← Back to homepage
Privacy Policy
Last updated: April 23, 2026 · GDPR compliant
1. Data Controller
EntrepriseConnect (Dakar, Senegal) is the data controller for personal data processed via the Service. Contact: privacy@ldentreprise.com
2. Data We Collect
| Category | Examples | Purpose |
|---|
| Identity | Name, email, phone | Account creation, communication |
| Business | Company name, business ID (NINEA/SIRET/EIN) | Verification, billing |
| Technical | IP address, browser, device | Security, fraud prevention |
| Usage | Features used, login times | Service improvement |
| Content | Messages, files, call logs | Provide Service (encrypted) |
| Financial | Payment tokens (not card numbers) | Process subscriptions |
3. Legal Basis (GDPR Article 6)
- Contract: Providing the Service you subscribed to
- Legitimate Interest: Fraud prevention, security, product improvement
- Consent: Marketing communications (opt-in)
- Legal Obligation: Tax and accounting records
4. How We Use Your Data
- Provide and maintain the Service
- Process payments and subscriptions
- Send important account notifications
- Detect and prevent fraud/abuse
- Comply with legal obligations
- Improve features (anonymized analytics)
5. Data Sharing
We DO NOT sell your data. We share data only with:
- Infrastructure providers: Hetzner (hosting, EU)
- Payment processors: Stripe, PayPal, Wave, Orange Money
- Email service: SendGrid (transactional only)
- Legal authorities: When required by law
6. Your Rights (GDPR)
You have the right to:
- Access: Request a copy of your data
- Rectification: Correct inaccurate data
- Erasure ("right to be forgotten"): Delete your account and data
- Portability: Export your data in standard format (JSON/CSV)
- Restriction: Limit how we use your data
- Objection: Opt out of marketing
- Withdraw consent: Anytime, without affecting past processing
To exercise rights: email privacy@ldentreprise.com. Response within 30 days.
7. Data Security
- TLS 1.3 encryption in transit
- AES-256 encryption at rest
- Multi-tenant isolation (separate DB schema per company)
- Password hashing (bcrypt)
- MFA available for all accounts
- Regular security audits
- Encrypted daily backups
8. Data Retention
- Active accounts: Data kept while subscription active
- Cancelled accounts: 30 days grace period for export
- Deleted accounts: Permanently removed after 30 days
- Legal records: Invoices kept 10 years (tax law)
- Logs: Security logs kept 12 months
9. International Transfers
Data may be transferred to EU (Hetzner Germany). All transfers use Standard Contractual Clauses (SCC) and encryption.
10. Cookies
See our Cookie Policy for details.
11. Children
The Service is not intended for users under 16. We do not knowingly collect data from children.
12. Changes
We'll notify you of material changes 30 days in advance via email.
13. Complaints
You have the right to lodge a complaint with your local data protection authority (e.g., CNIL in France, CDP in Senegal).
14. Contact
Data Protection Officer: dpo@ldentreprise.com