Sourdine
Home Support

Privacy policy

What Sourdine collects, why, for how long, and how to exercise your rights. Written to exactly reflect how the site and software actually work — not a generic template.

Last updated : July 12, 2026.

⚠️ Template to be reviewed by a professional before going into production — fields marked [TO BE COMPLETED] must be filled in by the publisher before final release. This document is a solid, product-specific draft, not certified legal advice.

Data controller

Radnoumane MOSSABELY, publisher of the sourdine.radnoumane.com site and the Sourdine software.

  • Address : [TO BE COMPLETED]
  • Privacy contact : sourdine@radnoumane.com

Summary — one sentence per data flow

DataWhyLegal basis
Buyer's e-mailDelivery and recovery of the license keyPerformance of the contract
Payment data (card, etc.)Payment processingHandled entirely by Stripe — Sourdine neither receives nor stores it
Usage telemetry (aggregated, opt-in)Understand real-world product usage at the fleet levelConsent, revocable at any time
CookiesNo tracking cookie is set by this site—

1. The e-mail you provide at purchase

The only identifying personal data the Sourdine service retains is the e-mail address used at purchase. It is stored alongside your license key in order to :

  • let you recover your key if you lose it (see the support page) ;
  • send you the key by e-mail (feature being rolled out, in addition to the immediate display on the confirmation page) ;
  • handle refund requests and support.

Legal basis : performance of the license sale contract (GDPR article 6.1.b). This data is stored in the license database (Cloudflare D1 infrastructure) and is never shared with third parties other than those strictly necessary to provide the service (see "Recipients" below).

2. Payment — handled by Stripe

Payment for the Sourdine license is entirely processed by Stripe, a third-party payment provider. Sourdine never sees, transmits, or stores any card data : the payment form is hosted directly by Stripe. Stripe acts as a data processor within the meaning of the GDPR for this operation ; its own privacy policy applies to this data (stripe.com/privacy).

3. Application telemetry — opt-in, anonymous, aggregated

Sourdine offers, only if you explicitly enable it during initial setup or from Settings, the sending of anonymous usage telemetry. Concretely :

  • Opt-in — off by default, can be enabled and revoked at any time from the app, with no effect on how the software functions.
  • Anonymous and aggregated — each send increments daily counters by dimension (app version, chip, system, language, number of rules, tenure bucket, estimated energy saved, time under eco policy, freezes performed). No unique device, account, or license identifier is attached to these sends: it is not possible to link two sends to the same Mac server-side.
  • IP address never stored — the telemetry server does not record your IP address in its database ; it only appears transiently at the network level (as with any HTTP request), without being persisted alongside the counters.
  • No personal data — the telemetry contains no e-mail, license key, name, or session identifier.

Legal basis : consent (GDPR article 6.1.a). You can withdraw this consent at any time from the app's settings ; this does not affect your license's validity.

The fleet numbers shown on the home page (installs, estimated energy saved, cumulative freezes) are computed from these aggregates, and only appear once a minimum participation threshold is reached, specifically to preserve the anonymity of the first contributors.

4. Cookies and trackers

This site uses no tracking, advertising, or third-party analytics cookie. No cookie consent banner is needed because no non-essential cookie is set.

5. Retention period

  • E-mail and license key : kept for as long as the license is active, then for the duration required by applicable accounting and tax obligations (generally up to 10 years for sales records in France), unless an erasure request is compatible with those obligations.
  • Telemetry : aggregated daily counters are kept in aggregate form for product-tracking purposes ; since they are linked to no individual identifier, they do not constitute personal data in the strict sense beyond the initial send.

6. Recipients and processors

  • Stripe (payment) — United States / Ireland depending on the contracting entity.
  • Cloudflare, Inc. (hosting of the site, license API, and telemetry API — Workers, D1, Pages) — United States.

No data is sold or rented to third parties for advertising purposes.

7. International transfers

As Stripe and Cloudflare are US-based companies, some data (purchase e-mail, payment data) may be transferred outside the European Union. These providers rely on compliance mechanisms recognized under the GDPR (notably standard contractual clauses). For more details, see their respective policies.

8. Your rights

Under the GDPR, you have the following rights over your personal data (essentially your purchase e-mail, the only identifying data retained) :

  • Right of access — obtain a copy of the data concerning you ;
  • Right of rectification — correct inaccurate data ;
  • Right to erasure — request the deletion of your data, subject to legal retention obligations ;
  • Right to portability — receive your data in a structured format ;
  • Right to object and to restriction of processing.

To exercise any of these rights, write to sourdine@radnoumane.com stating the e-mail address used at purchase. A response is provided as soon as possible and within the legal one-month deadline at the latest.

You also have the right to lodge a complaint with the French data protection authority, the CNIL (cnil.fr), if you believe your rights are not being respected.

9. Data protection officer

Appointing a DPO is not mandatory for this activity (limited processing, no large-scale processing of sensitive data). Any data-protection question can be addressed directly to the publisher via sourdine@radnoumane.com.

10. Security

Data is hosted on Cloudflare's infrastructure (encryption in transit via HTTPS/TLS). License keys are cryptographically signed ; access to the databases is restricted to the publisher.

11. Changes

This policy may be updated to reflect product or regulatory changes. The last-updated date appears at the top of this page.

Support Legal notice Privacy Terms
EN FR ES DE

© 2026 Sourdine — built by Radnoumane MOSSABELY · radnoumane.com