Skip to main content
BETADécouvrez la nouvelle version d'EZGather : testez les nouvelles fonctionnalités et optimisez vos parcours.

Privacy Policy

Last updated: March 29, 2026

1. Controller

EZGather is responsible for processing your personal data. For any questions about your data, please contact our Data Protection Officer (DPO) at: dpo@ezgather.io

2. Personal Data Collected

We collect the following data:

  • Email address (for authentication and communication)
  • Hardware ID hash (for license verification and device name control)
  • Machine UUID (for secure authentication and fraud detection)
  • Subscription data (plan type, start/end date, payment status)
  • Payment data (processed by Stripe, we don't store card details)
  • Connection logs (IP address, date/time, browser, operating system)
  • Support data (support messages, bug reports sent via community discord)

3. Processing Purposes and Legal Basis

Your data is processed on the following legal bases:

  • Account management and software provision : Contract (Article 6.1.b GDPR)
  • Service provision : Contract (Article 6.1.b GDPR)
  • Payments : Contract and legitimate interest (Articles 6.1.b and 6.1.f GDPR)
  • Security and fraud detection : Legitimate interest (Article 6.1.f GDPR)
  • Legal and tax obligations : Legal obligation (Article 6.1.c GDPR)
  • Communication : Consent (Article 6.1.a GDPR) and contract

4. Data Recipients

Your data is accessible to authorized EZGather team members. We share certain data with our approved sub-processors: Stripe for payment processing, and Supabase for data hosting (EU). No data is shared for commercial or marketing purposes.

5. Data Transfer Outside the EU

Some of your data may be transferred outside the EU via Stripe (payment services). These transfers are governed by standard contractual clauses approved by the European Commission, providing a level of protection equivalent to the EU.

6. Data Retention Period

Your data is retained for the following periods:

  • Subscription data : 6 years (tax obligations)
  • Connection logs : 12 months maximum
  • Support messages : 3 years (legal guarantee)
  • Payment data : According to legal obligations and Stripe
  • Machine UUID : Duration of subscription

After this period, data is securely deleted.

7. Your Rights

You have the following rights under the GDPR:

  • Right of access : obtain a copy of your data
  • Right to rectification : correct inaccurate data
  • Right to erasure (right to be forgotten)
  • Right to restrict processing : limit how we use your data
  • Right to data portability : receive your data in a structured format
  • Right to object : object to processing
  • Right not to be subject to automated decision-making

To exercise these rights, contact our DPO: dpo@ezgather.io

8. Security

We implement the following security measures:

  • HTTPS/TLS encryption for communications
  • Secure authentication with machine UUID
  • Restricted access to data (least privilege principle)
  • Regular backups via Supabase
  • Real-time monitoring and alerts
  • Compliance with OWASP standards and security best practices

9. Cookies

We use minimal cookies, limited to authentication session management and your preferences (banner acceptance). No advertising or third-party analytics advertising tracking or third-party analytics cookies are used. You can configure your cookie settings via the site's banners.

10. Processing of Minor's Data

EZGather is intended for adults. If you are under 16 years old, you must obtain permission from your parents or guardians before using our service. We do not intentionally collect personal data from children under 16.

11. Email Communication

We send you emails for:

  • Account communications : confirmation, subscription renewal
  • Service updates : new features, maintenance
  • Security notifications : suspicious access or account changes

You can unsubscribe from non-essential emails anytime via your account settings or by clicking the unsubscribe link in our emails.

12. Breach Notification

In the event of a personal data breach, we undertake to notify the relevant data protection authority within 72 hours and inform you if the breach poses a high risk to your rights and freedoms.

13. Policy Modifications

EZGather reserves the right to modify this privacy policy at any time. Changes will be published on this site with an updated date. Your continued use of the service after modifications constitutes acceptance.

14. Applicable Language

The English version of this privacy policy applies to English-language users, with the French version prevailing in case of dispute.

15. Contact

For any questions about data protection or this policy, contact our DPO:

dpo@ezgather.io