Skip to main content
jarviz
Back to home
Legal

Privacy Policy

Last updated · April 2026

This Privacy Policy explains how Groupe Verlaine SAS ("Jarviz", "we") processes personal data when you visit getjarviz.com or use the Jarviz product. We comply with the EU General Data Protection Regulation (Regulation (EU) 2016/679, "GDPR").

1. Data controller

Groupe Verlaine SAS, headquartered in Paris, France, is the data controller for personal data collected on getjarviz.com and within the Jarviz product when used by our customers' end users.

Privacy contact: privacy@getjarviz.com.

2. What we collect

Marketing site: minimum technical data (IP address, user agent), language preferences (cookie "lang"), and information you submit through forms or calendars.

Product: account identifiers (email, name, role), workspace data, advertising spend, CRM records (lead, opportunity, deal), revenue data, and integration tokens. Email addresses are hashed (SHA-256) before being sent back to advertising APIs.

3. Why we process it

Provide the Service (legal basis: contract).

Secure the Service and prevent fraud (legitimate interest).

Respond to inquiries, schedule demos and audits (consent or pre-contractual).

Send product and billing communications (contract).

Comply with legal obligations (accounting, tax).

4. Sharing & subprocessors

We use a limited list of subprocessors to operate the Service (hosting, email, calendars, payments, observability). The list is published in our DPA and kept up to date.

We do not sell personal data and we do not share it for cross-context behavioral advertising.

5. Retention

Marketing site logs: 30 days. Form/calendar data: 24 months from last activity. Product data: for the duration of the subscription, then 30 days for export and 30 days for deletion. Accounting documents: 10 years (legal obligation).

6. Your rights

You may access, rectify, erase, restrict and port your personal data, and object to processing based on legitimate interest. You may also lodge a complaint with the French CNIL (cnil.fr).

Send requests to privacy@getjarviz.com. We respond within one (1) month.

7. International transfers

Jarviz primarily processes data within the European Union. When transfers to non-EU countries are necessary (e.g. some advertising APIs), they rely on the European Commission's Standard Contractual Clauses and supplementary measures.

8. Security

Encryption in transit (TLS 1.2+) and at rest (AES-256). Access on a need-to-know basis with multi-factor authentication. SOC 2 Type 2 in progress. See the Security page for details.