Privacy Policy

Last updated: May 21, 2026

1. Data Controller

LIROBI

5 rue de la Haute Vienne, 67510 Lembach, France

SIRET: 942 288 747 00010

Contact: contact@lirobi.com

2. Data We Collect

We collect the following categories of personal data:

Account data

  • Name and email address
  • Encrypted password
  • License and payment status

Usage data (collected with your consent)

  • IP address (used to approximate your country/region)
  • Pages visited and navigation path on our website
  • Device type, operating system, and browser
  • UTM campaign parameters (if you arrive via a marketing link)
  • Extension usage events (e.g. device previewed, license verified)

Payment data

Payment is processed entirely by Stripe. We do not store card numbers or banking details. We only retain the Stripe payment ID and transaction amount for accounting purposes.

3. Legal Basis for Processing

  • Contract performance (Art. 6.1.b GDPR): account management, license delivery, email communications related to your purchase.
  • Consent (Art. 6.1.a GDPR): website analytics and navigation tracking. You may withdraw consent at any time via the cookie banner.
  • Legitimate interest (Art. 6.1.f GDPR): security logging, fraud prevention, and service stability monitoring.
  • Legal obligation (Art. 6.1.c GDPR): retention of accounting records (invoices, payment references) as required by French law.

4. Data Retention

  • Account data: retained for the duration of your account, then deleted within 30 days of account deletion.
  • License and payment records: 10 years (French accounting obligation).
  • Navigation and analytics data: 13 months maximum.
  • Security logs: 12 months.

5. Data Sharing and Sub-processors

We do not sell your personal data. We share data only with the following sub-processors, solely to provide the service:

  • Stripe, Inc. — payment processing (USA, Standard Contractual Clauses apply)
  • Vercel, Inc. — website hosting and infrastructure (USA, Standard Contractual Clauses apply)
  • OVHcloud — email delivery (France/EU)

6. Data Security

We implement appropriate technical and organisational measures to protect your data, including: HTTPS encryption in transit, hashed passwords, HTTP-only JWT cookies, CSRF protection, and rate limiting on all authentication endpoints.

7. Your Rights

Under the GDPR, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Erase your data ("right to be forgotten")
  • Restrict processing in certain circumstances
  • Data portability — receive your data in a structured, machine-readable format
  • Object to processing based on legitimate interest
  • Withdraw consent at any time (for consent-based processing)

To exercise any of these rights, contact us at contact@lirobi.com. We will respond within 30 days.

You also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL)www.cnil.fr.

8. Cookies and Tracking

We use a session cookie (auth-token) strictly necessary for authentication, which does not require consent. Analytics tracking (page views, navigation) is only activated if you accept cookies via our banner. See our Cookie Policy for details.

9. Updates to This Policy

We may update this policy from time to time. The date at the top of this page reflects the latest revision. For significant changes, we will notify registered users by email.

10. Contact

For any questions regarding this privacy policy:

contact@lirobi.com