Riekio.

Privacy Policy

Last updated: May 17, 2026

This policy explains how Riekio collects, uses and protects your personal data. It is written in accordance with the General Data Protection Regulation (GDPR — EU Regulation 2016/679) and the French Data Protection Act.

1. Data controller

Alan Ndongala, sole proprietor — Cergy, France.
Contact: privacy@riekio.com

2. Data we collect

  • Identity: first and last name, business email, role.
  • Account: credentials, preferences, sending settings.
  • CRM data synced from HubSpot (read-only): contacts, deals, quotes, invoices.
  • Usage: connection logs, actions taken, performance metrics.
  • Billing: address, payment history. Card data is handled exclusively by Stripe.

3. Purposes

  • Provide and improve the Riekio service.
  • Analyze your CRM and generate follow-up emails.
  • Manage your account, subscription and billing.
  • Ensure security and prevent fraud.
  • Respond to your requests.

4. Legal basis

  • Contract performance for most processing.
  • Legal obligation for invoice retention.
  • Legitimate interest for security and service improvement.
  • Consent for marketing communications (never by default).

5. Recipients

Your data is never sold. It may be processed by:

  • HubSpot (CRM sync, read-only)
  • Stripe (payments)
  • Vercel (website hosting)
  • Our cloud application host (European Union)
  • Competent authorities in case of legal request

6. Retention

  • Active account: for the duration of your subscription.
  • After cancellation: deleted within 30 days, unless legally required.
  • Invoices: 10 years (accounting obligation).
  • Security logs: 12 months.

7. Security

Riekio implements appropriate technical and organizational measures to protect your data: encryption in transit (TLS) and at rest, strong authentication, regular backups.

8. Your rights

  • Right to access and copy
  • Right to rectification
  • Right to erasure
  • Right to restrict processing
  • Right to data portability
  • Right to object
  • Right to withdraw consent at any time

To exercise these rights: privacy@riekio.com. We respond within one month maximum.

You may also lodge a complaint with the CNIL (French data protection authority).

9. Cookies

Riekio uses only strictly necessary cookies (authentication, preferences). No advertising or profiling cookies.

10. International transfers

Your application data is hosted in the European Union. Some sub-processors (Stripe, Vercel) may process data in the United States; these transfers are framed by the European Commission's Standard Contractual Clauses.

11. Contact

For any question: privacy@riekio.com.