Last updated: never
Privacy Policy & Data Protection
At JSBCloud, we place the utmost importance on protecting your personal data. This privacy policy informs you about how we collect, use, and protect your data, in accordance with the General Data Protection Regulation (GDPR - EU 2016/679) and the French Data Protection Act.
1. Data Controller
The data controller for personal data is:
- ALTISCORE SAS, share capital of 105 €
- RCS Annecy: 933 804 676
- Headquarters: 4A Avenue Auguste Renoir, 74960 Annecy, France
- Email: [email protected]
For any questions regarding your personal data, you can contact our Data Protection Officer (DPO) at the address above.
2. Data Collected
As part of our services, we collect the following categories of data:
Identification data:
- First and last name
- Email address
- Phone number
- Postal address
- Company name (for professionals)
Billing data:
- Payment information (processed securely via Stripe)
- Transaction history and invoices
- EU VAT number (if applicable)
Technical data:
- IP address
- Connection logs
- Browser and device information
- Service configuration data
Support data:
- Support tickets and communication history
- Discord conversations (if applicable)
3. Processing Purposes
Your data is processed for the following purposes:
| Purpose | Legal Basis |
|---|---|
| Managing your customer account | Contract performance |
| Providing hosting services | Contract performance |
| Billing and payments | Contract performance / Legal obligation |
| Technical support | Contract performance |
| Fraud prevention | Legitimate interest |
| Sending communications (newsletter) | Consent |
| Improving our services | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
4. Retention Periods
We retain your personal data only for as long as necessary for the purposes for which it was collected:
| Data Type | Retention Period |
|---|---|
| Active customer profiles | Duration of contractual relationship |
| Inactive customer profiles | Archived after 3 months of inactivity, deleted after 6 months of archiving |
| Empty customer profiles (no service) | Deleted after 6 months from registration |
| Invoices and accounting data | 10 years (legal obligation) |
| Cancelled invoices | Deleted after 30 days |
| Cancelled / pending / fraudulent orders | Deleted after 30 days |
| Support tickets | 3 years after ticket closure |
| Connection logs | 12 months (legal obligation — LCEN) |
| Data after termination | Permanently deleted 30 days after last login |
Note: Orders with active services, paid invoices, or accepted affiliate commissions are not automatically deleted.
5. Your Rights (GDPR)
Under GDPR, you have the following rights over your personal data:
Right of Access
You can obtain confirmation that data concerning you is being processed and receive a copy.
Right to Rectification
You can request the correction of inaccurate or incomplete data.
Right to Erasure (Right to be Forgotten)
You can request the deletion of your data, subject to our legal retention obligations.
Right to Restriction
You can request the restriction of processing in certain cases (contesting accuracy, opposing processing, etc.).
Right to Data Portability
You can receive your data in a structured, commonly used format, or request its transfer to another data controller.
Right to Object
You can object to the processing of your data for reasons relating to your particular situation, or to processing for direct marketing purposes.
Right Relating to Automated Decisions
You have the right not to be subject to a decision based solely on automated processing that produces legal effects concerning you.
6. Exercising Your Rights
To exercise your rights, you can:
- By email: [email protected]
- By mail: ALTISCORE SAS - DPO, 4A Avenue Auguste Renoir, 74960 Annecy, France
- Via your client area: "My Personal Data" section
We will respond to your request within a maximum of 30 days. This period may be extended by 2 additional months for complex requests, in which case we will inform you.
Important note: Direct deletion of your account by yourself is not available through the client interface for security and compliance reasons. For any deletion request, please contact our DPO.
7. Data Export
Under your right to data portability, you can request an export of your data. Exportable data includes:
- Contacts and personal information
- Accounts and services
- Domains
- Change log
- Transactions
- Invoices
- Support tickets
To request an export, contact our DPO or use the dedicated function in your client area.
8. Data Recipients
Your personal data may be transmitted to the following recipients:
Internally:
- Technical support team
- Billing department
- Management
Subprocessors:
Aucun sous-traitant déclaré.
Authorities:
- Judicial or administrative authorities (only upon legal request)
9. Transfers Outside EU
Your data is primarily hosted in France, at the Equinix PA5 datacenter (Paris).
In case of data transfer to a country outside the European Union, we ensure that this country offers an adequate level of protection or that appropriate safeguards are in place:
- European Commission Standard Contractual Clauses
- European Commission adequacy decision
- Binding Corporate Rules (BCR)
10. Data Security
We implement appropriate technical and organizational measures to protect your data:
- SSL/TLS encryption for all communications
- Secure storage in certified datacenter (Equinix PA5)
- Strong authentication for system access
- Access and action logging
- Anti-DDoS protection
- Regular backups
- Staff training on data protection
In the event of a data breach likely to result in a high risk to your rights and freedoms, we will inform you as soon as possible, in accordance with Article 34 of GDPR.
11. Cookies
Our website uses cookies to improve your experience:
Strictly necessary cookies:
- User session
- Language preferences
- Authentication
Functional cookies:
- Theme (light/dark)
- Display preferences
We do not use advertising cookies or third-party trackers for marketing purposes. You can manage your cookie preferences through your browser settings.
12. Minors
Our services are intended for adults. We do not knowingly collect personal data from minors under 16 years of age. If you are a parent or guardian and believe your child has provided us with personal data, please contact us.
13. Policy Changes
We reserve the right to modify this privacy policy at any time. In case of substantial changes, you will be notified by email or via a notification on our website. The last update date is indicated at the top of this document.
14. Complaint to Supervisory Authority
If you believe that the processing of your personal data constitutes a violation of GDPR, you have the right to lodge a complaint with the competent supervisory authority:
- CNIL (Commission Nationale de l'Informatique et des Libertés)
- 3 Place de Fontenoy, TSA 80715
- 75334 PARIS CEDEX 07, France
- Website: www.cnil.fr
15. Contact
For any questions regarding this privacy policy or your personal data:
- Email: [email protected]
- Mail: ALTISCORE SAS - DPO, 4A Avenue Auguste Renoir, 74960 Annecy, France
- Ticket: via your client area