Privacy Policy (GDPR Compliant)

Privacy Policy

Effective Date: 24 November 2025 • Last Updated: 24 November 2025

1) Who We Are

Chamberlin Innovations SASU
Registered in France • SIREN: [REDACTED]
Registered Address: Mauvezin, France
Email: eric@chamberlininnovations.fr

We operate chamberlininnovations.fr and related services, including the Business Planner, email updates, and consulting services. We are the data controller under the GDPR.

2) What Personal Data We Collect

You Provide

  • Name and email
  • Business inputs (region, budget, customer profile, timeline, etc.)
  • Written responses to planner questions
  • Communication preferences

Collected Automatically

  • Browser user-agent and device type
  • IP address (temp in access logs for security)
  • Referrer (if available)

AI-Generated Data

When using the Business Planner, we generate your tailored plan and associated scores/model outputs. These are stored with your planner record.

No Advertising Cookies

We do not use advertising or behavioral tracking cookies. Only functional cookies (if any) required for the site to operate.

3) How We Use Your Data

  • Generate and deliver your Business Planner report
  • Contact you about your submission (optional)
  • Improve our tools, user experience, and content
  • Manage business operations and security
  • Comply with legal obligations

We do not sell your data or use it for advertising.

4) Legal Basis

Consent

When you submit the planner form or join the email list.

Legitimate Interest

Delivering your requested output, securing/maintaining services, and improving accuracy/experience without overriding your rights.

Legal Obligation

Accounting, audit, or compliance with French/EU law.

5) Storage & Transfers

  • Supabase (EU region) — database and hosting
  • MailerLite (EU/EEA) — optional email communications
  • No transfers outside the EU unless protected by GDPR safeguards (e.g., SCCs).

6) Retention

  • Business Planner submissions: up to 36 months (delivery, improvement, support, fraud prevention)
  • Email communications: until you unsubscribe
  • Server logs: 30–60 days for security, then deleted

You can request deletion at any time.

7) Your GDPR Rights

  • Access, correct, or delete your data
  • Object to or restrict processing
  • Withdraw consent
  • Data portability
  • File a complaint with CNIL (France)

To exercise your rights, email privacy@chamberlininnovations.fr.

8) Sharing Your Data

We only share data with service providers needed to operate the site (e.g., Supabase, MailerLite). All providers are GDPR-compliant. We do not sell your data or share it with advertisers.

9) Security

  • HTTPS encryption
  • Access controls and least-privilege
  • Server-side processing and encrypted storage

No system is 100% secure, but we apply industry-standard protections.

10) Contact

Email: eric@chamberlininnovations.fr
Supervisory Authority: CNIL (France) — https://www.cnil.fr/