Privacy Policy
How we collect, use, and protect your data
This privacy policy explains how SASU Dynamic Foundries ("we", "us", "our") collects, uses, and protects your personal data when you use ViewPeek ("the Service"), available at https://viewpeek.com, in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR") and French Law No. 78-17 of 6 January 1978 (Loi Informatique et Libertés).
Data Controller
- Company: SASU Dynamic Foundries (RCS Paris 102 801 206, SIREN 102801206)
- Address: 15 Boulevard Saint-Marcel, 75013 Paris, France
- Email: contact@dynamic-foundries.com
Data We Collect
Data you provide
- Account data: name, email address, password (hashed), profile information
- Billing data: payment method details are processed directly by Stripe and are not stored on our servers. We store your Stripe customer ID, subscription plan, and billing history.
- Service data: monitor configurations (the URLs, hostnames, and domains you choose to monitor) and the check results produced by our monitoring agents (HTTP status, response times, SSL expiry data, ping latency, sitemap fetch results)
- Communication data: messages sent to our support team
Data collected automatically
- Technical data: IP address, browser type and version, operating system, device type, screen resolution
- Usage data: pages visited, features used, time spent, referral source, date and time of access
- Cookies: see the Cookies section below
Purpose and Legal Basis
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Account creation and management | Performance of contract (Art. 6(1)(b)) |
| Providing the Service | Performance of contract (Art. 6(1)(b)) |
| Payment processing and billing | Performance of contract (Art. 6(1)(b)) |
| Customer support | Performance of contract (Art. 6(1)(b)) |
| Website analytics (Google Analytics, consent-gated) | Consent (Art. 6(1)(a)) |
| Security and fraud prevention | Legitimate interest (Art. 6(1)(f)) |
| Legal and regulatory compliance | Legal obligation (Art. 6(1)(c)) |
| Marketing communications (with opt-in) | Consent (Art. 6(1)(a)) |
Data Retention
| Data type | Retention period |
|---|---|
| Account data | Duration of the account; deleted within 30 days of account closure |
| Billing and invoice data | 10 years (French accounting obligations, Art. L123-22 Code de commerce) |
| Service data (monitor configurations and check results) | Duration of the account; deleted within 30 days of account closure |
| Analytics data | 26 months |
| Server logs | 12 months |
| Support communications | 3 years after resolution |
Sub-processors
We use the following third-party services that may process your data:
| Service | Purpose | Location |
|---|---|---|
| OVH SAS | Web hosting, PostgreSQL database, and mail server hosting | France (EU) |
| Stripe Payments Europe Ltd. (with transfers to Stripe, Inc. — US) | Payment processing | Ireland (EU); transfers to the US under EU-US Data Privacy Framework |
| Google LLC (Google Analytics) | Website analytics (consent-gated) | United States (EU-US Data Privacy Framework) |
| Google LLC (Google Fonts) | Delivery of web fonts (IP address is shared with Google as a technical necessity of font delivery) | United States (EU-US Data Privacy Framework) |
| Tailwind Labs, Inc. (Tailwind CDN) | Delivery of the Tailwind CSS framework used to style the site (IP address is shared with the CDN as a technical necessity of file delivery) | United States (EU-US Data Privacy Framework) |
| Cloudflare, Inc. and its EU affiliates (Turnstile) | CAPTCHA / bot protection on registration and authentication forms | EU and United States (EU-US Data Privacy Framework) |
Cookies
This Service uses cookies — small text files stored on your device — for the following purposes:
- Essential cookies: required for authentication, session management, and security (e.g., CSRF protection). These do not require consent.
- Functional cookies: remember your preferences and settings.
- Analytics cookies: used to understand how visitors interact with the Service (e.g., Google Analytics). These are placed only with your consent.
You can manage cookie preferences through your browser settings at any time. Disabling essential cookies may prevent you from using the Service.
Data Security
We implement appropriate technical and organizational measures to protect your personal data, including:
- Encryption in transit (TLS/HTTPS)
- Passwords stored using a strong, salted, industry-standard one-way hashing function
- Regular security updates and patching
- Access controls and authentication for internal systems
- Web Application Firewall (WAF)
No method of transmission or storage is 100% secure. If you discover a security vulnerability, please contact us immediately at contact@dynamic-foundries.com.
Your Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15) — obtain a copy of your personal data
- Right to rectification (Art. 16) — correct inaccurate data
- Right to erasure (Art. 17) — request deletion of your data
- Right to restrict processing (Art. 18) — limit how we use your data
- Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
- Right to object (Art. 21) — object to processing based on legitimate interest
- Right to withdraw consent (Art. 7(3)) — withdraw consent at any time for consent-based processing
To exercise any of these rights, contact us at contact@dynamic-foundries.com. We will respond within 30 days. You may also delete your account and associated data directly from your account settings.
If you believe your rights have not been respected, you may file a complaint with the French data protection authority:
- CNIL — Commission Nationale de l'Informatique et des Libertés
- 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07
- www.cnil.fr
International Transfers
Some of our sub-processors may transfer data outside the European Economic Area (EEA). When this occurs, we ensure appropriate safeguards are in place, including the EU-US Data Privacy Framework or Standard Contractual Clauses (SCCs) as approved by the European Commission.
Children's Privacy
This Service is not intended for children under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.
Changes to This Policy
We may update this privacy policy from time to time. If we make material changes, we will notify you via email or through the Service. The date of the last update is indicated below.
Last updated: May 2026