe may set technical cookies during the checkout flow, strictly necessary to secure transactions.
9. Your Rights
Under the GDPR you have the following rights over your personal data:
- Right of access (Art. 15) — obtain a copy of your data.
- Right to rectification (Art. 16) — correct inaccurate data.
- Right to erasure (Art. 17) — request deletion of your data.
- Right to data portability (Art. 20) — receive your data in a structured format.
- Right to object (Art. 21) — object to processing based on legitimate interest.
- Right to restriction (Art. 18) — restrict processing while a dispute is pending.
To exercise these rights, contact us at support@geovise.app. You may also delete your account and all associated data from the Settings page.
We will respond to all requests within one month.
10. Supervisory Authority
You have the right to lodge a complaint with the French data protection authority (CNIL):
- Website: www.cnil.fr
- Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
11. Changes to This Policy
We may update this policy to reflect changes to the service or legal requirements. The date at the top of this page shows the latest revision. We will notify you of material changes by email or by a prominent notice within the service.
12. Contact
For privacy questions or to exercise your rights: support@geovise.app.