Privacy Policy

01Controller

The controller of the processing activities described in this policy is SBCQ SAS, registered at 48 Quai Clémenceau, 69300 Caluire-et-Cuire (SIREN 104 445 093 00016, RCS Lyon 104 445 093).

For any question about your data, you may contact us at [email protected].

02Who this policy applies to

This policy applies to three categories of people:

• Website visitors: people who browse the public pages without creating an account (marketing, pricing, blog, contact form).
• Business customers and their users: holders of an account on the Service, acting under a subscription taken out by a professional.
• Review authors: people whose public reviews are aggregated from third-party platforms connected by our customers (notably Google Business Profile). In this latter case, our business customer is the controller and we act as processor within the meaning of the GDPR (see DPA).

03Data we collect

04Purposes and legal bases

05Retention periods

Active account data

Throughout the subscription, then 30 days after termination to allow data export.

Inactive account / unconverted trial

90 days after the end of activity, then automatic deletion.

Invoices and accounting records

10 years from the fiscal year-end (art. L. 123-22 of the French Commercial Code).

Technical logs and audit trail

12 months, unless longer retention is required for security logs.

Review authors' data

Retention period defined by our business customer (controller). By default, we retain the data as long as it remains available on the source platform and the subscription is active. Deletion of a review on the source platform triggers its deletion within the Service at the next synchronisation cycle.

Third-party platform authentication tokens (Google, Meta)

Throughout the duration of the connection. Deleted immediately when the customer disconnects, when access is revoked from the third-party platform, or when the subscription is terminated. Meta tokens are also purged within 30 days upon receipt of a request via the Data Deletion Callback (see "Connected third-party platforms").

Prospects who filled a form without subscribing

3 years from the last contact.

06Recipients and processors

Your data may be shared with the following recipients, strictly to the extent necessary for the purposes set out above:

• authorised members of the Ma Belle Note team (engineering, support, finance);
• our technical sub-processors, listed in the DPA (hosting, email delivery, payment, AI model providers, monitoring and security);
• competent administrative and judicial authorities, on legally compliant requests;
• a potential acquirer or successor in the context of a sale, merger or restructuring, subject to equivalent confidentiality and protection undertakings.

We do not sell or rent your data to third parties for commercial purposes. The up-to-date list of our sub-processors is maintained in the DPA schedule.

07Connected third-party platforms

The Service allows our business customers to connect the public review platforms they use, so that Ma Belle Note can fetch and centralise their reviews. Connections are initiated only at the explicit request of the customer (clicking a dedicated button inside the application). For each platform, we strictly limit ourselves to the permissions and data necessary to centralise, analyse and — where the platform allows it — publish the customer's replies.

Google Business Profile — OAuth connection (Google Identity).

Permissions requested

`https://www.googleapis.com/auth/business.manage` (list the Locations the customer manages, read published reviews, post replies the customer has approved) plus the standard identity scopes `openid`, `email`, `profile` (display the connected Google account). The detail and justification of each scope are set out on the Google API Disclosure page accessible from the footer.

Data fetched

Location profile (name, address, opening hours, category), public reviews (text, rating, author as published, date, public photos), public replies.

Retention

Throughout the duration of the connection. Product cache limited to 30 days, then re-fetched from Google.

Revocation

(a) "Disconnect" button in Settings → Google connection; (b) `https://myaccount.google.com/permissions` from the Google account itself. Revocation immediately stops synchronisation and triggers deletion of stored tokens.

TripAdvisor — Read-only access via the TripAdvisor Content API (Ma Belle Note publisher key). The customer identifies their Location by pasting its TripAdvisor URL, searching by name + city, or entering its public identifier directly.

Permissions requested

No user permission is required — TripAdvisor reviews are public. The customer confirms within the Service that they are the owner or manager of the Location.

Data fetched

Public Location metadata (name, address, category), recent public reviews (text, rating, author as published, date, detected language), backlink to the original review on tripadvisor.com.

Retention

Periodic re-fetch in line with the TripAdvisor Content API terms of use. Deletion of a review on TripAdvisor causes its disappearance within the Service at the next synchronisation cycle.

Revocation

The customer may at any time disable the TripAdvisor connection from Location settings, which stops synchronisation.

Display compliance

TripAdvisor's Display Requirements are strictly observed: visible TripAdvisor logo on every review, clickable backlink to the source review, attribution of ratings and photos.

Strict read-only

No reply, no flag, no write action is ever sent to TripAdvisor from the Service. When the customer wishes to reply, the Service provides a copyable draft and a deep link to the platform.

Meta — Facebook (Pages) — OAuth connection via Facebook Login for Business. The customer signs in with their personal Facebook account that is admin of a Business Page, and authorises Ma Belle Note to read the Recommendations and visitor content of the Page(s) they select.

