> For the complete documentation index, see [llms.txt](https://terms.readycook.app/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://terms.readycook.app/privacy-policy.md). # Privacy Policy At AVL Holding, we take the protection of your privacy very seriously and are committed to protecting your personal information in accordance with the European Union's General Data Protection Regulation (GDPR). This privacy policy explains how we collect, use, store, and secure your personal data when you use our ReadyCook application. By using ReadyCook, you accept the practices described in this policy. ### 1. Data Controller AVL Holding, with its registered office located at 10 Rue Blacas, 06000 Nice, France, is the data controller for your personal data. ### 2. Personal Data Collected We collect and process the following types of personal data: #### 2.1 Identification Information * Name, email address * User identification details #### 2.2 Account and Connection Data * Login credentials and account information * External platform account identifiers (e.g., Vinted, Vestiaire Collective, eBay) * Authentication tokens and session data #### 2.3 Transaction Data * Purchase and sales history * Financial transaction details * Payment information (processed securely through third-party payment processors) #### 2.4 Technical Data * IP addresses, browsing data * Device information and browser details * Cookies and similar tracking technologies * Application usage analytics * Error logs and diagnostic information #### 2.5 External Platform Data * Data retrieved from connected External Platform accounts * Listing information, inventory data * Performance metrics and analytics ### 3. Purposes of Data Processing Your personal data is collected and processed for the following purposes: #### 3.1 Service Provision * Providing and managing our SaaS service * Facilitating connections to External Platforms * Synchronizing data between platforms * Enabling automation features #### 3.2 Transaction Management * Processing transactions and managing orders * Sending notifications and communications * Managing billing and payments #### 3.3 Service Improvement * Analyzing usage patterns to improve service quality * Developing new features and functionality * Optimizing performance and user experience #### 3.4 Security and Compliance * Securing your account and preventing fraud * Detecting and preventing abuse * Complying with legal and regulatory obligations * Maintaining audit trails and records #### 3.5 External Platform Integration * Authenticating with External Platforms * Retrieving and synchronizing account data * Automating marketplace activities * Monitoring External Platform policy compliance ### 4. Legal Basis for Processing We process your personal data based on the following legal grounds: #### 4.1 Consent For processing requiring your explicit consent, including: * Marketing communications * Non-essential cookies and tracking * Optional data sharing #### 4.2 Contract Performance To provide services you have requested, including: * Account management and service delivery * Payment processing * External Platform integrations #### 4.3 Legal Obligations To comply with legal requirements, including: * Financial record keeping * Regulatory reporting * Law enforcement requests #### 4.4 Legitimate Interests For legitimate business interests, including: * Account security and fraud prevention * Service improvement and analytics * Business communications ### 5. Data Sharing and Disclosure Your personal data may be shared with: #### 5.1 Service Providers * Third-party service providers who assist in service delivery * Payment processors and financial service providers * Cloud hosting and infrastructure providers * Analytics and monitoring services #### 5.2 External Platforms * Data shared with connected marketplace platforms as necessary for service functionality * Authentication and API access data * Listing and inventory synchronization data #### 5.3 Legal Requirements * Public authorities when required by law * Law enforcement agencies * Regulatory bodies * Legal advisors and auditors #### 5.4 Business Transfers In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the new entity. ### 6. International Data Transfers When personal data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards including: * Standard Contractual Clauses approved by the European Commission * Adequacy decisions by the European Commission * Binding Corporate Rules or certification schemes * Explicit consent where applicable ### 7. Data Retention We retain personal data for as long as necessary to fulfill the purposes for which it was collected, unless a longer retention period is required or permitted by law. Specific retention periods include: #### 7.1 Account Data * Active accounts: Duration of service provision plus 3 years * Inactive accounts: 3 years after last activity #### 7.2 Transaction Data * Financial records: 10 years for accounting and tax purposes * Transaction history: 7 years for legal compliance #### 7.3 Technical Data * Server logs: 12 months * Analytics data: 26 months * Security logs: 2 years ### 8. Your Rights Under GDPR You have the following rights regarding your personal data: #### 8.1 Right of Access Request access to your personal data and information about processing #### 8.2 Right of Rectification Correct inaccuracies in your personal data #### 8.3 Right of Erasure Request deletion of your personal data under certain circumstances #### 8.4 Right to Restrict Processing Limit how we process your personal data #### 8.5 Right to Object Object to processing based on legitimate interests or for direct marketing #### 8.6 Right to Data Portability Receive your personal data in a structured, machine-readable format #### 8.7 Right to Withdraw Consent Withdraw consent for processing based on consent (without affecting lawfulness of past processing) To exercise these rights, contact us at . ### 9. Data Security We implement appropriate technical and organizational measures to protect personal data against: * Unauthorized access, disclosure, or destruction * Accidental loss or damage * Unlawful processing Security measures include: * Encryption of data in transit and at rest * Access controls and authentication systems * Regular security assessments and updates * Employee training and confidentiality agreements * Incident response procedures ### 10. Cookies and Similar Technologies We use cookies and similar technologies to: * Enable service functionality * Remember your preferences * Analyze usage patterns * Improve user experience You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect service functionality. ### 11. External Platform Data Handling #### 11.1 Connected Accounts When you connect External Platform accounts, we: * Access only data necessary for service functionality * Store authentication tokens securely * Regularly validate access permissions * Respect External Platform data policies #### 11.2 Data Synchronization * Data synchronization occurs as needed for service delivery * We do not store unnecessary copies of External Platform data * Synchronization frequency may vary based on service requirements ### 12. Data Breach Notification In the event of a personal data breach: * We will notify relevant supervisory authorities within 72 hours where required * Affected individuals will be notified if the breach poses high risk * We maintain incident response procedures and documentation ### 13. Children's Privacy ReadyCook is not intended for users under 16 years of age. We do not knowingly collect personal data from children under 16. ### 14. Updates to This Policy We may update this privacy policy periodically. Changes will be posted on this page with an updated effective date. Material changes will be communicated through additional notice methods. ### 15. Contact Information For questions about this privacy policy or to exercise your rights: **Data Protection Officer:** * Email: * Address: AVL Holding, 10 Rue Blacas, 06000 Nice, France **Supervisory Authority:** You have the right to lodge a complaint with the French data protection authority (CNIL) at [www.cnil.fr](http://www.cnil.fr). *** **AVL Holding**\ 10 Rue Blacas\ 06000 Nice, France\ Email: --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://terms.readycook.app/privacy-policy.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.