DealTrainerDealTrainer

Privacy Policy

1. Introduction

DealTrainer places great importance on protecting your personal data.

This privacy policy explains what data we collect, why, and how we use it, in accordance with GDPR and SOC2 standards.

2. Data Collected

Upon registration:

  • Email address
  • Name/surname (optional)

When using the service:

  • Simulation history
  • Messages exchanged with AI
  • Scores and evaluations

Payment data:

Banking data is processed directly by Stripe (PCI-DSS Level 1). We do not store any banking data.

3. Purpose of Data

We use your data only to:

  • Provide you with the service (simulations, feedback)
  • Manage your account and subscription
  • Improve service quality
  • Send you important notifications (if accepted)

4. Legal Basis

The processing of your data is based on:

  • Contract execution: to provide the service you subscribed to
  • Legitimate interest: to improve our service
  • Consent: for optional communications

5. Data Retention

Your data is retained as long as your account is active.

After account deletion, your data is erased within 30 days.

Financial data is retained for 10 years for accounting purposes.

6. Data Hosting

Firebase (Google Cloud Platform): Hosted in the European Union

Vercel: CDN and frontend hosting

OpenAI: Simulation processing (anonymized data)

7. Data Sharing

We do not sell or rent your personal data to third parties.

Your data may be shared only with:

  • Stripe: to process payments
  • OpenAI: to generate AI responses (anonymized data)

8. Your Rights (GDPR)

You have the following rights:

  • Right of access: obtain a copy of your data
  • Right of rectification: correct inaccurate data
  • Right to erasure: delete your account and data
  • Right to object: refuse certain processing
  • Right to portability: recover your data in a structured format
  • Right to lodge a complaint: with the CNIL (France) or your local data protection authority

To exercise these rights, contact us at contact@deal-trainer.com

9. Security

We implement technical and organizational measures to protect your data:

  • HTTPS encryption
  • Secure authentication (Firebase Auth)
  • Restricted data access
  • Regular security audits
  • SOC2 Type II compliance

10. Cookies

We only use cookies strictly necessary for operation:

  • Authentication session
  • User preferences

No advertising tracking cookies are used. For more details, see our Cookie Policy.

11. Policy Modifications

We may modify this privacy policy at any time.

In case of substantial modification, you will be notified by email.

12. Contact

For any questions regarding your personal data: contact@deal-trainer.com