Permissions requested (scopes)

`pages_show_list` — list the Pages the customer administers, so they can choose which to connect. `pages_read_engagement` — read the Recommendations published on the Page (binary "Recommends" / "Does not recommend" + free text). `pages_read_user_content` — read content posted by visitors on the Page (comments, mentions tied to Recommendations). No write permission is requested — the integration is strictly read-only.

Data fetched

Identifier and name of connected Pages, public Recommendations (binary sentiment + free text where present), publication date, author as published on Facebook, technical identifiers required for review uniqueness. No data from the customer's social graph (friends, groups, private messages) is read.

Token retention

The Page access token (long-lived, ~60 days) is stored encrypted at rest on our servers, never exposed to the customer's browser, never shared with any third party. The token is renewed automatically on the server before expiry. On failure, the customer is prompted to reconnect their Page.

Review retention

Imported Recommendations are retained for the duration of the connection. On voluntary disconnection, on revocation from Facebook, or on subscription termination, historical Recommendations remain visible for 30 days to allow export, then are purged. Deletion of a Recommendation on Facebook causes its disappearance within the Service at the next cycle.

Revocation

Three independent channels: (a) "Disconnect" button in Location Settings → Review sources; (b) revocation from Facebook (Settings & privacy → Settings → Apps and websites → Ma Belle Note → Remove), which severs access immediately; (c) Meta Data Deletion Callback — Meta automatically notifies Ma Belle Note via a public callback URL whenever a user revokes the application. Upon receiving such a notification, Ma Belle Note purges the associated data within a maximum of 30 days and confirms deletion to Meta, in accordance with the Platform Terms.

Strict read-only

No reply, no comment, no publication, no moderation, no write action is ever sent to Facebook from the Service. When the customer wishes to reply to a Recommendation, the Service provides a copyable draft and a deep link to the platform.

Note on Facebook Recommendations

Since 2018, Facebook has replaced star ratings with binary Recommendations ("Recommends" / "Does not recommend"). The Service displays these reviews with a dedicated badge and applies, for the all-channel weighted rating computation, a configurable equivalence that is made transparent on the dashboard.

The business customer remains in control of every active connection at all times via Location Settings. No connection is ever established without an explicit action by the customer, and every connection can be revoked by them at any time, either from within the Service or from the third-party platform itself.

08Transfers outside the European Union

Some of our sub-processors (notably the AI model providers) are established outside the European Union, including in the United States. Such transfers are framed by:

• an adequacy decision of the European Commission where one exists (e.g. EU-US Data Privacy Framework for certified organisations);
• failing that, the European Commission's Standard Contractual Clauses (SCCs), supplemented by additional technical and organisational measures (encryption, pseudonymisation, minimisation);
• a Transfer Impact Assessment (TIA) for every sub-processor not covered by an adequacy decision.

Details of the transfers are set out in the DPA.

09Cookies and trackers

The marketing website uses a limited number of cookies, strictly necessary to operation (language preference, light/dark theme, session) or subject to your consent (anonymised analytics, support tools).

No third-party advertising cookie is set upon entering the website. You may change your choices at any time via the consent module accessible at the bottom of the page.

10Security

We implement state-of-the-art technical and organisational measures to protect your data: transport encryption (TLS 1.2+), encryption at rest, password hashing (bcrypt/Argon2), role-based access control, sensitive-action logging, continuous monitoring, vulnerability management, disaster recovery plan, and encrypted backups.

Despite our efforts, no system can guarantee absolute security. In the event of a personal data breach likely to cause a risk to your rights and freedoms, we will notify the French Data Protection Authority (CNIL) within 72 hours and, where applicable, affected individuals as soon as possible.

11Your rights

Under the GDPR, you have the following rights:

• Right of access: obtain confirmation that your data is being processed and receive a copy.
• Right to rectification: have inaccurate or incomplete data corrected.
• Right to erasure: request deletion of your data in the cases provided by law.
• Right to restriction: have processing temporarily frozen.
• Right to portability: receive your data in a structured, machine-readable format.
• Right to object: object to a processing based on legitimate interest or to commercial prospecting.
• Right to issue post-mortem directives on the fate of your data.

You may exercise these rights by writing to [email protected]. We respond within a maximum of one month, extendable by two further months for complex requests.

If you believe your rights are not being respected, you may lodge a complaint with the French Data Protection Authority (CNIL), 3 place de Fontenoy, 75007 Paris — www.cnil.fr.

12Minors

The Service is intended for professional use and is not designed to be used by minors. No data collection is intentionally directed toward people under 15 years old. If you believe a minor has created an account, contact our DPO to obtain immediate deletion of the associated data.

13Changes to this policy

This policy may change to reflect evolutions of the Service, our sub-processors, or applicable regulation. Any material change is notified by email and within the Service at least 30 days before it takes effect. The current version remains permanently accessible from the website footer.