Privacy Policy
Privacy Policy
This policy explains how Yosuble AI LLC collects, uses, stores, and protects personal data in connection with the Boutikane platform and associated services.
Introduction
Yosuble AI LLC ("we", "us", or "our") operates the Boutikane platform and related services (collectively, the "Services"). We are committed to protecting the privacy and security of your personal data.
This Privacy Policy describes the types of information we collect, how we use and protect it, and the rights you have regarding your personal data. It applies to all users of Boutikane, including business owners, sellers, and visitors to our website.
By using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree, please discontinue use of the Services.
Company Information
The data controller responsible for your personal data is:
Yosuble AI LLC
1209 Mountain Road PL NE, STE R
Albuquerque, NM 87110, United States
Email: christblehouet23@gmail.com
Personal Data We Collect
We collect only the data necessary to provide and improve our Services. This includes the following categories:
Identity & Contact Data
- Full name or business name
- Email address
- Phone number (optional)
- Business address
Account & Authentication Data
- Shop identifier (slug)
- Encrypted access code or PIN
- Session tokens
- Account creation and last login dates
Financial & Billing Data
- Subscription plan and billing status
- Payment transaction references (we do not store full card numbers)
- Invoice history
Usage & Operational Data
- Sales records, product data, and client records created within the platform
- Feature usage patterns and interaction logs
- Timestamps of actions taken within the platform
Technical Data
- IP address
- Browser type and version
- Device type and operating system
- Referring URLs and pages visited
- Cookie identifiers and session data
How We Collect Data
We collect personal data through the following means:
- Directly from you — when you register, fill in forms, or contact us
- Automatically — through your use of the platform (usage logs, technical data)
- Via cookies and similar technologies — when you browse our website
- From third-party service providers — such as payment processors or analytics platforms
Purposes of Data Processing
We use your personal data for the following purposes:
Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process personal data under the following legal bases as defined by the General Data Protection Regulation (GDPR):
Contractual Necessity (Art. 6(1)(b))
Processing required to perform the subscription contract and deliver the Services.
Consent (Art. 6(1)(a))
For marketing communications and non-essential cookies. You may withdraw consent at any time.
Legal Obligation (Art. 6(1)(c))
To comply with applicable laws, tax obligations, or regulatory requirements.
Legitimate Interests (Art. 6(1)(f))
For fraud prevention, platform security, and service improvement — where our interests do not override your fundamental rights.
Data Sharing & Third Parties
We do not sell your personal data. We may share it only in the following circumstances:
Hosting & Infrastructure
Vercel Inc. (San Francisco, CA, USA)
To host the application and serve content reliably.
Database & Storage
Supabase (PostgreSQL cloud provider)
To store and manage your account and business data securely.
Payment Processing
Payment providers (e.g., Stripe or equivalent)
To process subscription payments. We never store full payment card data.
Analytics
Privacy-respecting analytics tools
To understand platform usage and improve the product.
Legal Authorities
Courts, regulators, or law enforcement
When required by law or to protect our legal rights.
All third-party service providers are contractually required to process data only on our behalf and in accordance with applicable data protection laws.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this policy, or as required by law.
| Data Type | Retention Period |
|---|---|
| Account data | Duration of subscription + 2 years |
| Transaction & billing | 7 years (legal/tax obligation) |
| Usage & activity logs | 12 months rolling |
| Support communications | 3 years |
| Marketing consent records | Until consent is withdrawn + 1 year |
| Technical / server logs | 90 days |
After the applicable retention period, data is securely deleted or anonymized.
Data Security
We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, disclosure, alteration, or destruction. These measures include:
- Encryption of data in transit (TLS/HTTPS) and at rest
- Hashed and salted password storage — we never store plain-text credentials
- Access controls and role-based permissions within the platform
- Regular security reviews and dependency audits
- Isolated server environments with zero-trust access policies
While we take every reasonable precaution, no method of transmission over the internet is 100% secure. In the event of a data breach affecting your rights, we will notify affected users in accordance with applicable law.
Your Rights
Depending on your location, you may have the following rights regarding your personal data:
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Restriction
Ask us to restrict processing of your data in certain circumstances.
Right to Object
Object to processing based on legitimate interests or for marketing.
Withdraw Consent
Withdraw consent at any time where processing is consent-based.
Lodge a Complaint
File a complaint with your local data protection authority (DPA).
To exercise any of these rights, contact us at christblehouet23@gmail.com. We will respond within 30 days. We may ask you to verify your identity before processing sensitive requests.
International Data Transfers
Yosuble AI LLC is based in the United States. By using our Services, your personal data may be transferred to and processed in the US, which may have different data protection laws than your country of residence.
For users in the European Economic Area (EEA) or United Kingdom, we ensure that such transfers are protected by appropriate safeguards, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Working only with third-party processors who maintain adequate data protection standards
- Implementing supplementary technical measures (encryption, access controls) where required
You may request information about the specific safeguards applied to your data transfer by contacting us at christblehouet23@gmail.com.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify active users by email or in-app notification where required by law
- Where required, seek fresh consent for any new or materially changed processing activities
We encourage you to review this policy periodically. Your continued use of the Services after changes are posted constitutes acceptance of the updated policy.
Contact & Data Protection Inquiries
For any questions, concerns, or requests regarding this Privacy Policy or the handling of your personal data, please contact us:
Yosuble AI LLC — Data Privacy
1209 Mountain Road PL NE, STE R
Albuquerque, NM 87110, United States
Email: christblehouet23@gmail.com
If you are located in the EU and believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local supervisory authority (Data Protection Authority / DPA).
Questions about your data?
We take privacy seriously. Reach out and we will respond within 30 days.