Last updated : 2025-09-12 09:42:56
ARTICLE 1. Preamble
When you use the services offered by FLAVIE (hereinafter “the Company”), especially through its Website and/or App, the Company might collect and process personal data. Any information relating to an identified or identifiable natural person (e.g., last names, first names, username, email address, location data, etc.) is personal data.
The Company is committed to protecting the privacy and personal data of users of its services. This policy is intended to specify the methods of collection and processing of personal data for which the Company is responsible.
This policy therefore aims to inform users of the Site and/or Application services of the practices implemented by the Company for the collection, processing, use, and sharing of personal data, as well as the terms and conditions for exercising user rights.
The Company reserves the right to modify this policy at its discretion and at any time, without prior notice to the User, in accordance with technical and/or commercial developments in its products and services, its practices for processing and transferring personal data, and changes in applicable regulations. The changes will take effect on the date they are posted online and are enforceable against users on the date of their first use of the Site and/or the Application after the date they are posted online.
ARTICLE 2. Responsibility for processing
The Company, a simplified joint stock company with a capital of €1,000, registered in the Marseille Trade and Companies Register under number 938491313, with its registered office at 122 rue du Commandant Rolland, Résidence la Cadenelle, Chambord 2, 13008 Marseille, is responsible for the processing of personal data carried out by the Site and the Application.
ARTICLE 3. Data collection and processing
Personal data concerning you may be collected directly by the Company, in particular because it is necessary for the management of the Account and the commercial relations of the Website and the Application. Certain data is also stored for security purposes, in order to comply with legal and regulatory obligations and to enable the Website and the Application to improve and personalize the services offered.
The Company collects the following information: Last name, First name, email address, and username.
All other information, as well as documents uploaded by Users, are neither accessible nor downloadable by the Company.
The personal data collected is used for the following purposes:
- Account creation and management: access to the application's services.
- Personalization of the experience: provision of advice tailored to the User.
- Sending newsletters: if the User is subscribed to the newsletter, the email address is used to send information about services, advice, and special offers. The User can unsubscribe at any time by clicking on the unsubscribe link in each email.
- Optimizing use of the application: using the Application and the User's preferences to improve and personalize the experience (optimizing features, adjusting services, and offering more personalized advice).
Data processing is based on the following legal grounds:
- Consent: for sending newsletters;
- Performance of the contract: for access to the Application and the services offered;
- Legitimate interest: optimization of the Application and improvement of the user experience.
The personal data collected is hosted by the service provider OVH, based in France. OVH is committed to complying with security standards and European regulations. The data is protected and secure.
The data is stored:
- Account-related data is stored for as long as the Account is active;
- The information necessary for sending the Newsletter is stored for as long as the User does not unsubscribe. The User may unsubscribe from the Newsletter at any time.
- Usage data related to optimization is retained for the period necessary to improve the Application, for a maximum of three years following the deactivation of the Account.
ARTICLE 4. Cookies
The Company uses cookies. A cookie is a small text file left on your computer when you first visit a Website. Your web browser will store it for a certain period of time and send it back to the web server each time you reconnect. The legal basis for the processing of personal data is provided for in Article 6(1)(a) of EU Regulation No. 679/2016, or by the user's consent to the installation of profiling cookies.
Several types of cookies may be used by the Company:
(1) Cookies related to personalized advertising operations, intended to track advertising. In particular, cookies from Google Tag Manager, Adjust, Google Analytics, Facebook Analytics, Pinterest, Snap Inc, TikTok, and LinkedIn are used. Cookies are used by advertisers to send advertising messages that correspond to the preferences displayed by the user when browsing the Internet. This process also allows the Data Controller to evaluate the performance of campaigns in order to improve them by making them more effective and usable by third parties.
(2) Audience measurement cookies (“analytics”), which enable the Company to better understand how the User uses the Site and the Application, with the aim of improving them. There are several types of analytics cookies, each of which collects different types of data depending on their purpose and use, namely:
- Braze, Adjust, Google Tag Manager, Google Analytics, Wisepops, and Facebook Analytics collect data to gather information about the pages and screens visited, the duration of visits, and the number and types of videos watched.
- Firebase Performance Monitoring collects data on the performance of calls made and screen renderings.
- Firebase Crashlytics and Google Cloud Error Reporting collect information about incidents, errors, and bugs encountered while using the Site and the Application;
- Firebase in-app messaging and Firebase Cloud Messaging collect data related to the opening of communications such as “Push Notifications” or “In App” messages;
- Firebase A/B Testing collects metrics from experiments, allowing two different types of behavior in the Application and/or the Site to be compared by two different Users, and to measure which of the two behaviors is the best (in other words, the most appropriate);
- Firebase Remote Config collects information on the successful receipt of remote configurations.
