OppenlyOppenly

Privacy Policy

Last updated : 2026-04-24

DigitalCreator (SASU) (publisher of Oppenly) respects your privacy and is committed to protecting your personal data in compliance with the GDPR.

1 — Data controller

DigitalCreator (SASU)
60 rue François 1er, 75008 Paris, France
Email: contact@digitalcreator.ovh

2 — Data collected

  • During a purchase: email, first/last name (optional), payment info (handled exclusively by Stripe, not stored by us)
  • During browsing: pages visited, hashed IP address, browser type, language
  • When contacting support: email and message content

3 — Purposes

  • Process orders and deliver your products
  • Send confirmation and support emails
  • Improve our products via anonymized usage statistics
  • Comply with our accounting and legal obligations

4 — Legal bases

  • Contract performance: order processing, delivery
  • Consent: marketing emails (future, explicit opt-in)
  • Legitimate interest: site security, anonymous statistics
  • Legal obligation: invoice retention (10 years)

5 — Third-party processors

  • Stripe (payment) — PCI-DSS certified
  • Neon (database) — EU hosting (Frankfurt)
  • Vercel (site hosting) — framed transfers
  • Resend (transactional emails) — EU hosting
  • Loops (marketing emails, upcoming) — explicit consent required

6 — Retention periods

  • Order data: 10 years (accounting obligation)
  • Marketing email: until unsubscribe or 3 years of inactivity
  • Technical logs: maximum 12 months

7 — Your GDPR rights

You have the following rights, free of charge and at any time:

  • Access
  • Rectification
  • Erasure("right to be forgotten")
  • Restriction
  • Portability
  • Objection
  • Withdraw consent at any time

To exercise your rights: contact@digitalcreator.ovh. We respond within 30 days. If your rights are not respected, you may lodge a complaint with the CNIL (French DPA): www.cnil.fr.

8 — Cookies and trackers

Oppenly uses no third-party cookie (no Google Analytics, no Facebook Pixel). Our audience statistics are measured via hashed IP+User-Agent+salt (no cookies, anonymized). Our cookies are limited to: admin session cookie and language preference cookie.

9 — Security

We implement technical measures (HTTPS, data encryption in transit, bcrypt password hashing, webhook signatures, rate limiting) and organizational measures to protect your data.

10 — Minors

The site is intended for adults. We do not knowingly collect data concerning minors under 15. Contact us for immediate deletion.

11 — Changes

This policy may be modified. You will be informed of substantial changes. The current version is always available on this page.

The French version of this page is the legally binding reference.