Privacy policy

1. Introduction

Body Graph Studio (operated by Nicolas Teysseyre) is committed to protecting your personal data. This policy describes what we process, why, and under which principles, in line with the GDPR.

2. Data controller

The data controller is Nicolas Teysseyre, SIRET: 888 766 797 00011.
Email: crssoweb@gmail.com

3. Data we collect

We may collect in particular:

  • Account data: Name or display name, email address, password as a secure hash, language preferences.
  • Usage data: Information related to generated bodygraphs, client records, exports, embed/script settings, and dashboard activity.
  • Payment data: Card and billing data are processed by Paddle. We do not store full card numbers.
  • Technical data: Technical logs, IP address, browser and device type for security and service improvement.

4. Purposes of processing

We use this data to:

  • Provide Body Graph Studio (chart calculation, practitioner accounts)
  • Manage subscriptions and payments through Paddle
  • Provide support and service-related communications
  • Improve security and reliability of the platform

5. Processors and transfers

We rely on processors necessary to operate the service:

  • Paddle: Paddle — payment and subscription processing as Merchant of Record.
  • Vercel: Vercel — hosting and application infrastructure.

6. Retention

We retain data while your account is active. After account deletion or cancellation, personal data and related content may be permanently erased within a maximum of 48 hours, unless the law requires longer retention or limited proof is needed for a defined period.

7. Your rights (GDPR)

You notably have the following rights:

  • Right of access: Obtain a copy of your personal data.
  • Right to rectification: Correct inaccurate or incomplete data.
  • Right to erasure: Request deletion subject to legal grounds for retention.
  • Right to data portability: Receive data you provided in a structured, commonly used format where processing is based on consent or contract.
  • Right to object: Object to certain processing based on legitimate interests, within legal limits.

To exercise your rights:
Email: crssoweb@gmail.com

8. Cookies

We use cookies and similar technologies required for the site to work (session, security). Non-essential cookies, where used, follow applicable consent rules.

9. Security

We apply appropriate technical and organisational measures (HTTPS, secure hosting, access controls). No system is perfectly secure.

10. Changes to this policy

We may update this policy; material changes may be notified by email or through the service.

11. Contact

For questions about this policy or your personal data:
Email: crssoweb@gmail.com

Back to home