1. Data controller
Entreprendre.Blog, contact@entreprendre.blog.
2. Data collected
When using the Platform, we may collect:
- Email address (mandatory to start a journey and receive the file).
- Voluntary project info (idea, market, business model, team, traction).
- Payment data: transmitted directly to Stripe; we do not store card number or CVV.
- Technical data: IP address, user-agent, server logs (30 days).
3. Purposes and legal bases
We process data for:
- Contract performance (Art. 6.1.b GDPR).
- Legal obligation: invoicing, accounting (Art. 6.1.c GDPR).
- Legitimate interest: service improvement, abuse prevention (Art. 6.1.f GDPR).
- Consent: non-transactional emails — revocable at any time (Art. 6.1.a GDPR).
4. Subprocessors
We use:
- Hostinger (VPS hosting, EU).
- Stripe Payments Europe Limited (payment, Ireland).
- Anthropic via LiteLLM (AI generation; no training on user data).
- Resend (transactional emails).
5. Retention
Session and deliverable data: kept for the validity period of the chosen plan, plus 1 year for support.
Billing data: 10 years (legal obligation).
6. Your rights (GDPR)
Articles 15–22 GDPR: access, rectification, erasure, restriction, opposition, portability. Contact: contact@entreprendre.blog. Response within 30 days. Complaints: CNIL (cnil.fr).
7. Cookies
We use strictly necessary cookies (theme, language) and a technical session identifier (admin space only).
No third-party tracking or advertising cookies are set without consent.
8. Security
Data is stored on an EU VPS, SSH key access only, encrypted filesystem, HTTPS enforced via Traefik. Payments via Stripe (PCI DSS Level 1).
9. Contact
contact@entreprendre.blog