Privacy Policy

Last updated: 2026-05-02

This Privacy Policy explains how Le Moulin ("we", "us") collects, uses, stores, and shares your personal data when you use the Le Moulin service.

1. Data we collect

• Account data: email address, password hash (never the password itself), display name, sign-up date.
• Generated content: text prompts you submit, generated carousel slides, captions, hashtags, custom fonts, and any reference images you upload.
• Billing data: processed by Stripe. We store only their customer + subscription identifiers, never your card details.
• Instagram connection (optional): if you use the "Connect Instagram" feature, we store your Instagram Business Account ID, Facebook Page ID, the public Instagram username, and an encrypted Page Access Token. We never see or store your Facebook password.
• Usage data: minimal request logs (timestamp, path, status), retained for 30 days for debugging and security. Product analytics via PostHog (page views, feature usage, your account ID + email; never form contents).

2. How we use it

• To provide the service (generate carousels, edit them, publish to your IG account on your request).
• To bill you for the service via Stripe.
• To send you transactional email (sign-up confirmation, password reset, low-credit warning, generation-failed notice).
• To debug errors and improve the product (Sentry error tracking, PostHog analytics).
• We use OpenAI's API (gpt-4o, gpt-image-2) to generate your carousels. Your prompts and reference images are sent to OpenAI for processing under their API Data Usage Policy (not used for model training).

3. Legal basis (GDPR)

• Contract: providing the service you signed up for.
• Consent: connecting your Instagram account, sending marketing email (opt-in only).
• Legitimate interest: error tracking, fraud prevention, debugging.

4. Sharing

We share data with these processors only:

• Supabase: database + auth + file storage hosting.
• Vercel: application hosting.
• Inngest: background job orchestration.
• OpenAI: content + image generation.
• Stripe: payment processing.
• Resend: transactional email delivery.
• Meta (Facebook): only when you connect Instagram, and only the specific data needed to publish on your behalf.
• Sentry: error tracking (no PII in error reports).
• PostHog: product analytics + session replay (your account ID and email; password and payment fields are masked).

We do not sell, rent, or share your personal data with anyone else for any reason.

5. Retention

• Account + carousels: retained as long as your account is active.
• Carousel storage: 90 days on the Pro plan, unlimited on Max.
• Request logs: 30 days.
• Billing records: 7 years (legal requirement).
• On account deletion, all of the above are removed within 30 days, except billing records (kept for the legal retention period in anonymized form).

6. Your rights

You have the right to:

• Access a copy of all your data, use the "Export my data" button on your account page.
• Delete your account and all associated data, use the "Delete account" button on your account page.
• Correct inaccurate data, most fields are editable in the app; for the rest, email us.
• Object to processing or withdraw consent, email us.
• Lodge a complaint with your local data protection authority.

7. Security

Passwords are hashed with bcrypt. Instagram access tokens are encrypted at rest with AES-256-GCM. Database access is gated by row-level security tied to your authenticated session. TLS 1.2+ for all data in transit. We use vendors with industry-standard security certifications (Supabase, Vercel, Stripe are SOC 2 Type II).

8. International transfers

Our infrastructure providers operate globally. Data may be processed in the EU and the United States. Where data leaves the EU, we rely on Standard Contractual Clauses with each processor.

9. Cookies

We use only essential cookies (authentication session, OAuth state, your preference settings). No tracking cookies, no advertising cookies.

10. Changes to this policy

We'll email you at least 14 days before any material change takes effect. The "Last updated" date at the top reflects the most recent revision.

11. Contact

Privacy questions or rights requests: privacy@lemoulin.studio.