Privacy Policy

EURL Blue Mossa
SIRET: 94049525200014
Intra-community VAT: FR14940495252
Registered office: LAMBERSART 59130

Contact: contact@instampy.fr

We collect only data strictly necessary for the operation of our digital timestamping service.

When creating your account, we record your email address to manage your authentication. To perform timestamping, we keep the file name, unique cryptographic fingerprint and timestamp date. We never store the content of your files. Billing information is collected for payment processing via our Stripe provider. Support exchanges are kept to ensure quality follow-up.

Your data is used exclusively to provide our timestamping service: account management, timestamp processing and certificate generation, secure payment processing, platform security, customer support and compliance with our legal obligations.

We never sell your data, send you unsolicited marketing, or use your information for profiling or commercial behavioral analysis.

Your account data is kept as long as your account is active or for five years of inactivity.

Timestamp certificates are kept permanently as they constitute evidence elements whose value depends on their permanence. This exception to the right to erasure is provided for in Article 17 of the GDPR for data necessary for the defense of rights in court.

Billing data is kept for ten years in accordance with legal obligations.

Technical logs are kept for one year for security.

Support exchanges are kept for three years.

We share your data only with necessary technical providers, all located in the European Union and bound by data protection agreements compliant with GDPR.

All sensitive data is encrypted. Our communications use HTTPS protocol. Passwords are hashed using the bcrypt algorithm. Daily encrypted automatic backups are made. Our infrastructure is monitored continuously with firewalls and anti-DDoS protection. Data access is strictly limited according to the principle of least privilege.

You have the right to access, rectify, erase, limit processing, portability and object regarding your personal data. To exercise these rights, contact us at contact@instampy.fr. We will respond within a maximum of one month.

Our service is reserved for people aged sixteen and over. For 13-16 year olds, parental consent is required. We do not knowingly collect data from children under thirteen. If you discover that a minor has provided us with information without authorization, contact us immediately at contact@instampy.fr for their deletion.

We use essential cookies for operation (session, language, security), preference cookies (memorizing your choices) and anonymous analytical cookies (usage statistics). Essential cookies do not require consent. Others require your prior agreement, modifiable at any time via the consent banner or your browser settings.

For any questions about your personal data, contact us at contact@instampy.fr. We will respond within a maximum of thirty days. If our response does not satisfy you, you can contact the CNIL (3 Place de Fontenoy, 75007 Paris - www.cnil.fr).

In case of major modification of this policy, you will be informed by email at least thirty days before it takes effect. For minor modifications, only the date at the top of the document will be updated.