Privacy Policy
Last updated: March 9, 2026
1. Data controller
Julien Pipard
Sole proprietor (auto-entrepreneur) — SIRET: 851 981 365 00022
Appartement B306, Résidence La Citta
245 Rue Neil Armstrong, La Duranne
13100 Aix-en-Provence, France
Email: hello@allkemix.com
2. Data collected and purposes
We collect and process the following data for the operation of the service:
| Data | Purpose | Legal basis (GDPR) |
|---|---|---|
| Email address | Account creation and management | Performance of contract (Art. 6.1.b) |
| Name / pseudonym | Profile display | Performance of contract (Art. 6.1.b) |
| Avatar, cover photo | Profile personalization | Consent (Art. 6.1.a) |
| Created content (guides, places, media) | Display and sharing between users | Performance of contract (Art. 6.1.b) |
| Photos and videos | Place illustration | Consent (Art. 6.1.a) |
| Voice recordings (voice notes) | Audio notes associated with places | Consent (Art. 6.1.a) |
| Coordinates of saved places | Map display | Performance of contract (Art. 6.1.b) |
| Device GPS position | Map, nearby places, adding places | Consent (Art. 6.1.a) |
| Push notification token (FCM) | Sending push notifications | Consent (Art. 6.1.a) |
| Login identifier (Google OAuth, Apple Sign In) | Social authentication | Performance of contract (Art. 6.1.b) |
| Import files (Mapstr, Google Maps) | Importing places from other services | Consent (Art. 6.1.a) |
| Technical logs (IP, user-agent, timestamps) | Security, abuse detection, debugging | Legitimate interest (Art. 6.1.f) |
Location data: When you grant location access, Peeble uses your GPS position to display your location on the map and suggest nearby places. Your position is never stored on our servers and is only used in real-time on your device. Geographic coordinates associated with places you create are voluntarily entered.
Voice recordings: Peeble allows you to record voice notes associated with your places. Microphone access is only triggered by a voluntary action on your part. Recordings are stored on our servers (Supabase Storage) and deleted when the associated place or account is deleted.
Data import: If you choose to import your data from Mapstr or Google Maps, the uploaded files are processed server-side to extract places, then deleted after processing.
Photo metadata (EXIF): When you add a place via a geolocated photo, Peeble reads the EXIF metadata (GPS coordinates) from the photo locally on your device. This metadata is not transmitted to our servers.
Sensitive data: Peeble does not collect any sensitive data as defined by GDPR Article 9 (racial origin, political opinions, health data, etc.).
3. Sub-processors and data transfers
We use the following sub-processors:
| Sub-processor | Role | Location | Safeguards |
|---|---|---|---|
| OVH SAS | API and database hosting | 🇫🇷 France (Roubaix) | Data in EU |
| Supabase Inc. | Authentication, file storage | 🇪🇺 EU / 🇺🇸 USA | DPA available, EU-US Data Privacy Framework |
| Google LLC | Places API, OAuth, Firebase (push notifications) | 🇺🇸 USA | Standard Contractual Clauses (SCC), DPF |
| Mapbox Inc. | Map display | 🇺🇸 USA | Standard Contractual Clauses (SCC) |
Some data may be transferred outside the European Economic Area (EEA). In such cases, we ensure appropriate safeguards are in place in accordance with GDPR Chapter V.
4. Data retention
- Account data: retained throughout the use of the service, then deleted upon user request or account deletion.
- User content (guides, places, media): retained for the duration of the account.
- Technical logs: retained for a maximum of 90 days.
- FCM tokens: deleted upon logout or account deletion.
5. Your rights
Under the GDPR and applicable data protection laws, you have the following rights:
- Right of access (Art. 15): obtain a copy of your personal data.
- Right to rectification (Art. 16): correct inaccurate data.
- Right to erasure (Art. 17): request deletion of your account and data. You can delete your account directly from the app settings.
- Right to data portability (Art. 20): receive your data in a structured, machine-readable format. You can export your data directly from the app settings.
- Right to restriction (Art. 18): temporarily restrict processing.
- Right to object (Art. 21): object to processing based on legitimate interest.
To exercise these rights, contact us at: hello@allkemix.com
You also have the right to lodge a complaint with a supervisory authority. In France, this is the Commission Nationale de l'Informatique et des Libertés (CNIL):
www.cnil.fr
6. Cookies and tracking
Peeble is a mobile application that uses no cookies, no advertising trackers, and no behavioral analytics tools. No data is collected for advertising purposes.
7. Security
We implement appropriate technical and organizational measures to protect your data:
- Encrypted communications (HTTPS/TLS)
- JWT authentication (secure tokens)
- Rate limiting to prevent abuse
- Automatic database backups
- No plaintext password storage (delegated to Supabase Auth)
8. Children
Peeble is not intended for children under 15 years of age. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at hello@allkemix.com so we can delete it.
9. Changes
We reserve the right to modify this privacy policy at any time. In case of substantial changes, users will be informed via in-app notification or email.
10. Service status
Peeble is currently offered as a public beta. No monetization features are active at this time.