This is a translation provided for convenience. The French version remains the legal reference.

Privacy policy

Last updated: 20.06.2026

Data controller

Ergopix Sàrl
Avenue Nestlé 22, 1800 Vevey, Switzerland
Business ID: CHE-114.096.277
Contact: hello@plumeo.ch

Data we collect

• Account: email, password (hashed), brand name, login history.
• Content: generated posts, brand voice, editorial calendar.
• OAuth tokens: encrypted tokens for publishing to LinkedIn / Meta (never the network passwords).
• Billing: email, Stripe ID (card data lives at Stripe, never with us).
• Technical logs: IP address, user-agent, timestamps of critical actions. Kept for 30 days.

Purposes

• Provide the service (generation, publishing, calendar).
• Billing and accounting.
• Security (abuse detection).
• Transactional communication (invoices, alerts, end of trial).

Hosting

All data is hosted in Switzerland on Infomaniak infrastructure (Geneva data centres). Content you publish is sent to the social networks' APIs (LinkedIn, Meta) at the moment of publishing, but is not stored at those third parties on our initiative.

AI models

When generating a post, the source content and your voice profile are sent to the chosen AI provider (Anthropic, OpenAI, Mistral or Infomaniak AI Tools). None of these providers reuse your data to train their models — their B2B API terms expressly exclude that.

Retention

• Active account: as long as you use it.
• Inactive account (expired trial, cancellation): 30 days then permanent deletion.
• Technical logs: 30 days.
• Billing data: 10 years (statutory accounting obligation).

Your rights (GDPR / Swiss FADP)

You have the following rights: access, rectification, deletion, portability, objection, restriction. To exercise them: hello@plumeo.ch. Reply within 30 days.

Cookies

We only use a session cookie (PHPSESSID) strictly necessary for the service to work, plus a `plumeo_locale` cookie (1 year) that remembers your language. No advertising tracking cookies, no third-party analytics. For audience measurement, we use Matomo in cookieless mode (self-hosted in Switzerland, anonymized IP, Do Not Track respected) — no consent banner needed. You can still opt out here.

Security

Passwords hashed with bcrypt. OAuth tokens encrypted with libsodium. HTTPS connection always on. Daily backups with Infomaniak.

Changes

For substantial changes you'll be notified by email at least 30 days before they take effect.