SaaS Platform for Heritage Institutions
Version 1.0 – February 11, 2026
Last updated: February 11, 2026
1. Introduction
This Privacy Policy (hereinafter "the Policy") describes how the Patrivox platform (hereinafter "the Platform"), published by Sébastien Fouss (hereinafter "the Publisher" or "the Data Controller"), collects, uses, stores, and protects Users' personal data in connection with the use of its services.
The Publisher undertakes to process personal data in compliance with the General Data Protection Regulation (GDPR – Regulation EU 2016/679), the Belgian law of July 30, 2018 on the protection of natural persons with regard to the processing of personal data, and all applicable data protection regulations.
This Policy complements the Terms of Service and Cookie Policy of the Platform.
These provisions are written in French. In the event of translation into another language, only the French version shall be authoritative.
2. Data Controller
The data controller is:
- Name: Sébastien Fouss
- Address: Rue Perdue 10, 7500 Tournai, Belgium
- Email: sebastien.fouss@patrivox.io
- Company number (BCE): 0640.997.081
For any questions regarding the protection of your data, you may contact the Data Protection Officer (DPO) at: dpo@patrivox.io.
3. Personal data collected
3.1 Data provided directly by the User
During registration and use of the Platform, the following data may be collected:
| Data | Collection time | Purpose |
|---|---|---|
| First and last name | Registration | User identification, Service personalization |
| Email address | Registration | Authentication, Service-related communications |
| Password (hashed) | Registration | Secure authentication |
| Institution name | Registration | Linking User to their organization |
| Role within the Institution | Account configuration | Permission and access management |
| Language preferences | Usage | Displaying interface in chosen language (fr, en, nl) |
| Billing information | Subscription | Payment processing and billing |
3.2 Automatically collected data
When using the Platform, certain data is collected automatically:
| Data | Purpose |
|---|---|
| IP address | Security, abuse prevention, access logs |
| Connection data (date, time, method) | Account security, audit |
| Navigation data (pages visited, actions) | Service improvement, technical support |
| Browser type and operating system | Technical compatibility |
| Cookies and similar technologies | See our Cookie Policy |
3.3 Data contained in uploaded documents
Users may upload archival documents to the Platform. These documents may contain personal data of third parties (names, addresses, biographical information in historical archives, etc.).
In this case, the Institution is the data controller and the Publisher acts as a processor within the meaning of Article 28 of the GDPR (see section 10).
4. Legal bases for processing
Personal data processing carried out by the Publisher is based on the following legal grounds:
| Processing | Legal basis (art. 6 GDPR) |
|---|---|
| Account management and authentication | Contract performance (art. 6.1.b) |
| Service provision (storage, OCR, indexing, search) | Contract performance (art. 6.1.b) |
| Billing and payment | Contract performance (art. 6.1.b) and legal obligation (art. 6.1.c) |
| Platform security and abuse prevention | Legitimate interest (art. 6.1.f) |
| Service-related communications (updates, maintenance) | Contract performance (art. 6.1.b) |
| Functional and analytics cookies | Consent (art. 6.1.a) |
| Service improvement | Legitimate interest (art. 6.1.f) |
| Compliance with legal obligations | Legal obligation (art. 6.1.c) |
5. Processing purposes
Personal data is collected and processed for the following purposes:
- Service provision: account creation and management, authentication via Better Auth, role and permission management, document upload and storage, OCR processing, indexing, full-text and semantic search, AI conversational queries (AI Queries)
- Business management: subscription processing, billing, AI Query quota tracking
- Security: protection against unauthorized access, detection of suspicious activities, security event logging
- Communication: sending Service-related notifications (maintenance, Terms of Service updates, security alerts)
- Service improvement: anonymized usage analysis to improve features and user experience
- Legal obligations: retention of billing data in compliance with accounting and tax obligations
6. Artificial intelligence data processing
6.1 OCR and indexing
The Platform uses artificial intelligence technologies for optical character recognition (OCR) via Mistral OCR. Uploaded documents are processed to extract text, which is then indexed to enable search.
6.2 Semantic search and AI Queries
AI Queries allow Users to query their documents conversationally. User queries and relevant document excerpts are sent to language models to generate responses.
6.3 AI commitments
The Publisher undertakes that:
- User data will not be used to train third-party artificial intelligence models
- AI results will not be shared between Institutions
- AI processing respects strict data compartmentalization between Institutions
- AI model providers used offer contractual guarantees of data non-reuse
7. Data hosting and location
7.1 European sovereignty strategy
In accordance with its European sovereignty strategy, the Publisher undertakes to host and process all personal data exclusively on infrastructure located in the European Union.
7.2 Hosting subprocessors
| Subprocessor | Service | Location |
|---|---|---|
| Scaleway | Object storage (S3-compatible) | France (EU) |
| Neon | PostgreSQL database | European Union |
| Typesense | Full-text search engine | European Union |
| Qdrant | Vector database (semantic search) | European Union |
7.3 Transfers outside the EU
No transfer of personal data outside the European Economic Area is carried out. Should a transfer be considered in the future, it would only be performed under the conditions provided by the GDPR (adequacy decision, standard contractual clauses, or other appropriate safeguard mechanism).
