Privacy Policy

Last updated: February 3, 2026

Welcome to Monsieur Chouchou. This privacy policy explains how we collect, use, store, and protect your personal data when you use our pastry recipe application.

We are committed to protecting your privacy in compliance with the General Data Protection Regulation (GDPR) and applicable data protection laws.

Data Controller:

Jeremy Thiriez

Sole Proprietor - SIRET: 838 326 403 00014

Paris, France

Email: contact@monsieurchouchou.com

1. Data We Collect

1.1 Data You Provide to Us

  • Email: Account creation, notifications, waitlist (legal basis: consent)
  • Name / Username: Personalization of your experience (legal basis: consent)
  • Profile Photo: Personalization of your account (legal basis: consent)
  • Recipes Created: Service delivery (legal basis: contract performance)
  • Favorites and Shopping List: Service features (legal basis: contract performance)

1.2 Data Automatically Collected

  • Browsing Data: Service improvement, analytics (legal basis: legitimate interest)
  • IP Address: Security, abuse prevention (legal basis: legitimate interest)
  • Device / Browser Type: Experience optimization (legal basis: legitimate interest)

2. How We Use Your Data

  • Provide the Service: Create and manage your account, display your recipes and favorites
  • Improve the Service: Analyze usage to optimize your user experience
  • Communicate with You: Send important notifications about the service
  • Ensure Security: Prevent abuse and protect our users

We never sell your personal data.

3. Sharing Your Data

We share your data only with technical providers necessary for service operation:

  • Supabase: Database, authentication (Paris, France - EU)
  • Vercel: Hosting (Global, origin EU)
  • PostHog: Analytics (European Union)
  • Sentry: Error monitoring, stability improvement (European Union)

All our service providers are GDPR compliant and have signed appropriate contractual agreements.

We do not share your data with advertisers or third parties for advertising purposes.

4. International Transfers

Your data is primarily stored in the European Union:

  • Database: Paris, France (Supabase eu-west-3)
  • Analytics: European Union (PostHog EU)

For services using global infrastructure (Vercel), appropriate safeguards are in place in compliance with GDPR (standard contractual clauses).

5. Data Retention

  • User Account: Until account deletion + 30 days
  • Browsing Data: Maximum 13 months
  • Waitlist: Until public launch or unsubscribe
  • Security Logs: 12 months

After account deletion, your data is permanently erased within 30 days, unless there is a legal obligation to retain it.

6. Your Rights (GDPR)

In accordance with GDPR, you have the following rights:

  • Access: Obtain a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Deletion: Request erasure of your data ("right to be forgotten")
  • Restriction: Restrict processing of your data
  • Portability: Receive your data in a structured format
  • Objection: Object to processing of your data
  • Withdrawal of Consent: Withdraw your consent at any time

How to Exercise Your Rights

By Email: contact@monsieurchouchou.com

We will respond to your request within 30 days. To protect your data, we may ask you to verify your identity.

File a Complaint

If you believe your rights are not being respected, you may file a complaint with your local data protection authority. For residents in the EU, contact the CNIL (France):

CNIL (National Commission for Computing and Liberty)

3 Place de Fontenoy, TSA 80715

75334 Paris Cedex 07, France

www.cnil.fr

7. Cookies

7.1 Essential Cookies (Always Active)

  • Authentication Session: Keep you logged in (duration: session)
  • User Preferences: Dark/light theme (duration: 1 year)

7.2 Analytical Cookies

We use PostHog to understand how you use the service. This data is anonymized and hosted in the European Union (duration: 13 months).

7.3 Manage Your Preferences

You can disable analytical cookies in your browser settings. Essential cookies cannot be disabled as they are required for service operation.

8. Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption: All communications are encrypted (HTTPS/TLS)
  • Secure Authentication: Session management via Supabase Auth
  • Restricted Access: Only authorized personnel have access to data
  • Secure Hosting: Infrastructure compliant with security standards

In case of a data breach, we will notify you within 72 hours in accordance with GDPR.

9. Minors

The service is open to all pastry lovers!

If you are under 16 years old, we ask that you obtain parental or legal guardian consent before creating an account, in accordance with European data protection regulations (GDPR).

10. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or for legal reasons.

For substantial changes, we will notify you by email or through a notification in the application.

11. Contact

For any questions about this privacy policy or your personal data:

Email: contact@monsieurchouchou.com

Jeremy Thiriez
Paris, France

We are committed to responding to any request within 30 days.

Simplified Summary

What We Do

  • ✓ Collect only necessary data
  • ✓ Store your data in Europe (Paris)
  • ✓ Secure your data (encryption)
  • ✓ Allow you to delete your data
  • ✓ Be transparent about our practices

What We Don't Do

  • ✗ Sell your data
  • ✗ Share with advertisers
  • ✗ Track you for commercial purposes
  • ✗ Retain your data indefinitely
  • ✗ Use your data without valid reason
Legal NoticeTerms of ServiceBack to Home