Privacy Policy

Effective date: October 3, 2025

Introduction

Tissuco, located in France, ("we", "us", or "our") is the controller of your personal data when you use Tissuco available at tissuco.fr (the "Service"). If you have questions, contact us at geoffroy@tissuco.fr.

This Privacy Policy describes what we collect, why we collect it, how we use and share it, how long we keep it, and the choices and rights you have. If anything here conflicts with local law that applies to you, the local law controls.

The Service is intended for individuals aged 18 and over. Do not use the Service if you are under 18.

Information we collect

We focus on the information you choose to provide to operate your business on the Service:

Account and profile data: name, email, password (hashed), role/permissions, organization/team, preferences.
Inventory and business data you submit: articles, bales, suppliers and related records you input (which may include business contact details of supplier representatives you provide).
Communications: messages and support inquiries, feedback, and any attachments you send us.
Transaction and billing data (if applicable): company details, billing address, VAT/tax IDs, order history. We do not store full payment card numbers; these are handled by our payment processor if payments are enabled.
Cookies: essential cookies used for authentication and preferences and, if you consent, analytics cookies (Google Analytics) to understand usage. We do not use advertising cookies. See our Cookie Policy for details.
Service logs (minimal): limited technical logs (e.g., IP address, request identifiers) necessary for security, fraud prevention, and troubleshooting. These are not used to profile you.

Why we process your information

We use your information to:

Provide, operate, and maintain the Service, including authentication and account management.
Personalize features, settings, and content.
Analyze usage to improve performance, reliability, and user experience.
Provide support and respond to inquiries.
Communicate about updates, security alerts, and administrative messages.
Process transactions, invoices, and billing (if applicable).
Secure the Service, prevent fraud/abuse, and enforce terms.
Comply with legal obligations and respond to lawful requests.
With your consent, send marketing communications or run surveys.

Legal bases for processing (EU/EEA users)

Where the EU GDPR applies, we process your personal data under these legal bases:

Contract: to provide and support the Service you requested.
Legitimate interests: to secure, improve, and analyze the Service, and to communicate non-promotional updates. We balance these interests against your rights and expectations.
Consent: for optional cookies/analytics and marketing communications. You can withdraw consent at any time.
Legal obligation: to comply with tax, accounting, and regulatory requirements.

Cookies and similar technologies

We use essential cookies required to operate the Service (e.g., to keep you signed in and remember your preferences) and, if you consent via our cookie banner, analytics cookies (Google Analytics) to understand how the Service is used. You can accept or decline analytics cookies and change your preferences at any time through the banner. We do not use advertising cookies. See our Cookie Policy for details.

We do not sell your personal information. We share information only with:

Service providers (processors): hosting, infrastructure, analytics, email delivery, customer support, payments, and security vendors who process data on our instructions.
Professional advisors: auditors, accountants, legal counsel.
Business transfers: in connection with a merger, acquisition, or asset sale, subject to appropriate safeguards.
Legal and safety: to comply with law, protect rights, safety, and the integrity of the Service, or investigate potential violations.

Where required, we enter into data processing agreements and Standard Contractual Clauses with our processors.

International data transfers

If we transfer your personal data outside your country (e.g., outside the EU/EEA), we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, and additional measures as needed. You can contact us for a copy of the relevant safeguards.

Data retention

We keep personal data only as long as necessary for the purposes described above:

Account data: for the lifetime of the account and for 36 months thereafter, unless we are required to retain it longer.
Content and usage data: for 36 months to support troubleshooting, security, and analytics.
Billing records: for 6 years to comply with tax and accounting laws.

We will delete or anonymize data when it is no longer needed. You can request deletion of your account at any time; some records may be retained where required by law or to establish, exercise, or defend legal claims.

Your privacy rights

Depending on your location, you may have rights to:

Access: receive a copy of your personal data.
Rectification: correct incomplete or inaccurate data.
Erasure: request deletion of your data.
Restriction: limit certain processing.
Objection: object to processing based on legitimate interests and to direct marketing.
Portability: obtain your data in a portable format.
Withdraw consent: where processing is based on consent.
Lodge a complaint: with your local supervisory authority.

To exercise your rights, contact us at geoffroy@tissuco.fr. We may need to verify your identity to protect your account and data.

Email: geoffroy@tissuco.fr
Data Protection Officer/Representative (if applicable): Geoffroy Stanger

If you are in the EU/EEA, you also have the right to lodge a complaint with your local data protection authority.

Privacy Policy

Introduction

Information we collect

Why we process your information

Legal bases for processing (EU/EEA users)

Cookies and similar technologies

International data transfers

Data retention

Your privacy rights

Security

Children's privacy

Third-party links and services

Changes to this Policy

Contact us