Draft for legal review. This template must be reviewed by a qualified lawyer or data-protection specialist and adapted to your actual data practices (GDPR and local law). Fields marked [like this] must be completed.

Privacy Policy

Last updated: [DATE]

This policy explains what personal data [COMPANY / OPERATOR NAME] ("we", "us") collects when you use Stexno, why, and what rights you have.

We never receive your videos. All watermarking and uploading happen on your computer, directly to your own platform accounts. Your video files do not pass through our servers.

1. Data we collect

Data	Why
Email address	Create your account, sign you in (website + app), contact you about your account.
Password	Stored only as a secure hash, never in plain text, to authenticate you.
Subscription & payment status	Manage your trial, billing, and access. Card details are handled by our payment provider — we never see or store your full card number.
Device identifier & name	Enforce the limit on the number of machines and show your signed-in devices.
Technical logs (e.g. IP, timestamps)	Security, fraud prevention, and to respond to lawful requests.

[Add anything else you actually collect — e.g. support messages, analytics. Do not list data you don't collect.]

2. What we do not collect

We do not collect, receive, store, or analyze your video files, your watermarks, or the API credentials you enter for third-party platforms. Those stay on your own machine.

3. Legal bases [GDPR]

Performance of a contract — to provide the Service you signed up for.
Legitimate interests — security, fraud prevention, device limits.
Legal obligation — keeping records and responding to authorities.
Consent — where required, e.g. [marketing emails, non-essential cookies].

4. Service providers we share data with

Payment provider — [Stripe / Paddle], to process subscriptions.
Hosting provider — [host name], where our servers run.
[Email/support tools, error monitoring, etc., if any.]

We do not sell your personal data.

5. International transfers

[State where data is processed and, if applicable, the safeguards used for transfers outside the EEA — e.g. Standard Contractual Clauses.]

6. How long we keep data

We keep account data while your account is active and for [retention period] afterwards, then delete or anonymize it, except where law requires longer retention (e.g. invoices, security logs).

7. Your rights

Subject to applicable law, you can request to access, correct, delete, or export your data, object to or restrict certain processing, and withdraw consent. To exercise these rights, contact [privacy@stexno.shop]. You may also lodge a complaint with your local data-protection authority [in France: the CNIL].

8. Security

We use technical and organizational measures to protect your data, including hashed passwords, encryption in transit (HTTPS), and access controls. No system is perfectly secure, but we work to keep your data safe.

9. Cookies

[Describe any cookies used on the website — e.g. essential session cookies, and any analytics. Add a cookie banner if you use non-essential cookies.]

10. Changes

We may update this policy and will post the new version here with a revised date. [Describe how you notify users of material changes.]

11. Contact

Data controller: [COMPANY / OPERATOR NAME, address]. Contact for privacy matters: [privacy@stexno.shop]. [Add a Data Protection Officer if you have one.]