Privacy Policy

Effective Date: July 2, 2025
Last Updated: July 2, 2025

Data Controller Information

Company: Alexandre Grisey
VAT Number: FR33839786431
Address: 7 Allées de Chartres, 33000 Bordeaux, France
Contact Email: contact@getmobiqo.com
Website: https://www.getmobiqo.com

1. Introduction

Alexandre Grisey ("we", "us", "our") operates Mobiqo, a mobile analytics platform that provides AI-powered insights for mobile app developers. This Privacy Policy explains how we collect, use, process, and protect your personal information when you use our service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

2.1 Account Information

When you create a Mobiqo account, we collect:

Identity Data: Name, email address
Authentication Data: Password (encrypted), authentication tokens
Contact Data: Email address for communication
Payment Data: Billing information processed through Stripe (we do not store payment card details)

2.2 Mobile App Data (via SDK Integration)

Through our mobile SDK integrated into your applications, we collect:

Data Type	Purpose	Legal Basis
User Session Data	Analytics and user behavior tracking	Legitimate Interest
Device Information	Platform analytics (iOS/Android version, device model)	Legitimate Interest
App Events	User interaction tracking and predictions	Legitimate Interest
Geographic Data	Country-level analytics (no precise location)	Legitimate Interest
App Version Data	Version-specific analytics and debugging	Legitimate Interest

2.3 RevenueCat Integration Data

When you connect your RevenueCat account, we access:

Customer Data: User IDs, subscription status, purchase history
Subscription Data: Product IDs, pricing, renewal dates, cancellation status
Revenue Data: Transaction amounts, currencies, refund information
Platform Data: App store information (iOS App Store, Google Play)

2.4 Website Usage Data

When you visit our website, we automatically collect:

Technical Data: IP address, browser type, operating system
Usage Data: Pages visited, time spent, referral sources
Analytics Data: Via Plausible Analytics (privacy-focused, no personal data)

3. How We Use Your Information

3.1 Service Provision

We use your data to:

Provide mobile analytics dashboards and reports
Synchronize data between RevenueCat and our platform
Generate real-time insights about user behavior
Maintain and improve our service performance
Provide customer support and technical assistance

3.2 AI-Powered Predictions

We process your mobile app data to:

Generate predictions about user lifetime value
Calculate conversion probability scores
Identify user segments and behavioral patterns
Provide churn risk assessments

OpenAI Integration: When you provide your own OpenAI API key, we send anonymized, aggregated data to OpenAI for analysis. Your API key is stored locally in your browser and never transmitted to our servers.

3.3 Business Operations

We may use your information for:

Processing payments through Stripe
Sending service-related communications
Complying with legal obligations
Preventing fraud and ensuring security

4. Data Sharing and Third-Party Services

4.1 Third-Party Service Providers

We share data with the following trusted service providers:

Service	Purpose	Data Shared	Privacy Policy
Firebase (Google)	Authentication & Database	Account data, app analytics	Google Privacy Policy
Stripe	Payment Processing	Billing information	Stripe Privacy Policy
RevenueCat	Subscription Data Source	API credentials (read-only)	RevenueCat Privacy Policy
OpenAI	AI Analysis (optional)	Anonymized analytics data	OpenAI Privacy Policy
Plausible Analytics	Website Analytics	Anonymized usage data	Plausible Privacy Policy

4.2 Data Processing Locations

Your data may be processed in:

European Union: Primary data storage via Firebase EU regions
United States: When using OpenAI services with your provided API key

All international transfers comply with applicable data protection laws and adequate safeguards.

5. Your Rights and Choices

5.1 GDPR Rights (EU Residents)

Under GDPR, you have the right to:

Access: Request a copy of your personal data
Rectification: Correct inaccurate or incomplete data
Erasure: Request deletion of your personal data
Portability: Receive your data in a portable format
Restriction: Limit how we process your data
Objection: Object to processing based on legitimate interests
Withdraw Consent: Where processing is based on consent

5.2 CCPA Rights (California Residents)

Under CCPA, you have the right to:

Know: What personal information we collect and how it's used
Delete: Request deletion of your personal information
Opt-Out: Opt-out of the sale of personal information (we do not sell data)
Non-Discrimination: Not be discriminated against for exercising your rights

5.3 Exercising Your Rights

To exercise any of these rights, contact us at contact@getmobiqo.com. We will respond within 30 days (or as required by applicable law).

6. Data Security

6.1 Security Measures

We implement industry-standard security measures:

Encryption: Data encrypted in transit (HTTPS/TLS) and at rest
Access Controls: Role-based access to data and systems
Firebase Security: Google's enterprise-grade security infrastructure
Regular Updates: Security patches and system updates
Monitoring: Continuous monitoring for security threats

6.2 Data Breach Response

In the event of a data breach affecting personal data, we will:

Notify relevant authorities within 72 hours (where required)
Inform affected users without undue delay
Take immediate steps to contain and remediate the breach
Conduct a thorough investigation and implement preventive measures

7. Data Retention

7.1 Retention Periods

We retain personal data for:

Account Data: Until account deletion or 3 years after last activity
Mobile App Analytics: 2 years from collection date
RevenueCat Data: Synchronized with your RevenueCat retention policy
Payment Data: 7 years for tax and accounting purposes
Support Communications: 3 years after resolution

7.2 Data Deletion

You can request deletion of your data at any time. Upon deletion:

Your account and associated data will be permanently removed
Mobile SDK data collection will cease
RevenueCat integration will be disconnected
Some data may be retained for legal compliance

8. Cookies and Tracking

8.1 Website Cookies

Our website uses minimal cookies:

Essential Cookies: Required for website functionality and authentication
Analytics Cookies: Plausible Analytics (privacy-focused, no personal data)

8.2 Mobile SDK Tracking

Our mobile SDK tracks user interactions within your applications. This tracking:

Does not collect personally identifiable information
Uses anonymous user identifiers
Can be configured or disabled by app developers
Complies with mobile platform privacy requirements

9. Children's Privacy

Mobiqo is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately.

10. International Data Transfers

When transferring personal data internationally, we ensure adequate protection through:

Adequacy Decisions: Transfers to countries with adequate data protection
Standard Contractual Clauses: EU-approved contractual safeguards
Certification Programs: Privacy Shield successors and similar frameworks

11. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or applicable laws. We will:

Notify users of material changes via email or platform notifications
Post the updated policy on our website with a new effective date
Obtain consent where required by law

12. Legal Basis for Processing (GDPR)

We process personal data based on the following legal grounds:

Contract Performance: To provide our services as agreed
Legitimate Interest: For analytics, security, and service improvement
Legal Compliance: To comply with applicable laws and regulations
Consent: Where explicitly provided for specific processing activities

13. Contact Information

For privacy-related questions, concerns, or to exercise your rights, please contact us:

Privacy Contact: contact@getmobiqo.com
Data Controller: Alexandre Grisey
Address: 7 Allées de Chartres, 33000 Bordeaux, France
VAT Number: FR33839786431

14. Data Protection Authority

If you are not satisfied with our response to your privacy concerns, you have the right to lodge a complaint with your local data protection authority:

France (CNIL): https://www.cnil.fr
EU/EEA: Find your local authority at EDPB
California: California Attorney General

Important Note on AI Processing

When using AI features with your OpenAI API key, data processing occurs outside our direct control. We anonymize and aggregate data before sending it to OpenAI, but you should review OpenAI's privacy policy and terms of service for their data handling practices.

This Privacy Policy is designed to be transparent about our data practices while ensuring compliance with applicable privacy laws. If you have questions about any aspect of this policy, please don't hesitate to contact us.