Berlioz.ai
Berlioz.ai

Privacy Policy

Last updated: January 2025

1. Introduction

YSS (hereinafter "we," "our," or "the Company") is committed to protecting the privacy and security of your personal data. This Privacy Policy describes how we collect, use, share, and protect your information when you use our Berlioz AI platform (hereinafter "the Platform"). This policy complies with the General Data Protection Regulation (GDPR).

2. Data we collect

We collect the following types of data:

  • Identification data: Last name, first name, email address, phone number, company, position.
  • Connection data: IP address, connection logs, browser type, operating system.
  • Usage data: Pages viewed, documents uploaded, queries performed, time spent on the Platform.
  • Payment data: Credit card information (processed securely by our payment provider Stripe).
  • User content: Documents, files, conversations, analyses generated via the Platform.

3. Use of your data

We do not analyze your client files' data (documents, conversations). Your personal data is used exclusively for the following purposes:

  • Provide and maintain the Platform services.
  • Account management: Creation and management of your user account, authentication, billing.
  • Support and assistance: Responding to your requests, resolving technical issues.
  • Service improvement: Anonymous analysis of usage (usage metrics, performance) to improve features and user experience.
  • Marketing communications: Sending newsletters, promotional offers (with your prior consent).
  • Legal compliance: Compliance with our legal obligations, fraud prevention, and protection against abuse.

4. Legal basis for processing

The processing of your data is based on the following legal grounds:

  • Performance of contract: To provide the services to which you have subscribed.
  • Consent: For sending marketing communications (you may withdraw your consent at any time).
  • Legitimate interest: To improve our services and ensure the security of the Platform.
  • Legal obligation: To comply with applicable legal obligations (accounting, taxation, etc.).

5. Sharing your data

We never sell your personal data. We may share your data with the following third parties only to the extent necessary:

  • Service providers: Hosting (AWS, Azure), payment (Stripe), email (SendGrid), analytics.
  • AI providers: OpenAI, Anthropic, Mistral (with contractual guarantee of non-use for model training).
  • Legal authorities: If required by law or to protect our legal rights.

6. Security of your data

We implement robust technical and organizational measures to protect your data:

  • Encryption: End-to-end AES-256 encryption for your documents and conversations.
  • European hosting: Exclusive storage in the European Union (Paris region) on infrastructure certified ISO 27001, SOC 2, and HDS compliant.
  • Restricted access: Only authorized employees have access to data in the strict framework of their duties.

7. Your rights

In accordance with GDPR, you have the following rights:

  • Right of access: Obtain a copy of your personal data.
  • Right of rectification: Correct inaccurate or incomplete data.
  • Right to erasure: Request deletion of your data ("right to be forgotten").
  • Right to restriction of processing: Restrict the processing of your data in certain cases.
  • Right to object: Object to the processing of your data for legitimate reasons.
  • Right to portability: Receive your data in a structured and commonly used format.

8. Retention period

We retain your personal data only for the period necessary for the purposes for which it was collected:

  • Account data: Throughout the duration of your subscription + 60 days after termination (unless otherwise requested).
  • Payment data: In accordance with legal accounting and tax obligations (10 years).
  • Support data: 3 years after the last interaction.

9. Use of artificial intelligence

The Platform uses artificial intelligence technologies provided by third-party partners (OpenAI, Anthropic, Mistral). In this regard:

  • Your data is NEVER used to train AI models. We have contractual guarantees with our providers to this effect.
  • Documents and conversations are processed confidentially and securely via encrypted APIs.
  • We use European infrastructure (Azure EU) for AI processing when available.

10. Cookies and similar technologies

We use essential cookies for the Platform's operation (authentication, preferences). We also use analytical cookies (with your consent) to improve our services. You can manage your cookie preferences via your browser settings.

11. Contact us

For any questions regarding this Privacy Policy or to exercise your rights, you can contact us:

  • Email: rgpd@berlioz.ai
  • Address: YSS, 179 chemin des Confertes, 74500 Neuvecelle, France
  • Data Protection Officer (DPO): dpo@berlioz.ai
  • You also have the right to file a complaint with the National Commission on Informatics and Liberty (CNIL): www.cnil.fr

Useful links

Terms of ServiceContact Us