Privacy policy
The MVP is designed to minimize data collection: drafts live in your browser by default, sensitive portal credentials are not requested, and generated outputs are not kept server-side by default.
Controller
| Controller | LEPHAY Yann |
|---|---|
| Status | Entrepreneur individuel |
| SIRET | 899 650 204 00022 |
| Address | 53 Avenue Charles de Gaulle, 57530 Courcelles-Chaussy, France |
| contact [at] delawarefranchisedesk.com |
Data we process
| Draft answers | Facts you enter in the wizard, stored in browser localStorage by default. |
|---|---|
| Generated outputs | Packet preview, checklist, and passport generated from your inputs. |
| Billing | Email, transaction ID, amount, product, and payment status when checkout is enabled. |
| Support | Messages and attachments you choose to send to support. |
| Technical logs | IP address, user agent, timestamps, errors, and security events. |
Data we do not want in the MVP
- Portal credentials, OTP codes, security questions, or government account passwords.
- Full SSNs, ITINs, dates of birth, payment card PANs, CVV codes, or bank credentials unless a future reviewed workflow expressly requires them.
- Signed documents, IDs, brokerage account credentials, or full asset registers after output generation unless you explicitly send them for support.
- Customer content for training general-purpose AI models.
- Session replay, keystroke logging, clipboard capture, or heatmaps on sensitive wizard pages.
Why we process data
- To run the wizard and generate your packet/passport.
- To process payments and issue billing records.
- To answer support, billing, privacy, or security requests.
- To keep the service secure and diagnose technical failures.
- To comply with accounting, tax, fraud-prevention, and legal obligations.
Processors
The production service may use infrastructure, CDN, payment, email, error monitoring, and support providers. Current expected providers include Cloudflare, Stripe, and transactional email infrastructure when those features are enabled.
If AI extraction is added, the provider, data categories, retention settings, and opt-in flow must be listed here before launch.
Retention
| Browser drafts | Stored locally until you reset the wizard, clear browser storage, or overwrite the draft. |
|---|---|
| Generated PDFs/passports | Not stored server-side by default after generation in the MVP. |
| Billing records | Kept as long as needed for accounting, tax, chargeback, and fraud-prevention obligations. |
| Support attachments | Deleted after resolution plus a short operational window unless retention is required for a dispute. |
| Security logs | Kept for a limited period unless needed for incident response, abuse prevention, or legal hold. |
Your rights
Depending on where you live, you may have rights to access, correct, delete, export, restrict, or object to certain processing. Contact contact [at] delawarefranchisedesk.com to exercise privacy rights.
If GDPR applies, you may also complain to a competent data protection authority.
Security
- HTTPS on production domains.
- Least-privilege access for admin tools.
- Payment processing through a PCI-focused processor.
- No collection of official portal credentials.
- Data minimization by default.