Legal notice & privacy
Legal information, privacy policy and personal data protection.
Legal notice
Information required by law (LCEN, Art. 6-III)
Last updated: April 29, 2026
Website publisher
Domaine du Net, SARL with a share capital of 200 000 €
Registered office: 5 impasse Saint-Exupéry, 35520 Melesse
SIRET: 801 474 495 00018
RCS Rennes 801 474 495
EU VAT number: FR10801474495
Publication director: Julien Trotoux, Managing Director
Contact: contact@domainedunet.fr — 06 33 13 72 77
Hosting
Website hosted by Netlify, Inc. — Site web — 44 Montgomery Street, Suite 300, San Francisco, CA 94104, USA.
Website hosted by Scaleway SAS — API — 8 rue de la Ville l'Évêque, 75008 Paris, France.
Website hosted by Supabase Inc. — OAuth — 970 Toa Payoh North #07-04, Singapore 318992.
Intellectual property
All content on this website (texts, images, logos, icons, videos, layout, software) is the exclusive property of Domaine du Net or its partners and is protected by French and international intellectual property laws. Any reproduction, representation or distribution, in whole or in part, without prior written authorization is prohibited.
Limitation of liability
Domaine du Net strives to ensure the accuracy of the information published on this website, but cannot be held responsible for omissions, inaccuracies, or any damage resulting from the use of the website. Hyperlinks to other websites do not constitute an endorsement of those websites or their content.
Applicable law
These legal notices are governed by French law. Any dispute shall be subject to the exclusive jurisdiction of the courts of Rennes, France.
Personal data protection
Privacy policy compliant with GDPR (EU Regulation 2016/679)
Last updated: April 29, 2026
1. Data controller
The data controller is Domaine du Net, SARL with a share capital of 200 000 €, registered with the Rennes 801 474 495 Trade Registry, located at 5 impasse Saint-Exupéry, 35520 Melesse.
DPO contact: contact@domainedunet.fr
2. Data collected
When using this website, we may collect the following data:
- Account data: email address, display name, avatar (provided via OAuth at sign-in)
- Workspace data: name and identifier (slug) of created workspaces
- API keys: key name, creation date, last used date (the key itself is hashed and never stored in plain text)
- Content submitted via the API (texts, URLs, crawled web pages) — processed by AI models hosted in France (Mistral 7B, nomic-embed-text via Ollama) or via Anthropic's Claude API depending on the endpoint
- Usage data: requests made, endpoints called, models used, tokens consumed, response codes
- Technical data: IP address, user-agent, server logs
3. Purposes and legal basis
| Purpose | Legal basis |
|---|---|
| Provision of the Pulse service (REST API, dashboard, workspaces) | Performance of a contract (Art. 6.1.b GDPR) |
| User authentication and session management | Performance of a contract (Art. 6.1.b GDPR) |
| API key management and access control | Performance of a contract (Art. 6.1.b GDPR) |
| Usage metering and quota management (billing) | Performance of a contract (Art. 6.1.b GDPR) |
| Service monitoring, error detection and performance improvement | Legitimate interest (Art. 6.1.f GDPR) |
| Security, abuse prevention and attack protection | Legitimate interest (Art. 6.1.f GDPR) |
4. Sub-processors and recipients
Your personal data may be shared with the following sub-processors:
| Sub-processor | Role | Location | Safeguards |
|---|---|---|---|
| Netlify, Inc. | Website hosting (CDN, edge functions) | San Francisco, USA | SCC |
| Scaleway SAS | Pulse API hosting (VPS) | Paris, France | — (EU) |
| Supabase Inc. | Authentication and session management (OAuth) | European Union | — (EU) |
| Anthropic, PBC | AI processing of content submitted via the API (Claude model) | San Francisco, USA | SCC |
SCC: Standard Contractual Clauses (Art. 46.2.c GDPR). Your data is never sold to third parties for commercial purposes.
5. Retention periods
| Category | Duration |
|---|---|
| Account data | Account duration + 3 years after deletion |
| Workspace data | Workspace duration + 3 years after deletion |
| API keys | Until revoked by the user |
| Content submitted to the API | Not retained — real-time processing only |
| API usage logs | 12 months |
| Server logs | 12 months |
Beyond these periods, data is irreversibly deleted or anonymised.
6. Cookies and trackers
- Session cookies (Supabase Auth): maintaining user login and session. Strictly necessary, no consent required.
- Theme preference (local storage, key `pulse_theme`): stores your light/dark mode choice. Strictly necessary for the experience, no consent required.
You can modify your preferences through your browser settings.
7. Your rights
Under the GDPR (Art. 15–22) and the French Data Protection Act, you have the following rights:
- Right of access (Art. 15) — obtain a copy of your data
- Right to rectification (Art. 16) — correct inaccurate data
- Right to erasure (Art. 17) — request deletion
- Right to restriction (Art. 18) — restrict processing
- Right to object (Art. 21) — object to processing
- Right to data portability (Art. 20) — receive data in a structured format
- Right to withdraw consent (Art. 7.3)
To exercise these rights: contact@domainedunet.fr. We will respond within 30 days.
8. Filing a complaint
You may lodge a complaint with the CNIL — 3 Place de Fontenoy, 75334 Paris Cedex 07, France — File a complaint.
9. Security
- Encrypted communications (HTTPS/TLS)
- Strict access control to data and systems
- Regular geographically distributed backups
- API keys hashed at rest (never stored in plain text)
- Authentication delegated to Supabase Auth (OAuth 2.0) — no passwords stored
- Workspace isolation via Row-Level Security (RLS) at the database level
10. Policy updates
We reserve the right to modify this privacy policy at any time. The last updated date at the top of this section is authoritative.
11. Contact
contact@domainedunet.fr — Domaine du Net, 5 impasse Saint-Exupéry, 35520 Melesse