Privacy Policy

Last updated: January 2026

At Reportly, we take the protection of your privacy and personal data very seriously. In this Privacy and Personal Data Protection Policy (the "Policy"), we describe how we process personal data as a data controller, particularly when you visit this website, participate in an event organised by Reportly, request a demonstration, subscribe to our newsletters, when we interact with you on social media, or when we carry out specific activities such as the development and improvement of our services.

This Policy does not apply to the use of Reportly's SaaS products and services provided to our customers under specific contractual terms. If you would like to know more about this, please do not hesitate to contact us.

1. Who is Reportly?

When we refer to "Reportly" in this Policy, we mean Nuvem Studio, a société par actions simplifiée unipersonnelle (SASU) with share capital of €100, registered with the Paris Trade and Companies Register under number 988 881 900, whose registered office is located at 58 rue de Monceau, 75008 Paris, represented by Mr Olivier Saint-Marc, acting as President, and acting as controller of the personal data under our control.

2. What is "personal data"?

Within the meaning of the European Data Protection Regulation No 2016/679 (known as "GDPR") which came into force on 25 May 2018 and French Law No 78-17 of 6 January 1978 "Data Processing and Civil Liberties" in its amended version, "personal data" means any information relating to an identified or identifiable natural person, such as a name, email address, telephone number or IP address.

3. What personal data do we process about you and why?

At Reportly, we process the following personal data about you:

  • Your identification data and professional contact details, such as your name, image, email address, postal address, telephone number, particularly when you request information about Reportly's products and services, when you participate in our events, or when you subscribe to our marketing communications.
  • Information you provide to us: when you contact us, you may provide us with additional information that is useful to share depending on the reason for your contact. For example, when you book a demonstration, you may wish to share the specific points you would like to discuss during our meeting. Generally, this is combined with your identification data and professional contact details.
  • Your communications and any information you choose to share with us, such as newsletters, emails, telephone and call recordings (e.g. webinars), event recordings, forms and tickets created.
  • Data relating to your use of our website and solution, as well as associated Reportly services, such as statistics, feedback, satisfaction surveys, case studies and customer testimonials.
  • Information about you from third parties and information collected from open and public databases: we work with partners and suppliers to help us operate our services and improve our product. They may share information about you with us, such as your identification data, professional contact details and data relating to your use of our solution.
  • Information provided by our customers under specific agreed contractual terms, particularly when we process personal data to provide, develop and improve our Reportly services.

3.1 Data We Process From Your Connected Services

When you connect third-party services to Reportly, we process the following data on your behalf:

From payment processors:

  • Transactions and payment history
  • Invoices and billing information
  • Subscriptions and recurring payments
  • Product and price information

From e-commerce platforms:

  • Orders and transaction history
  • Products and inventory data
  • Payout information

From advertising platforms:

  • Campaign performance metrics
  • Ad spend and budget data
  • Audience and targeting statistics

From accounting platforms:

  • Financial transactions and entries
  • Invoices and expense records
  • Bank account reconciliation data
  • Chart of accounts and categories

Important: This data is used solely to generate analytics and reports for your business. We do not access or store end-customer personal information (names, emails, addresses, phone numbers) from these services.

4. In practical terms, why do we collect your personal data and what else should you know?

Reportly takes privacy and the protection of your personal data seriously. We have placed at the heart of our commitments the respect and protection of the privacy and personal data of our customers and users, and consequently compliance with applicable laws and regulations, in particular the amended French Data Processing and Civil Liberties Act and the GDPR, but also to ensure better data protection with a view to improving our products and services.

To be clear, we process your personal data for the following purposes:

  • Marketing our SaaS solution and improving our services.
  • Contacting you to invite you to demonstrations, webinars, events and to keep you informed of our new features and any other commercial communications, and organising such events.
  • Managing your relationship with us.
  • Complying with our legal and regulatory obligations.

How does Reportly comply with the GDPR when processing your personal data?

Under Article 6 of the GDPR, data controllers such as Reportly may process personal data by relying on several legal bases. At Reportly, your personal data is processed on the basis of:

  • Performance of a contract with us or in order to take steps prior to entering into a contract with you.
  • The need to comply with a legal obligation.
  • Our legitimate interest.
  • Your consent.

How long does Reportly retain your personal data?

We will retain your personal data for 3 years after your last contact with us or, if there is a contract in place between us, after the end of our contractual relationship.

5. Is the processing of your personal data secure?

Reportly has implemented a number of measures to protect your privacy and personal data and to meet GDPR requirements.

Concerning the security measures implemented to protect personal data against any risk of breach, unauthorised disclosure or damage to its integrity, Reportly has deployed all necessary resources with its teams and service providers to minimise the risk of security breaches, including:

  • SSL encryption of the website.
  • Your data is encrypted both in transit (TLS/SSL) and at rest (AES-256 encryption).
  • In particular, we endeavour to maintain 24/7 system monitoring to ensure the security of the personal data we process.
  • Our sites are regularly scanned for security flaws and vulnerabilities, and we take the necessary precautions to prevent the loss, misuse or alteration of personal data.

6. With whom do we share your personal data?

Your personal data may be shared with our service providers (particularly for IT services). Otherwise, your personal data is not shared outside of Reportly.

When your personal data is shared outside of Reportly, we make every effort to select our service providers on the basis of very stringent criteria in terms of confidentiality, data protection and security. All transfers of personal data are contractually secured.

Your personal data may also be shared with service providers located outside the European Economic Area ("EEA"). In this case, we ensure that our service providers:

  • Are located in a country considered to offer an adequate level of protection by the European Union in terms of personal data, or
  • Are bound by contractual clauses guaranteeing an equivalent level of protection of your personal data (i.e. the standard contractual clauses established by the European Commission) or that the transfer is otherwise authorised under the GDPR.

6.1 Sub-processors

We use the following service providers to operate Reportly:

  • Supabase - Database hosting (EU region)
  • Render - Application hosting

7. Your rights

Within the limits and conditions of applicable data protection laws, you may ask us to:

  • Access your personal data.
  • Rectify your personal data.
  • Erase your personal data.
  • Restrict the processing of your personal data.
  • Object to the processing of your personal data.
  • Transfer your personal data to another provider (right to data portability).

You may also lodge a complaint with a competent supervisory authority (for example, the ICO in the United Kingdom or CNIL in France).

8. How to contact us?

If you wish to exercise your rights and for any questions concerning this document and, in general, concerning the collection and processing of your personal data by Reportly, please do not hesitate to contact us by email: support@reportly.fr or to send us a letter to: Nuvem Studio - Data Protection Officer, 58 rue de Monceau, 75008 Paris (France).

9. Amendments

This Privacy and Personal Data Protection Policy may be updated from time to time, particularly to take account of changes in our services, technologies or applicable regulations.

These updates will be effective immediately upon being made available and accessible on our website.

10. Cookies

To find out more about cookies, please consult our Cookie Policy.