volade.com

Privacy policy (GDPR)

Last updated : June 30, 2026

Volade is committed to protecting your personal data under the General Data Protection Regulation (GDPR) and applicable privacy laws. This policy explains what data we collect, why, how long we keep it and your rights.

1. Data controller

Volade
Privacy contact: privacy@volade.com
Website: https://volade.com

2. Data collected

Volade account (free or V+)

  • Username, email address, password (hashed, never stored in plain text).
  • XP, level, badges, missions and gamification activity history.
  • Sites linked to your license (URL, installation ID).
  • V+ subscription status and Stripe customer ID (no card data).

Connected extensions (WordPress plugins, etc.)

  • No data is sent to Volade until you enable Volade features and sign in.
  • Once connected: account sync, license vérification, aggregated usage metrics.
  • JSON export of your Volade data available from each extension's settings.

Browsing volade.com

  • Technical data: server logs, browser type, pages visited.
  • Hashed IP addresses (SHA-256) for security and fraud prevention — never stored in plain text.
  • Cookies and trackers according to your consent (see Cookie policy).

3. Purposes and legal bases

PurposeLegal basis (GDPR Art. 6)
Account création and managementContract performance
V+ subscription and billingContract · Legal obligation (accounting)
License sync on your sitesContract performance
Aggregated, anonymized usage metricsLegitimate interest (service improvement)
Security, anti-fraud, audit logsLegitimate interest · Legal obligation
Web analytics (with consent)Consent

4. Retention

  • Active account: lifetime of account + 36 months of inactivity, then anonymization.
  • Aggregated analytics events: 13 months.
  • Hashed IPs: 90 days.
  • Audit and security logs: 24 months.
  • Stripe billing data: 10 years (accounting obligation).

5. Recipients and processors

  • Web hosting: Vercel Inc.
  • Database: Supabase Inc. (EU region)
  • Payments: Stripe Payments Europe, Ltd. — V+ transaction processing
  • No sale of personal data to third parties.

Processors are selected for GDPR safeguards (standard contractual clauses for transfers outside the EU where applicable).

6. Your rights (GDPR)

Under GDPR Articles 15–22, you have the following rights:

  • Access: obtain a copy of your data.
  • Rectification: correct inaccurate data.
  • Erasure: delete your account and associated data.
  • Portability: receive your data in a structured format (JSON export from extensions).
  • Object and restrict processing.
  • Withdraw consent (cookies, marketing) at any time.

To exercise your rights: privacy@volade.com. Response within 30 days. You may lodge a complaint with your supervisory authority (in France: CNIL).

7. Security

Volade applies technical and organizational measures: HTTPS encryption, hashed passwords, hashed IPs, logged admin access, aggregated anonymized metrics. Report any vulnerability to hello@volade.com.

8. Cookies

Trackers used on volade.com are detailed in our Cookie policy.

9. Changes

This policy may be updated. The last revision date appears at the top of the page. For material changes, you will be notified by email or in-app notice.