Privacy Policy

The data controller for personal data is: Zoplee SAS Email: [email protected] Zoplee is committed to protecting the privacy of its users in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act.

We collect the following categories of data: — Identification data: name, surname, email address, phone number — Professional data: SIRET number, ten-year insurance number, trade type — Billing data: address, payment information (processed by Stripe) — Usage data: quotes created, invoices generated, login history — Technical data: IP address, browser type, operating system

Your data is processed for the following purposes: — Provision and management of the Service (creating quotes, invoices, payments) — Management of your account and subscription — Service-related communications (notifications, updates) — Improving the Service and developing new features — Compliance with our legal and accounting obligations

The processing of your data is based on: — Contract performance: provision of the Service linked to your subscription — Legitimate interest: improving the Service, platform security — Legal obligation: invoice retention, accounting obligations — Consent: sending marketing communications (optional)

Data is retained for the following periods: — Account data: for the duration of the subscription + 30 days after cancellation — Invoices and accounting data: 10 years (legal obligation) — Connection logs: 12 months — Cookies: 13 months maximum

Under the GDPR, you have the following rights: — Right of access: obtain a copy of your personal data — Right to rectification: correct inaccurate data — Right to erasure: request the deletion of your data — Right to portability: receive your data in a structured format — Right to object: object to the processing of your data — Right to restriction: restrict the processing of your data To exercise these rights, contact us at: [email protected] You may also file a complaint with the CNIL (www.cnil.fr).

The Platform uses only cookies strictly necessary for the functioning of the Service: — Session cookie: maintaining your login session — Language preference cookie: remembering your language choice — Theme cookie: remembering your display preference (light/dark) No advertising or tracking cookies are used.

We use the following third-party services: — Stripe (payments): secure credit card payment processing. Stripe is PCI-DSS Level 1 certified. Privacy policy: stripe.com/privacy — Cloud infrastructure: data hosted on servers located within the European Union No personal data is transferred outside the European Economic Area without appropriate safeguards.

We implement appropriate technical and organizational measures to protect your data: — Data encryption in transit (TLS/HTTPS) — Password hashing (bcrypt) — Role-based access control — Regular encrypted backups — Access logging

For any questions regarding the protection of your personal data: Email: [email protected] Last revision: March 6, 2026