8. Data recipients
Personal data may be disclosed to the following recipients:
- Authorized Publisher staff: to the extent necessary for Service provision and technical support
- Technical subprocessors: hosting providers and service providers listed in section 7.2, bound by contractual obligations of confidentiality and data protection
- Payment service providers: for transaction processing, in compliance with PCI-DSS standards
- Competent authorities: in case of legal obligation or judicial requisition
Personal data is under no circumstances sold, rented, or transferred to third parties for commercial or advertising purposes.
9. Retention period
Personal data is retained for the period strictly necessary for the purposes for which it is processed:
| Data | Retention period |
|---|---|
| Account data (name, email, institution) | Subscription duration + 30 days after termination (export period) |
| Uploaded documents and OCR/AI results | Subscription duration + 30 days after termination |
| Billing data | 10 years from closing of fiscal year (Belgian legal obligation) |
| Connection and security logs | 12 months |
| Consent data (cookies) | 12 months, then renewal |
| Anonymized navigation data | 25 months maximum |
At the end of these periods, data is securely deleted or irreversibly anonymized.
10. Subprocessing and document data
10.1 Respective roles
When the Institution uploads documents containing personal data of third parties (nominative archives, registers, correspondence, etc.):
- The Institution is the data controller for this personal data
- The Publisher acts as a processor within the meaning of Article 28 of the GDPR
10.2 Processor obligations
As a processor, the Publisher undertakes to:
- Process data only on documented instructions from the Institution
- Ensure confidentiality of processed data
- Implement appropriate technical and organizational measures to ensure data security
- Not engage another processor without prior written authorization from the Institution
- Assist the Institution in meeting its obligations under the GDPR
- Delete or return data at the end of the service provision
10.3 Data Processing Agreement (DPA)
A separate and detailed Data Processing Agreement may be concluded at the Institution's request. This agreement specifies processing instructions, security measures, data breach notification procedures, and audit arrangements.
11. Data security
The Publisher implements appropriate technical and organizational measures to protect personal data against unauthorized access, loss, destruction, or alteration, including:
- Encryption in transit: all communications use HTTPS/TLS protocol
- Encryption at rest: stored data is encrypted on hosting infrastructure
- Secure authentication: session management via Better Auth with secure cookies (Secure flag in production)
- Data compartmentalization: strict isolation of data between Institutions at application and database level
- Access control: role and permission system (administrator, contributor, reader)
- Logging: recording of security events for anomaly detection
- Backups: regular data backups with tested restoration procedures
- Updates: regular application of security patches
12. Data subject rights
In accordance with the GDPR, all Users have the following rights regarding their personal data:
12.1 Right of access (art. 15)
You may obtain confirmation that data concerning you is being processed and obtain a copy.
12.2 Right to rectification (art. 16)
You may request correction of inaccurate or incomplete data.
12.3 Right to erasure (art. 17)
You may request deletion of your personal data, subject to legal retention obligations.
12.4 Right to restriction of processing (art. 18)
You may request restriction of processing of your data in certain cases provided by the GDPR.
12.5 Right to data portability (art. 20)
You may receive your data in a structured, commonly used, and machine-readable format, and transmit it to another controller.
12.6 Right to object (art. 21)
You may object to processing of your data based on legitimate interest, for reasons relating to your particular situation.
12.7 Right to withdraw consent
When processing is based on your consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.
12.8 Exercising rights
To exercise your rights, you may contact the Publisher:
- By email: dpo@patrivox.io
- By mail: Patrivox DPO, Rue Perdue 10, 7500 Tournai, Belgique
The Publisher undertakes to respond to any request within one (1) month of receipt, in accordance with the GDPR. This period may be extended by two (2) months in case of complexity or high number of requests.
Proof of identity may be requested in case of reasonable doubt about the identity of the requester.
13. Data breach
In the event of a personal data breach likely to pose a risk to the rights and freedoms of individuals, the Publisher undertakes to:
- Notify the Belgian Data Protection Authority (APD) within 72 hours of becoming aware of the breach, in accordance with Article 33 of the GDPR
- Inform affected individuals without delay if the breach is likely to pose a high risk to their rights and freedoms, in accordance with Article 34 of the GDPR
- Inform the Institution (in case of subprocessing) without delay so that it can fulfill its own notification obligations
14. Minors
The Platform is not intended for minors under 16 years of age. The Publisher does not knowingly collect personal data from minors. If the Publisher becomes aware that data from minors has been collected without required parental consent, it will proceed with deletion without delay.
15. Supervisory authority
In case of dissatisfaction regarding the processing of your personal data, you have the right to lodge a complaint with the competent supervisory authority:
Data Protection Authority (APD)
Rue de la Presse 35
1000 Brussels
Belgium
Tel.: +32 (0)2 274 48 00
Email: contact@apd-gba.be
Website: https://www.autoriteprotectiondonnees.be
16. Changes to the Privacy Policy
The Publisher reserves the right to modify this Policy at any time. Any substantial modification will be notified to Users by email or by notification on the Platform, with reasonable notice.
The date of last update is indicated at the top of this document. Continued use of the Platform after modification constitutes acceptance of the revised Policy.
17. Contact
For any questions regarding this Privacy Policy, the protection of your data, or to exercise your rights:
- By email: dpo@patrivox.io
- By mail: Patrivox DPO, Rue Perdue 10, 7500 Tournai, Belgique
- Via the contact form available on the Platform