- Firebase Dynamic Links/Adjust collects data on the opening of deep links.
- Purchasely collects metrics from payment page experiments.
(3) Sharing cookies, which allow content from the Application and/or the Site to be shared on social networks. They may be placed on the Site and the Application by third-party sites, in particular through sharing buttons and accessible videos (Instagram, Facebook, YouTube, etc.).
(4) Functionality cookies, designed to allow the User to choose the language used and to ensure internal redirections (internal cookie), enable User authentication (Firebase authentication), enable cookie consent management (Didomi), enable over-the-air updates of the Application (Microsoft AppCenter), access to fonts (Google Fonts), access and playback of videos (JWPlayer) and photographs, images, and other multimedia resources (Google Cloud Storage, Webflow).
(5) Security cookies, designed to prevent payment fraud (Stripe).
Analytics cookies are stored for a maximum of thirteen months from the User's first visit. The data collected through these cookies may be stored for a maximum of twenty-five (25) months.
For each third-party cookie, the User can find all the information relating to the purposes of the cookies and the data controller at the following addresses:
• Didomi
• Google Analytics + Firebase Analytics
• Google Cloud (Error Reporting / Storage)
• Webflow
• Braze
• Adjust
• Stripe
• Tiktok
• Snap Inc
• Wisepops
When you first visit the Site, a banner informs you of the presence of cookies on the Site and invites you to manage (accept or refuse) their use by accepting or refusing their installation. For more information about cookies, you can also visit the CNIL website
Functionality and security cookies are necessary for the proper use of the various services of the Site and the Application and do not require the User's consent. You can always refuse to accept them. In this case, your user experience may be degraded and certain features of the Site and the Application may be unavailable, preventing access to certain services of the Site and the Application.
Sharing cookies, analytics cookies, and cookies related to personalized advertising and personalization require prior information and your prior consent. They will not be stored until you have expressly consented to them.
ARTICLE 5. Your rights
In accordance with applicable regulations (Law No. 78-17 of January 6, 1978, as amended, known as the “Data Protection Act,” and Regulation (EU) No. 2016/679 of April 27, 2016, on the protection of personal data), you have the right to access, rectify, oppose, erase, and transfer your data.
Your right of access allows you to know what data concerning you is processed by the Site, to obtain communication of this data, and to check its accuracy.
Your right of rectification allows you to request the correction of inaccurate data concerning you.
Your right to object allows you to object to your data being used by the Site for a specific purpose, under the conditions set out in the applicable regulations in force. This right may be exercised for prospecting or to request the deletion of personal information, provided that the legitimate interest on which the processing of the data concerned is based is not compelling for the Site.
The Company only keeps your personal data for as long as necessary for the various processing operations carried out. At the end of the retention period specified for each processing operation, the data is either archived by anonymization or deleted. When the legitimate basis for the processing of your data is based on your consent or on the legitimate interest of the Company, you may exercise your right to erasure, provided that this does not conflict with the exercise of the right to freedom of expression and information, compliance with a legal obligation, their use for statistical purposes, the establishment, exercise or defense of legal claims.
You also have a right to the portability of your data, which allows you, subject to the satisfaction of the legal conditions for exercising this right, to obtain a copy of the data held by the Company on the basis of either consent or the performance of the contract, and possibly to transmit it to another data controller. For more information on the conditions for exercising this right, you can consult the CNIL website.
You can exercise your rights by contacting the Company by email at contact@drdoudou.app.
In order to facilitate the processing of your request, you should:
- Indicate the processing operations concerned by your request;
-Tell us which rights you want to exercise;
- Send us a copy of your ID so we can make sure it's really you if we have any doubts.
If you're not happy with how we handle your request to exercise your rights, you can always take it up with the CNIL.
ARTICLE 6. Data transfer
Personal data collected and processed by the Company may be transmitted to commercial and technical partners, suppliers, and independent third parties who contribute to the Company's contractual relationships.
These include service providers responsible for:
- hosting and maintaining the Website and our dematerialized personal data collection solutions;
- payment services and fraud prevention and control;
- logistics providers;
- marketing solution providers;
- commercial prospecting and social media communication management providers.
These service providers may be located in Europe, the European Economic Area, or sometimes even outside the European Union. In the latter case, providers located outside the European Union have access to users' personal data exclusively for the purpose of performing the services entrusted to them by the Company, and under conditions that ensure a sufficient and appropriate level of data protection. In any event, these transfers are limited and regulated by legal tools.
ARTICLE 7. Security
We implement all appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, or disclosure. Data is encrypted and stored securely.
ARTICLE 8. Changes to the policy
The Company reserves the right to change the Privacy Policy at any time. In the event of a substantial change, you will be notified by email or via a notification in the application.