Privacy Policy

Compliant with GDPR (EU 2016/679) - Last updated: December 30, 2024

Our commitment: Luxpred respects your privacy and is committed to protecting your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Data Controller

The controller of your personal data is:

  • Company name: Luxpred S.a r.l.-S
  • Address: 144, Z.A.E. WOLSER A, Bettembourg L-3225, Luxembourg
  • Email: contact@luxpred.com
  • RCS number: [RCS number]

2. Personal Data Collected

2.1 Registration Data

When creating your account, we collect:

  • Email (required): for authentication and communications
  • Password : stored in encrypted form
  • Name and surname (optional): to personalize your experience

2.2 Billing Data (paid subscriptions)

For paid subscriptions, we collect through our provider Stripe:

  • Payment information (credit card)
  • Name and billing address
  • Intra-community VAT number (if applicable)

Important: Credit card data is never stored on our servers. It is processed directly by Stripe (PCI-DSS Level 1 certified).

2.3 Usage Data

  • Connection logs (IP address, date, time)
  • Browsing data (technical cookies, see our Cookie Policy)
  • Service usage history

2.4 Your Commercial Data

Maximum confidentiality: Sales and purchase files you import are processed in memory and immediately deleted. We retain NO commercial data on our servers. Only generated recommendations may be temporarily displayed in your session.

3. Purposes of Processing

We use your personal data only for:

Purpose Legal basis (GDPR)
Management of your user account Contract performance (Art. 6.1.b)
Provision of the Luxpred service Contract performance (Art. 6.1.b)
Payment processing Contract performance (Art. 6.1.b)
Service communications Legitimate interest (Art. 6.1.f)
Security and fraud prevention Legal obligation (Art. 6.1.c)
Marketing (with consent) Consent (Art. 6.1.a)

4. Retention Period

  • Active account: For the duration of your subscription
  • After termination:
    • Account data: 1 year (for reactivation)
    • Billing data: 10 years (legal accounting obligation)
  • Connection logs: 12 months maximum

5. Data Recipients

Your personal data may be shared with:

5.1 Subcontractors

  • Stripe (United States - EU Standard Contractual Clauses): payment processing
  • Cloud host Hetzner Online GmbH: platform hosting
  • Emailing service Brevo: sending transactional emails

All our subcontractors are subject to strict confidentiality obligations compliant with GDPR.

5.2 Legal Authorities

We may be required to communicate your data to competent authorities if required by law (judicial requisition, fraud prevention, etc.).

6. Transfers Outside the EU

Some of our infrastructure may be located outside the European Union (notably via Stripe). In such cases, we ensure that:

  • The country benefits from an adequacy decision by the European Commission, OR
  • Appropriate safeguards are in place (Standard Contractual Clauses (SCC) approved by the European Commission, etc.)

7. Your Rights (GDPR)

In accordance with GDPR, you have the following rights regarding your personal data:

Right of access (Art. 15)

Obtain a copy of your personal data

Right to rectification (Art. 16)

Correct inaccurate or incomplete data

Right to erasure (Art. 17)

Request deletion of your data (under conditions)

Right to restriction (Art. 18)

Temporarily limit the processing of your data

Right to data portability (Art. 20)

Retrieve your data in a structured format

Right to object (Art. 21)

Object to processing for reasons relating to your situation

Right to withdraw consent (Art. 7.3)

Withdraw your consent at any time (marketing)

How to exercise your rights?

To exercise any of these rights, you may:

  • Log into your account and modify your information
  • Contact us by email: contact@luxpred.com
  • Write to us at: 144, Z.A.E. WOLSER A, Bettembourg L-3225, Luxembourg

We will respond within a maximum of 1 month in accordance with GDPR.

8. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • SSL/TLS encryption for all communications
  • Encrypted passwords with bcrypt algorithm
  • Restricted access to data (principle of least privilege)
  • Regular backups and secured
  • Security tests periodic

9. Cookies and Similar Technologies

We use cookies to improve your experience. To learn more, consult our Cookie Policy.

10. Minors

Our service is intended for professionals and is not designed for minors under 18 years of age. We do not knowingly collect personal data from children.

11. Policy Modifications

We may modify this Privacy Policy. In case of significant changes, we will inform you by email and/or via a notification on the Platform.

The last update date is indicated at the top of this page.

12. Complaint to the CNPD

If you believe your rights are not being respected, you may file a complaint with the competent supervisory authority:

National Commission for Data Protection (CNPD)

15, Boulevard du Jazz

L-4370 Belvaux, Luxembourg

Website: https://cnpd.public.lu

13. Contact

For any questions regarding this Privacy Policy or your personal data:

  • Dedicated email: contact@luxpred.com
  • General support: support@luxpred.com
  • Postal address: 144, Z.A.E. WOLSER A, Bettembourg L-3225, Luxembourg

© 2026 Luxpred. All rights reserved.

This policy is compliant with GDPR (EU Regulation 2016/679)