Introduction
This privacy policy describes how personal data is collected, used, retained, and protected when you use the Urblink service.
Urblink places particular importance on protecting personal data and is committed to complying with the General Data Protection Regulation (GDPR) and applicable French legislation.
Data controller
Data controller:
- Urblink
- Email: contact@urblink.fr
- Country: France
Data collected
When using the service, the following data may be collected:
Identification data
- last name
- first name
- email address
- phone number
- profile photo
Technical data
- IP address
- connection logs
- diagnostic data
- device identifiers
- analytics data
- cookies and similar technologies
Geolocation data
- location data when the user consents
User content
- messages
- posts
- uploaded files
- images
- public or private content published on the platform
Notifications
- push notification tokens
Processing purposes
Data is collected for the following purposes:
- creating and managing user accounts
- providing service features
- managing citizen relations for local authorities
- authentication and security
- service improvement
- notification management
- user support
- abuse and fraud prevention
- legal compliance
- usage statistics
Legal basis for processing
Processing is based on:
- performance of the service terms of use
- user consent where required
- the publisher’s legitimate interest
- applicable legal obligations
Authentication
The service may allow authentication via:
- email and password
- Google Login
Users are responsible for keeping their credentials confidential.
Sensitive data
The service may process certain data that could be sensitive under the GDPR, depending on content published by users.
Users agree to transmit only data strictly necessary for using the service.
Hosting and subprocessors
Data may be hosted and processed by technical providers, including:
- Hetzner Online GmbH (hosting)
- Resend (transactional email)
- Google (Google Login authentication)
These providers act as subprocessors.
Data retention
Data is retained only for as long as strictly necessary for the purposes pursued.
When an account is deleted:
- personal data is deleted or anonymized within a reasonable timeframe
- some data may be retained where required by law
- technical backups may persist temporarily before automatic purge
Security
Urblink implements technical and organizational measures to protect data, including:
- encrypted communications (TLS/HTTPS)
- access control
- secure backups
- logging
- access monitoring
- privilege limitation
Despite these efforts, no system can guarantee absolute security.
Cookies
The service uses cookies and similar technologies to:
- ensure the service functions properly
- remember user preferences
- measure audience
- improve performance
Users can configure their browser to limit or refuse certain cookies. For more details, see the Cookie policy.
Push notifications
Mobile applications may send push notifications related to the operation of the service.
Users can disable these notifications in their device settings.
Mobile permissions
Mobile applications may request access to:
- the camera
- photos
- geolocation
- push notifications
These permissions are used only for the associated features and with user consent where required.
User rights
Under the GDPR, users have the following rights, in particular:
- right of access
- right to rectification
- right to erasure
- right to restriction
- right to object
- right to data portability
- right to withdraw consent
Any request can be sent to:
Users also have the right to lodge a complaint with the CNIL (French data protection authority).
Data transfers
Data is primarily processed within the European Union.
Some subprocessors may nevertheless process data outside the EU in compliance with GDPR safeguards.
Changes to this policy
This policy may be updated at any time to reflect legal, regulatory, or technical changes.