izzidevis.com
How it works Features Pricing Log in Free 14-day trial FR EN

Privacy Policy

⚠️ This is a courtesy English translation. Only the French version is legally binding.

Last updated: May 2026

1. Data controller

The controller of the personal data collected through the IZZI DEVIS application is:

Juan Manuel TENA — Sole trader, operating the "IZZI DEVIS" service
SIREN: 451 202 048 — Registered office: 191 chemin des Sources, 83170 Brignoles, France
Email: contact@izzidevis.com

For the end-customer data entered by the garage user, the publisher acts as a processor within the meaning of Article 28 of the GDPR, the garage remaining the data controller. The full identity is set out in the legal notice.

2. Data collected

As part of the use of the IZZI DEVIS application, we collect the following data:

  • Account data: email address, garage name, SIRET, intra-community VAT number, postal address, logo.
  • Operational data: diagnostics, quotes, invoices, credit notes, customer and vehicle information, price library.
  • Browsing data: IP address, browser type (via Vercel server logs).
  • Payment data: handled exclusively by Stripe — IZZI DEVIS does not store any banking data.

3. Purposes of processing

  • Provision of the quote generation and management service.
  • Sending transactional emails (quotes, reminders, purchase orders).
  • Management of subscriptions and billing via Stripe.
  • Improvement of the service and customer support.
  • Compliance with legal and accounting obligations.

4. Legal basis for processing

The processing is based on the performance of the subscription contract (Article 6.1.b of the GDPR), compliance with legal obligations (Article 6.1.c) and, for marketing communications, your consent (Article 6.1.a).

5. Retention period

  • Account and quote data: retained for the entire duration of the subscription, then deleted on request or 3 years after termination.
  • Billing data: 10 years in accordance with French accounting obligations.
  • Server logs: 12 months maximum.

6. Processors and transfers

Your data is hosted and processed by the following providers:

Provider Role Location
Supabase (PostgreSQL) Database EU (Ireland)
Vercel Application hosting EU / United States (SCC)
Anthropic (Claude API) AI processing (voice descriptions) United States (SCC)
Resend Email sending United States (SCC)
Stripe Payments EU / United States (SCC)
Google (Analytics, Ads) Audience measurement and advertising (marketing site, with consent) EU / United States (SCC)
Meta (Pixel) Advertising measurement (marketing site, with consent) EU / United States (SCC)
LinkedIn (Insight Tag) Advertising measurement (marketing site, with consent) EU / United States (SCC)

SCC = Standard Contractual Clauses of the European Commission.

7. Your rights (GDPR)

In accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act, you have the following rights:

  • Right of access — obtain a copy of your personal data.
  • Right of rectification — correct inaccurate data.
  • Right of erasure — request the deletion of your data ("right to be forgotten").
  • Right to portability — receive your data in a structured format.
  • Right to object — object to certain processing.
  • Right to restriction — request the temporary suspension of a processing operation.
To exercise your rights, contact us at contact@izzidevis.com. You may also exercise the right of erasure directly from your Settings area, under the "Account and data" section.

In the event of an unsatisfactory response, you may lodge a complaint with the CNIL (French data protection authority).

8. Cookies

The application (app.izzidevis.com) uses only functional cookies necessary for authentication (Supabase session). The marketing site (www.izzidevis.com) uses, after obtaining your consent, audience measurement cookies (Google Analytics) and advertising cookies (Meta, Google Ads, LinkedIn). The details, durations and management of your choices are set out in the cookie policy.

9. Data security

Your data is encrypted in transit (TLS 1.3) and at rest. Access to the database is protected by Supabase Row Level Security (RLS) — each garage only accesses its own data. Passwords are hashed by Supabase Auth (bcrypt).

10. Changes to this policy

Any substantial change will be notified by email at least 30 days before it takes effect. The version in force is always accessible at /en/privacy-policy.

Legal notice · Terms of Use · Terms of Sale · Privacy · Cookies
© 2026 IZZI DEVIS — All rights reserved