Privacy Policy
Last updated: April 15, 2026
At Lonovoice, protecting your personal data is a priority. This policy describes how we collect, use and protect your information in accordance with the General Data Protection Regulation (GDPR).
1. Data controller
The data controller is:
- Entity: LONOGIC, SAS with share capital of โฌ2,500
- RCS / SIRET: Paris 981 963 424 โ SIRET 981 963 424 00016
- Address: 60 Rue Franรงois 1er, 75008 Paris, France
- Legal representative: Florian SILOT, President
- GDPR contact: contact@lonogic.fr
Lonogic is not subject to the obligation to appoint a Data Protection Officer (DPO) under Article 37 of the GDPR. Requests relating to your personal data may nevertheless be sent to the email above and will be handled within a maximum of one month.
2. Data collected
We collect the following categories of data:
| Category | Data | Purpose |
|---|---|---|
| Identity | First name, last name, email address | Account creation and management |
| Authentication | Password (hashed), JWT tokens | Securing access |
| Payment | Billing data via Stripe (we do not store your banking details) | Subscription management |
| Usage | Submitted text, generated audio files, usage counters | Delivery of the TTS service |
| Technical | IP address, browser type, pages visited | Security, service improvement |
3. Legal basis for processing
- Performance of the contract (Art. 6.1.b GDPR): account management, TTS service delivery, subscription management
- Legitimate interest (Art. 6.1.f GDPR): service security, fraud prevention, service improvement
- Consent (Art. 6.1.a GDPR): analytics cookies, marketing communications
- Legal obligation (Art. 6.1.c GDPR): retention of billing data
4. Retention period
- Account data: retained for the duration of the use of the service, then 3 years after the last connection
- Generated audio files: retained according to the plan limits (automatic rotation beyond the storage quota)
- Submitted text: not retained after audio generation
- Billing data: retained for 10 years (legal accounting obligation)
- Technical logs: retained for a maximum of 12 months
5. Recipients and processors
Your data may be shared with the following processors:
| Processor | Purpose | Location |
|---|---|---|
| Google Cloud (Gemini AI) | Speech synthesis (TTS) | EU / United States |
| Stripe | Payment processing | United States (DPF certified) |
| Cloudflare | CDN, DDoS protection, website hosting | Global (DPF certified) |
| OVH | Application & API hosting, database | France (EU) |
| Sentry | Application error monitoring | United States (DPF certified) |
Transfers to the United States are covered by the Data Privacy Framework (DPF) or by Standard Contractual Clauses (SCC) approved by the European Commission.
6. Data security
We implement the following security measures:
- Encryption of data in transit (TLS/HTTPS)
- Password hashing (bcrypt)
- Authentication via time-limited JWT tokens
- Restricted access to production databases
- Error monitoring and automated alerts (Sentry)
- Regular data backups
7. Cookies
Our site uses the following cookies:
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| JWT session | Strictly necessary | Authentication | Session duration |
| Theme preference | Functional | Light/dark mode | 1 year |
Strictly necessary cookies do not require your consent. Analytics cookies, if implemented in the future, will be subject to your prior consent.
8. Your rights
In accordance with the GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15): obtain a copy of your data
- Right to rectification (Art. 16): correct inaccurate data
- Right to erasure (Art. 17): request deletion of your data
- Right to portability (Art. 20): receive your data in a structured format
- Right to object (Art. 21): object to the processing of your data
- Right to restriction (Art. 18): restrict the processing of your data
- Right to withdraw consent: withdraw your consent at any time
To exercise your rights, send an email to contact@lonogic.fr specifying your request and attaching proof of identity if necessary. We commit to responding within one month.
9. Complaint to the supervisory authority
If you believe that the processing of your personal data constitutes a violation of the GDPR, you have the right to lodge a complaint with the French Data Protection Authority (CNIL) .
- Website: www.cnil.fr
- Address: 3 Place de Fontenoy, TSA 80715, 75334 Paris Cedex 07, France
10. Changes to this policy
We reserve the right to amend this privacy policy at any time. Changes will be published on this page with an update date. In the event of a substantial change, we will notify you by email.
11. Contact
For any question relating to this privacy policy:
- Email: contact@lonogic.fr
- Post: LONOGIC โ 60 Rue Franรงois 1er, 75008 Paris, France