Privacy Policy
Last updated: November 24, 2025
ScanCompte respects your privacy and is committed to protecting your personal data. This policy explains how we collect, use, and safeguard your information.
1. Data Controller
The data controller is:
InnoSpira
Email : contact@scancompte.com
2. Data We Collect
- Account data: email address and password (hashed with bcrypt)
- Technical data: IP address and approximate location (city/country) for security and fraud detection
- Files you upload: bank statements in CSV or PDF format
- Payment data: processed exclusively by Stripe (we never see or store your card details)
3. Purposes of Processing
- Create and manage your account
- Analyze your statements to categorize expenses, detect recurring subscriptions, and provide statistics and advice
- Ensure service security
- Process payments via Stripe
4. Legal Basis
- Performance of contract (Art. 6.1.b GDPR)
- Legitimate interests (security, fraud prevention – Art. 6.1.f GDPR)
- Your consent for processing sensitive banking data contained in your statements
5. Retention Periods
- Account data: kept as long as your account is active + 3 years after last login
- Uploaded CSV/PDF files: automatically deleted after 24 hours
- IP addresses: kept for maximum 12 months
- Billing data: kept for 10 years (legal obligation)
6. Sub-processors
- OVH (France) – server hosting
- OpenAI LLC (USA) – language model used only for inference (your data is never used to train models)
- Stripe (Ireland/USA) – secure payments
7. International Transfers
Data processed by OpenAI and Stripe may be transferred to the United States under Standard Contractual Clauses and the EU-US Data Privacy Framework.
8. Your Rights
You have the rights of access, rectification, erasure, restriction, portability, objection, and withdrawal of consent. Contact us – we will respond within one month.
9. Account Deletion
You can request full deletion of your account and data at any time by emailing us. We will delete everything within 30 days.