Privacy Policy
Effective Date: 1 May 2025
Version: 1.1
Controller: Reqme SAS
Address: Halle Héméra, 132 rue Fondaudège, 33000 Bordeaux, France
Email and Privacy Contact: support@reqme.co
1. Introduction
At Reqme, we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, and share your personal information through our platform and website in compliance with global privacy regulations including GDPR, CCPA/CPRA, and other applicable laws.
2. Who This Policy Applies To
This policy applies to the following types of users:
- Visitors – Website browsers
- Registered Users – Users with an account
- Service Providers – Business users managing services
- Clients – Customers requesting services
- Event Participants – Webinar/demo registrants
3. Data We Collect
| Category | Examples |
|---|---|
| Account Data | Name, email, company info, login details, user preferences |
| Payment Data | Billing details, transaction history (processed via Stripe/PayPal) |
| Service Data | Service requests, AI-generated documents, chat records |
| Technical Data | IP address, device info, OS, browser, referrer, usage metrics |
| Marketing Data | Newsletter opt-in, campaign performance, feedback forms |
We follow data minimization principles by collecting only the data necessary to provide and improve our services.
4. Legal Bases for Processing (GDPR)
| Purpose | Legal Basis |
|---|---|
| Account setup & feature access | Contractual necessity (includes free-tier use) |
| Delivering core services | Contractual necessity / Legitimate interest |
| Processing payments | Contractual necessity / Legal obligation |
| Improving platform performance | Legitimate interest |
| Marketing communications | Consent |
| AI-powered features | Consent / Legitimate interest |
Note: Even if no formal contract is signed, using our platform constitutes an implied agreement when you request services or generate content.
5. Use of AI Technology
Our AI systems (OpenAI + custom models) support:
- Smart service request handling
- Document generation (contracts, invoices)
- Predictive analytics and suggestions
Key Points:
- No sensitive user data is used to train models
- Outputs may require human review and are provided “as-is”
- You can opt out of AI features by contacting support@reqme.co
- Automated decisions (e.g., pricing suggestions) use input tags, service type, and request data
6. How We Share Your Data
| Service Provider | Role | Purpose |
|---|---|---|
| Stripe, PayPal | Data Processor | Secure payment processing |
| AWS | Data Processor | Hosting and infrastructure |
| OpenAI | Data Processor | AI-powered feature delivery |
| Mailchimp, AWS Mail | Data Processor | Email communication and campaigns |
| Slack, | Data Processor | User support and internal communication |
All third-party processors operate under strict Data Processing Agreements (DPAs) and confidentiality terms.
7. International Data Transfers
If data is transferred outside the EU/EEA (e.g., to the U.S.), we rely on:
- EU Standard Contractual Clauses (SCCs)
- Data encryption and minimization
- Binding third-party data protection commitments
8. Cookies & Tracking Technologies
We use cookies for:
- Website performance
- Analytics and behavior tracking
- Marketing and personalization
You can adjust preferences in your browser or via our Cookie Policy.
9. Data Retention
| Data Type | Retention Period |
|---|---|
| Account Data | While account is active + 6 months |
| Service Data | 2 years after last activity or deletion request |
| Technical Logs | 12 months |
| Backups | Up to 90 days (encrypted and secured) |
You can request deletion of your data at any time.
10. Data Security Measures
We use enterprise-grade safeguards including:
- AES-256 encryption at rest & TLS 1.3 in transit
- Role-based access controls and 2FA
- Logging, monitoring, and vulnerability scanning
- Secure access policies and staff NDAs
11. Breach Notification
In case of a personal data breach affecting your rights, we will:
- Notify impacted users and relevant authorities within 72 hours
- Provide details of the breach, what data was affected, and mitigation steps
- Offer guidance on how to protect yourself
12. Your Privacy Rights (EU/UK)
You have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Request deletion (“right to be forgotten”)
- Restrict or object to certain processing
- Data portability
- Withdraw consent at any time
- File a complaint with the CNIL or your regional data authority
Contact: support@reqme.co
EU/UK Representative: Please contact support@reqme.co
13. U.S. State Privacy Rights (CCPA, CPRA, VCDPA, etc.)
If you’re a U.S. resident, your rights may include:
- Right to know what data we collect and why
- Right to delete your data
- Right to access and receive your data in portable format
- Right to opt out of data sale (we do not sell your data)
- Right to non-discrimination for exercising your privacy rights
- Right to opt out of automated decision-making
- Right to file a complaint with the FTC
support@reqme.co and select Privacy category during request creation— Response within 45 days.
14. Children’s Privacy
Our services are not directed at individuals under 16. We do not knowingly collect or process data from children. If you’re a parent or guardian and believe your child has shared data with us, please contact us for deletion.
15. Data Protection Impact Assessments
For high-risk processing activities (e.g., AI-driven decision-making), we conduct DPIAs (Data Protection Impact Assessments) as required by GDPR Article 35.
16. Changes to This Policy
We may update this policy due to:
- Changes in law
- New product features
- Updated data practices
You will be notified of material changes via:
- Email (if provided)
- In-app notification
- Updated “Effective Date” at the top of this page
17. Contact Us
For questions, complaints, or to exercise your rights:
📧 Support & General: support@reqme.co
🔒 Privacy Inquiries: create Privacy request in https://reqme.co or send an e-mail support@reqme.co
📍 Supervisory Authority:
CNIL – Commission Nationale de l’Informatique et des Libertés
3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07
www.cnil.fr