RRestoRank
← Home

Privacy Policy

Last updated: June 5, 2026

This policy describes how RestoRank processes your personal data, in accordance with the General Data Protection Regulation (GDPR) and applicable data protection law.

1. Data Controller

The data controller is NS Participations (SASU), 4 rue de la République, 69001 Lyon, RCS Lyon 884 245 051. Contact: hello@restorank.co.

2. Data Collected

  • Free audit: restaurant name and city, email address (to receive the report), and a technical fingerprint of your IP address (hashed, anti-abuse).
  • Account & subscription: login email, tracked restaurants, competitors, and configured prompts.
  • Payment: handled by Stripe. We never store your banking details; we retain only a Stripe customer/subscription identifier.
  • Audience measurement: aggregated and anonymised usage statistics (Vercel Analytics, no cookie).

3. Purposes and Legal Bases

  • Provide the audit and dashboard, send your report — performance of a contract / pre-contractual measures.
  • Manage subscription and billing — performance of a contract.
  • Follow-up and re-engagement emails with offers — legitimate interest, with the ability to unsubscribe at any time.
  • Security, abuse prevention, and service improvement — legitimate interest.

4. Sub-processors and Recipients

Your data is accessible to our technical service providers, acting as sub-processors or recipients:

  • Supabase (database and authentication)
  • Vercel (hosting and audience measurement)
  • Stripe (payments and subscriptions)
  • Resend (email delivery)
  • AI providers queried for measurement (OpenAI, Google, Anthropic, Perplexity, xAI): only publicly available establishment information (name, city, sample queries) is transmitted to them — never your account credentials.

5. Transfers Outside the European Union

Some service providers are based in the United States. Transfers are governed by appropriate safeguards (European Commission standard contractual clauses and/or the Data Privacy Framework).

6. Retention Periods

  • Free audits: retained for up to 12 months for caching and statistical purposes, then deleted or anonymised.
  • Account data: for the duration of the subscription, then up to 3 years after the last contact for commercial purposes.
  • Billing data: retained for 10 years (statutory accounting obligation).

7. Your Rights

You have the rights of access, rectification, erasure, restriction, objection, and portability, as well as the right to set post-mortem directives. To exercise them, write to hello@restorank.co. You may also lodge a complaint with your national data protection authority (in France: cnil.fr).

8. Cookies and Trackers

  • Strictly necessary: authentication session cookie, essential to dashboard operation.
  • Audience measurement: aggregated statistics (Vercel Analytics), no cookie or individual identifier.
  • Advertising measurement: when our campaigns are active, a TikTok pixel may be used to measure conversions and enable retargeting. These trackers are subject to your consent; you may opt out via your browser settings or your TikTok advertising preferences.