GDPR & right to be forgotten
Prospect export in JSON, complete erasure via one API call, unique unsub token per recipient compliant with RFC 8058. 7-day grace window, forensic audit kept outside the tenant.
Security
GDPR compliance , article by article.
Not a marketing page. A technical map of what the law requires and what we actually implemented to respect it — code in hand.
06 —
Security & GDPR
Hosted in France, encrypted in transit and at rest.
No vague promise. Here's exactly what we encrypt, where we store it, and how we prove we're not cheating — audited code, public migrations.
SHA-256 audit log
Every sensitive mutation appends a hashed link to the chain. Any alteration is detectable, exportable to the DPO in signed JSON. Retained 5 years.
One PG database per tenant
Isolation at the PostgreSQL engine layer — no shared schema, no shared row-level security. Physical separation between clients, guaranteed by migration.
AES-256-GCM encryption
API keys, SMTP/IMAP passwords and webhook secrets encrypted with a master key you keep at home. Sovereign hosting FR · Germany · Netherlands, never outside the EU.
- SPF · DKIM · DMARC verified
- Weekly encrypted backups
- Sovereign hosting (FR · DE · NL)
- No data outside the LLM call
GDPR articles
What the law requires, what we deliver.
Art. 15 — Right of access
Self-service signed ZIP export: profile, prospects, campaigns, sent emails, replies. Download within 60 seconds via HMAC SHA-256 signed link.
Art. 17 — Right to erasure
Self-service request with 7-day grace window (read-only). Email confirmation. Atomic DROP DATABASE. Forensic audit kept outside the tenant.
Art. 30 — Processing register
Immutable SHA-256 chained audit. Each action kept for 5 years with hash of the previous one. Exportable to DPO in signed JSON.
Art. 32 — Processing security
At-rest AES-256 encryption, in-transit TLS 1.3, PostgreSQL tenant isolation. Daily encrypted backup, 30-day retention.