BandCopilotBandCopilot

Privacy Policy – BandCopilot

1. Introduction

This Privacy Policy explains how BandCopilot (https://www.bandcopilot.com) collects, uses, and protects users’ personal data. BandCopilot complies with applicable regulations, including the General Data Protection Regulation (GDPR).

2. Data controller

The data controller is: BandCopilot Vincent Hooge 33 rue d’Anchin – 59146 Pecquencourt – France Email: contact@bandcopilot.com

3. Data collected

BandCopilot may collect: * Identification data: email, username, project/group name * Account data: authentication-related information * Content data: press kits, biographies, images, media, messages * Technical data: logs, IP address, security-related data * Usage data: pages visited, interactions (cookies) Only necessary data is collected.

4. Purpose of processing

Data is used to: * create and manage user accounts * provide platform features * enable public press kit publication * ensure security and prevent abuse * provide support * improve the service

5. Legal basis

Processing is based on: * contract performance * legitimate interest (security, improvement) * legal obligations

6. Public data

Users may make certain data public via their press kits. Such data may: * be accessible to anyone * be indexed by search engines * be viewed outside the platform Users are responsible for the data they choose to make public.

7. Cookies and analytics tools

BandCopilot uses analytics technologies to understand how the service is used and to improve the user experience. These tools may collect data such as: * pages visited * interactions with the website * user navigation paths These technologies may store or access information on the user’s device. In accordance with applicable regulations, such trackers are only activated after obtaining the user’s consent, where required. Users can accept or refuse these trackers via the cookie consent banner.

8. Subprocessors

BandCopilot uses third-party providers: * Vercel (hosting) * Supabase (database) * Cloudflare (CDN & security) * Brevo (transactional emails) * Stripe / Mollie (payments) * Upstash (security) These providers process data only on behalf of BandCopilot.

9. International transfers

Some providers may operate outside the European Union. BandCopilot ensures appropriate safeguards (standard contractual clauses, etc.).

10. Data retention

Data is retained: * while the account is active * or as required by law Users may request deletion.

11. Security

BandCopilot implements appropriate technical and organizational measures, including: * secure authentication * encrypted data transmission * protection against unauthorized access

12. User rights

Under GDPR, users have the right to: * access * rectification * erasure * restriction * objection * data portability Requests can be sent to: contact@bandcopilot.com Users may also lodge a complaint with a supervisory authority.

13. Emails

BandCopilot may send: * transactional emails (account, notifications, security) * service-related emails No marketing emails are sent without prior consent.

14. Updates

This policy may be updated at any time.

15. Contact

contact@bandcopilot.com

    Privacy policy — BandCopilot