Privacy Policy of Styly

Styly, as the data controller, places great importance on the protection and respect of your privacy. This policy aims to inform you, in accordance with Regulation No. 2016-679 of April 27, 2016, regarding the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter referred to as the "Regulation"), of our practices regarding the collection, use, and sharing of the information you may provide through our Application (hereinafter the "Application"). This policy aims to inform you about the categories of personal data that we may collect or hold about you, how we use them, with whom we share them, how we protect them, and the rights you have regarding your personal data.


1. Data We Collect
By using the Application, you may transmit information to us, some of which may identify you and therefore constitute personal data (hereinafter referred to as "Data"). This is particularly the case when you:
  • Register
  • Generate renders
This information includes, but is not limited to, the following data:
Account Data: Refers to the data you provide when creating an account by using Apple Sign In (email or anonymized email)
Styly Image Data: We store the images uploaded to Styly as well as the images generated by Styly, which you can delete at any time from the Application's "Projects" tab.
Browsing Data: refers to the data we collect during your navigation on the Application such as the date, time of connection and/or navigation, type of mobile device, language of the mobile device, its IP address.

2. How We Use the Data We Collect
We use the Data we collect for the following purposes:

Purposes

Legal Basis

(i) Creation and management of your customer account;

(ii) Execution of contracts concluded between you and us;

(iii) Management of the commercial relationship;

(iv) Management of the Application;

(v) Management of the newsletter;

(vi) Management of complaints and requests to exercise rights.

- Consent;

  • Compliance with a legal obligation to which the data controller is subject;
  • Execution of a contract or pre-contractual measures;
  • Legitimate interests pursued by the data controller;
  • Execution of a contract or pre-contractual measures; |
During the collection of Data, you will be informed if certain Data must be provided or if it is optional. Data identified by an asterisk (*) within the collection form are mandatory. Failure to provide them may restrict the execution of your request.

3. Who Are the Recipients of the Data We Collect and Why Do We Transmit Them?
3.1 Data Transferred to Authorities and/or Public Bodies
In accordance with applicable regulations, Data may be transmitted to competent authorities upon request, notably to public bodies, legal auxiliaries, ministerial officers, and organizations responsible for debt collection, exclusively to comply with legal obligations, as well as in the case of investigating authors of offenses committed on the internet.
3.2 Data Transferred to Third Parties
We work closely with third-party companies that may have access to your Data, including our subcontractors and service providers Google Cloud, Netlify, Google Analytics, Glassfy, MailerLite, for the following purposes:
  • AWS Cloud: Hosting of our servers and databases;
  • Hostinger: Hosting of the styly.io showcase website;
  • Google Analytics: Analysis of traffic to the Styly application;
  • Stripe: Simplification of the management of in-app purchases and/or Styly pro subscriptions.
  • MailerLite: Newsletter management.


4. How Long Do We Keep Your Data?
Your Data will not be kept beyond the strictly necessary duration for the purposes pursued as stated in the Policy and in accordance with the Regulation and applicable laws. In this regard, Data used for the aforementioned purposes are kept for:
  • Creation and management of your customer account: for the entire duration of the contractual relationship, then three years after the end of the commercial relationship;
  • Execution of contracts concluded between you and us: for the entire duration of the contractual relationship, then five years after the end of the commercial relationship (legal prescription);
  • Management of the commercial relationship: kept for the entire commercial relationship and then five years after its termination;
  • Management of the Application: one year; Management of the newsletter: until unsubscribed;
  • Management of complaints and requests to exercise rights: for a strictly necessary duration.
When the retention periods expire, your Data is deleted or anonymized in order to be used without infringing on your rights. However, your Data may be archived beyond the prescribed periods for the purposes of investigating, establishing, and prosecuting criminal offenses solely to provide your Data to the judicial authority, as needed. Archiving means that your Data will no longer be accessible online but will be extracted and stored on an independent and secure medium.

5. Are Your Data Transferred, How, and Where?
Your Data may be transferred from a country located in the European Union to a country located outside the European Union. When we transfer your Data outside the European Union, we always do so securely and in accordance with applicable regulations, particularly regarding the protection of personal data:
  • Either by transferring the Data to a recipient located in a country that has been the subject of an adequacy decision by the European Commission certifying that it has an adequate level of protection;
  • Or by executing or having executed the European Standard Contractual Clauses approved by the European Commission as ensuring an adequate level of protection of your Data (for more precision please consult the European standard contractual clauses of Google);
  • Or by resorting to Binding Corporate Rules validated by the competent data protection authorities;
  • Or by using any appropriate safeguards referred to in Article 46 of the Regulation.
You can access all these documents by contacting us at the address mentioned in Article 9 herein.

6. How Are Your Data Protected?
We take appropriate technical and organizational measures to prevent unauthorized access or modification, disclosure, loss, or destruction of your Data. It is important that you preserve the confidentiality of your credentials to prevent unlawful use of your account.

7. What Are Your Rights Regarding Your Data?
In accordance with applicable laws and regulations on the protection of personal data, you have a number of rights regarding your Data, namely:
  • Right of access and information: you have the right to be informed in a concise, transparent, intelligible, and easily accessible manner of how your Data is processed. You also have the right to obtain (i) confirmation that Data concerning you is being processed and, if so (ii) access to this Data and obtain a copy of it.
  • Right of rectification: you have the right to obtain the rectification of inaccurate Data concerning you. You also have the right to complete incomplete Data concerning you, by providing a supplementary statement. If this right is exercised, we undertake to communicate any rectification to all recipients of your Data.
  • Right to erasure: in certain cases, you have the right to obtain the erasure of your Data. However, this is not an absolute right and we may, for legal or legitimate reasons, retain this Data.
  • Right to restriction of processing: in certain cases, you have the right to obtain restriction of processing on your Data.
  • Right to data portability: you have the right to receive your Data that you have provided to us in a structured, commonly used, and machine-readable format, for your personal use or to transmit it to another controller of your choice. This right applies only when the processing of your Data is based on your consent, on a contract, or when this processing is carried out by automated means.
  • Right to object to processing: you have the right to object at any time to the processing of your Data for processing based on our legitimate interest, a mission of public interest, and those for commercial prospecting purposes. This is not an absolute right and we may refuse your objection for legal or legitimate reasons.
  • Right to withdraw consent at any time: you can withdraw your consent to the processing of your Data when processing is based on your consent. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.
  • Right to lodge a complaint with a supervisory authority: you have the right to contact your data protection authority to complain about our personal data protection practices.
  • Right to give directives regarding the fate of your Data after your death: you have the right to give us directives regarding the use of your Data after your death.
To exercise these rights, you can contact us at the following address: contact@styly.io Note that we may require proof of your identity to exercise these rights.

8. Modification of Our Privacy Policy
We may occasionally modify this policy, especially to comply with any regulatory, jurisprudential, editorial, or technical changes. If necessary, we will change the "last updated" date and indicate the date on which the modifications were made. When necessary, we will inform you and/or request your agreement. We advise you to regularly check this page to be informed of any changes or updates to our policy.

9. Contact
For any questions regarding this policy or for any requests regarding your Data, you can contact us by:
  • Sending us an email to the following address: contact@styly.io