Privacy Policy

この法的文書は、適用されるフランス法に従いフランス語で作成されています。

1. Introduction

The sole proprietorship EI ROMAIN COUZON operates the SentryAlert mobile application and the sentryalert.app website (hereinafter collectively referred to as the "Service").

The purpose of this privacy policy is to inform users of the Service about how their personal data is collected, processed and protected, in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR") and French Law No. 78-17 of January 6, 1978, relating to information technology, files and civil liberties, as currently in force.

By using the Service, the user acknowledges having read this policy and accepts its terms.

2. Data Controller

  • Identity: EI ROMAIN COUZON, Sole Proprietor (Entrepreneur Individuel)
  • Address: 245 av. Marie de Montpellier, 34000 Montpellier, France
  • Contact email (personal data): privacy@sentryalert.app

3. Data Collected

3.1 Via the SentryAlert application

The table below details the data collected through the use of the application:

Data Purpose Legal Basis Retention Period
Tesla OAuth identifier User authentication Art. 6.1.b GDPR — Performance of contract Duration of user account
Vehicle VIN Identification of the associated vehicle Art. 6.1.b GDPR — Performance of contract Duration of user account
Tesla tokens (API access) Access to Tesla Fleet API — encrypted with AES-256 Art. 6.1.b GDPR — Performance of contract Duration of user account
Sentry Mode events Notifications and alert history Art. 6.1.b GDPR — Performance of contract Rolling 30 days
Push notification token (APNs on iOS / FCM on Android) Sending push notifications Art. 6.1.b GDPR — Performance of contract Duration of user account
User preferences Experience personalization (language, notifications) Art. 6.1.b GDPR — Performance of contract Duration of user account
Subscription data Subscription management and billing Art. 6.1.b GDPR — Performance of contract Duration of account + legal retention obligations

3.2 Data NOT collected

SentryAlert does not collect any of the following data:

  • Geolocation data (GPS position of the vehicle or user)
  • Driving data (speed, acceleration, trips)
  • Images or videos from the vehicle's cameras
  • Contacts, photos or other personal data stored on the user's device

3.3 Via the sentryalert.app website

Audience analytics: The website uses our own first-party analytics tool, hosted on our own infrastructure (no cookies, no IP address stored, no personal data) to measure audience anonymously (pages visited, duration, device, language).

Contact form: The contact form collects the user's name and email address for the purpose of processing their request, based on the legitimate interest of the data controller (Art. 6.1.f GDPR). This data is retained for the time necessary to process the request, then deleted.

4. Sub-processors

As part of the operation of the Service, certain data may be transmitted to the following sub-processors:

Sub-processor Role Location Safeguards
Hetzner Online GmbH Server and database hosting Germany (EU) Native GDPR (EU)
Apple Inc. Push notifications (APNs) and distribution (App Store) — iOS users United States Standard Contractual Clauses (SCCs)
Google LLC Push notifications (FCM) and distribution (Google Play Store) — Android users United States Standard Contractual Clauses (SCCs)
Tesla, Inc. Fleet Telemetry (Sentry Mode events) United States Consent + Standard Contractual Clauses (SCCs)
Cloudflare, Inc. CDN and DDoS protection Global (anycast network) Standard Contractual Clauses (SCCs)

The application's core data (user accounts, tokens, events) is stored exclusively in Germany, within the European Union.

5. Data Security

The data controller implements the following technical and organizational measures to ensure the security of personal data:

  • Token encryption: Tesla access tokens are encrypted with AES-256 before being stored in the database.
  • Encryption in transit: All communications are protected by TLS 1.3.
  • Authentication: User sessions rely on short-lived JWT tokens.
  • Backups: Encrypted backups are performed daily.
  • Server access: Server access is restricted to SSH connections only.

6. Your Rights (GDPR)

In accordance with Articles 15 to 22 of the GDPR, you have the following rights over your personal data:

  • Right of access (Art. 15) — Obtain confirmation that your data is being processed and receive a copy of it.
  • Right to rectification (Art. 16) — Have your inaccurate or incomplete data corrected.
  • Right to erasure (Art. 17) — Request the deletion of your data. You can also delete your account directly from the SentryAlert application.
  • Right to restriction of processing (Art. 18) — Request the suspension of processing of your data in certain cases.
  • Right to data portability (Art. 20) — Receive your data in a structured, commonly used and machine-readable format.
  • Right to object (Art. 21) — Object to the processing of your data on legitimate grounds.

To exercise any of these rights, please send your request to privacy@sentryalert.app. We commit to responding within 30 days of receiving the request.

If you believe that the processing of your data does not comply with applicable regulations, you have the right to lodge a complaint with the French Data Protection Authority (CNIL): www.cnil.fr.

7. 広告計測とキャンペーン

どの広告キャンペーンが SentryAlert の発見につながっているかを把握するため、特定の技術的シグナルを2つの広告ネットワーク、すなわち Meta(Facebook、Instagram)と Google(Ads、Analytics)と共有する場合があります。これらのツールは、以下の条件のもとで、お客様の同意に応じてのみ有効になります。

使用するツール(同意いただいた場合)

  • Meta Pixel — 訪問を計測するためにブラウザ内で読み込まれるスクリプト。
  • Meta Conversions API — 当社サーバーから Meta へのサーバー間呼び出し。
  • Google Tag — Consent Mode v2 を有効にした状態でブラウザ内に読み込まれるスクリプト。
  • Google Analytics 4 — 行動に基づくオーディエンス計測。

同意いただいた場合に広告ネットワークへ送信される技術的データ

  • 訪問したページ(URL)。
  • キャンペーンパラメータ(utm_source、utm_medium、utm_campaign、utm_content、utm_term)。
  • 広告クリック識別子(Meta は fbclid、Google は gclid)。
  • おおよその国(Cloudflare がお客様の IP アドレスから推定 — 国レベルのみ)。
  • ブラウザの種類とデバイスのカテゴリー。
  • 訪問のタイムスタンプ。

同意があっても広告ネットワークへ決して送信されないデータ

  • Tesla のデータ(車両の状態、バッテリー、GPS の位置情報、セントリーモードのアラート)。
  • VIN — 車両識別番号。
  • 写真や動画。
  • 氏名、メールアドレス、パスワード。
  • SentryAlert アカウントの内容。
  • 正確な位置情報(GPS 座標)。

法的根拠

  • EU/EEA/英国/スイス:事前のマーケティング同意(GDPR 第6条1項(a)、ePrivacy 指令 第5条3項)。
  • この地域外:これらのツールは、適用される現地のルールに従い、デフォルトで有効になる場合があります。

技術的なコンプライアンス

  • Google Consent Mode v2:当社の Google タグは、ad_storage、analytics_storage、ad_user_data、ad_personalization についてデフォルトで「denied」シグナルを受け取ります。これらのシグナルは、お客様が承諾された後にのみ「granted」へ切り替わります。
  • Meta Pixel と Conversions API:広告計測に承諾いただくまで、いかなる呼び出しも行われません。

各ページのフッターにある「プライバシー設定」をクリックすることで、いつでも選択を変更できます。

広告ネットワークのポリシー

公式な参照元

このポリシーは以下の公式な情報源に基づいています:

8. Changes to This Policy

The data controller reserves the right to modify this privacy policy at any time. Any changes will be published on this page with an indication of the update date. Users are advised to regularly review this page to stay informed of any changes.

Last updated: March 8, 2026