GDPR

Last updated : April 4, 2025
Article 1

Data Controller

The data controller for personal data is Localnord LLC, an American company (Limited Liability Company) incorporated in the State of Delaware, represented by Robin Gastout.

Registered office131 Continental Dr, Suite 305, Newark, DE 19713, USA
Contact emailsav@localnord.fr
Data hostingServers in Ireland (EU)
ComplianceGDPR (EU) 2016/679
Article 2

Data Collected

Identification data

  • First and last name
  • Email address
  • Phone number (optional)
  • Company / agency name

Billing data

  • Billing address
  • Payment information (processed by Stripe — never stored by Localnord)

Usage data

  • Connection logs (IP address, browser, date and time)
  • Actions performed on the platform
  • Google My Business data of clients managed through the platform

Cookies and trackers

  • Essential cookies: session, authentication
  • Analytics cookies: Google Analytics
  • Marketing cookies: Meta Pixel (Facebook), only with your consent
Article 3

Processing Purposes

  • Service deliverylegal basis: contract performance
  • Billing and accountinglegal basis: legal obligation
  • Customer support and guidancelegal basis: legitimate interest
  • Service improvement and statisticslegal basis: legitimate interest
  • Commercial prospecting and advertisinglegal basis: consent
Article 4

Cookies — Details and Management

Google Analytics

Traffic analysis and visitor behavior. Anonymized data. You can install the opt-out module.

Meta Pixel (Facebook)

Advertising campaign effectiveness measurement. Only placed after consent. Manage your preferences on Facebook Ad Preferences.

Retention period

13 months maximum, in accordance with CNIL recommendations.

Article 5

Data Retention Periods

Account dataSubscription duration + 3 years
Billing data10 years (accounting obligation)
Connection logs12 months
Cookies13 months maximum
Google My Business dataDeleted within 60 days after cancellation
Article 6

Data Sharing

StripePayments (Data Privacy Framework)
VercelHosting (GDPR-compliant DPA)
GoogleBusiness Profile API + Analytics (SCCs)
MetaAdvertising (with consent only)

Localnord never sells your personal data to third parties.

Article 7

Data Transfers Outside the EU

Data is stored in Ireland (European Union). Some subprocessors (Stripe, Vercel, Google, Meta) are located in the United States. These transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission and/or the EU-US Data Privacy Framework.

Article 8

Your Rights

In accordance with the GDPR, you have the following rights:

  • Accessobtain a copy of your data
  • Rectificationcorrect inaccurate data
  • Erasurerequest the deletion of your data
  • Restrictionrestrict processing
  • Portabilityreceive your data in a structured format
  • Objectionobject to processing
  • Withdrawal of consentat any time

To exercise these rights: sav@localnord.fr. Response within 30 days maximum.

Article 9

Data Security

  • Data encryption in transit (HTTPS/TLS)
  • Data encryption at rest
  • Secure authentication with password hashing
  • Restricted access (principle of least privilege)
  • Regular backups and disaster recovery plan
  • Periodic security monitoring and audits
Article 10

Data Breach

In the event of a breach likely to pose a risk to your rights and freedoms, Localnord commits to notifying the competent authority within 72 hours and informing you as soon as possible.

Article 11

Complaint

You may file a complaint with the data protection authority in your country. For France: CNIL.

Article 12

Changes

Localnord reserves the right to modify this policy at any time. In the event of a substantial change, you will be informed by email or through the platform.