1. Data Controller
The data controller is: SAILGIO (sole trader — France)
Contact: contact@sailgio.com
2. Data Collected
The following data is collected when using the App:
| Data | Purpose | Source |
|---|---|---|
| First & last name | User identification | Google account |
| Email address | Identification, technical support | Google account |
| Profile photo | Display in the App | Google account (editable) |
| Country | Recitation filtering, profile flag | IP (approx. geolocation) or manual selection |
| Username (optional) | Custom display name | Entered by the user |
| Audio recordings | Community sharing, contests | Voluntarily published |
| Comments, votes, etc. | App functionality | User actions |
| Device identifier | Authentication security (Bearer token) | Generated at sign-in |
| Premium status | Unlocking paid features | Confirmed Stripe payment |
3. Legal Basis
- Contract performance (Art. 6.1.b GDPR): data necessary for the App to function;
- Consent (Art. 6.1.a GDPR): audio recording publication, country selection;
- Legitimate interest (Art. 6.1.f GDPR): security, abuse prevention.
4. Retention Period
- Account data: retained while the account is active;
- After account deletion: erased within 30 days (including backups);
- Audio recordings: until deleted by the user or by moderation;
- Connection logs: 12 months maximum (legal requirement);
- Payment data (Stripe): retained by Stripe under its own policy.
5. Data Recipients
Data is processed exclusively by the publisher. It is never sold or shared with third parties for commercial purposes. Only the following processors have limited technical access:
- Google (Sign-In authentication);
- Stripe (Premium payments);
- ip-api.com (automatic country detection at sign-in).
6. Hosting
Data is hosted on a self-hosted private server in France. No transfer outside the European Union is made, except for the third-party services mentioned above.
7. Cookies & Trackers
The App uses no third-party cookies, no analytics tools (Google Analytics, Firebase, etc.) and no advertising network.
8. Your Rights (GDPR)
Under the GDPR, you have the following rights:
- Access: obtain a copy of your data;
- Rectification: edit your data from the Profile screen;
- Erasure: delete your account from the Profile screen;
- Portability: receive your data in a readable format (on request);
- Objection & restriction: by email request.
To exercise these rights: contact@sailgio.com. Response within 30 days.
9. Right to Lodge a Complaint
If you believe your rights have not been respected, you may file a complaint with the CNIL: www.cnil.fr.
10. Security
Data is protected by:
- HTTPS (TLS) encryption for all communications;
- Bearer token authentication tied to the device;
- Prepared SQL statements (injection prevention);
- Restricted and audited server access.
11. Policy Changes
This policy may be updated to comply with legal or technical developments. Users will be notified of material changes via in-app notification.
12. Contact
For any question: contact@sailgio.com