Privacy Policy
Last updated: March 10, 2026
PISKEE (hereinafter "we", "our" or "SEEGEA") attaches particular importance to the protection of your personal data. This policy describes the data we collect, the purposes of processing, your rights, and the measures implemented to ensure their security.
1. Data Controller
| Controller | PISKEE — SASU with share capital of EUR 17,500 |
|---|---|
| Registered office | 191 Grande Avenue, 60260 Lamorlaye, France |
| SIRET | 921 617 569 00014 |
| DPO Contact | dpo@seegea.com |
2. Data Collected
2.1 Registration data
- Last name, first name
- Email address
- Password (hashed, never stored in plain text)
- Preferred language
2.2 E-commerce store data
- Store name, URL, CMS platform
- OAuth access token (encrypted in the database)
- Catalog data: products, collections, variants, images, metafields
- Order data (read-only)
2.3 Billing data
- Billing information transmitted to Stripe (name, address, email)
- We never store your credit card numbers
2.4 Browsing data
- IP address
- Browser type and operating system
- Pages visited, visit duration, actions within the application
- Cookies and trackers (see our cookie policy)
3. Purposes and Legal Basis
| Purpose | Legal basis | Retention period |
|---|---|---|
| Account creation and management | Contract performance | Duration of contractual relationship + 3 years |
| Synchronization with your CMS | Contract performance | Duration of contractual relationship |
| Billing and payment | Legal obligation | 10 years (accounting obligation) |
| Service improvement (analytics) | Legitimate interest | 25 months maximum |
| Customer support | Contract performance | Duration of relationship + 2 years |
| Marketing communications | Consent | Until consent is withdrawn |
| Security and fraud prevention | Legitimate interest | 12 months |
4. Sub-processors and Recipients
Your data may be transmitted to the following sub-processors, strictly within the scope of the purposes described above:
| Sub-processor | Purpose | Location |
|---|---|---|
| Supabase Inc. | Database, authentication, storage | EU (Frankfurt region) |
| Vercel Inc. | Application hosting | United States (global CDN) |
| Stripe Inc. | Payment and billing | United States / EU |
| Resend Inc. | Transactional email delivery | United States |
| PostHog Inc. | Product analytics | EU |
| Google LLC | Web analytics (Google Analytics) | United States |
| Shopify Inc. | E-commerce API (catalog data) | Canada / United States |
For transfers outside the EU, appropriate safeguards are in place (European Commission Standard Contractual Clauses, adequacy decisions, or Data Privacy Framework).
5. Your Rights
Under the GDPR, you have the following rights:
- Right of access : obtain confirmation that your data is being processed and receive a copy
- Right to rectification : correct inaccurate or incomplete data
- Right to erasure : request the deletion of your data
- Right to restriction : restrict the processing of your data
- Right to data portability : receive your data in a structured format
- Right to object : object to processing based on legitimate interest
- Right to withdraw consent : withdraw your consent at any time
To exercise your rights, contact us at dpo@seegea.com. We will respond within 30 days.
You also have the right to lodge a complaint with the CNIL (French National Commission on Informatics and Liberty).
6. Data Security
We implement the following measures to protect your data:
- Encryption in transit (TLS/SSL) and at rest
- CMS access tokens encrypted in the database
- Passwords hashed with modern algorithms (bcrypt/argon2)
- Row Level Security (RLS) on all database tables
- Two-factor authentication available
- Regular security audits
7. Minors' Data
SEEGEA is a service intended for professionals. We do not knowingly collect data from persons under the age of 16. If you are a parent or guardian and believe your child has provided us with personal data, contact us at dpo@seegea.com.
8. Changes
We reserve the right to modify this privacy policy. In the event of a substantial change, we will notify you by email or by notification within the application. The date of the last update appears at the top of this page.
9. Contact
For any question regarding the protection of your data, contact our DPO:
dpo@seegea.com