Privacy Policy

이 법률 문서는 적용되는 프랑스 법에 따라 프랑스어로 작성되었습니다.

1. Introduction

The sole proprietorship EI ROMAIN COUZON operates the SentryAlert mobile application and the sentryalert.app website (hereinafter collectively referred to as the "Service").

The purpose of this privacy policy is to inform users of the Service about how their personal data is collected, processed and protected, in accordance with the General Data Protection Regulation (EU) 2016/679 (hereinafter "GDPR") and French Law No. 78-17 of January 6, 1978, relating to information technology, files and civil liberties, as currently in force.

By using the Service, the user acknowledges having read this policy and accepts its terms.

2. Data Controller

  • Identity: EI ROMAIN COUZON, Sole Proprietor (Entrepreneur Individuel)
  • Address: 245 av. Marie de Montpellier, 34000 Montpellier, France
  • Contact email (personal data): privacy@sentryalert.app

3. Data Collected

3.1 Via the SentryAlert application

The table below details the data collected through the use of the application:

Data Purpose Legal Basis Retention Period
Tesla OAuth identifier User authentication Art. 6.1.b GDPR — Performance of contract Duration of user account
Vehicle VIN Identification of the associated vehicle Art. 6.1.b GDPR — Performance of contract Duration of user account
Tesla tokens (API access) Access to Tesla Fleet API — encrypted with AES-256 Art. 6.1.b GDPR — Performance of contract Duration of user account
Sentry Mode events Notifications and alert history Art. 6.1.b GDPR — Performance of contract Rolling 30 days
Push notification token (APNs on iOS / FCM on Android) Sending push notifications Art. 6.1.b GDPR — Performance of contract Duration of user account
User preferences Experience personalization (language, notifications) Art. 6.1.b GDPR — Performance of contract Duration of user account
Subscription data Subscription management and billing Art. 6.1.b GDPR — Performance of contract Duration of account + legal retention obligations

3.2 Data NOT collected

SentryAlert does not collect any of the following data:

  • Geolocation data (GPS position of the vehicle or user)
  • Driving data (speed, acceleration, trips)
  • Images or videos from the vehicle's cameras
  • Contacts, photos or other personal data stored on the user's device

3.3 Via the sentryalert.app website

Audience analytics: The website uses our own first-party analytics tool, hosted on our own infrastructure (no cookies, no IP address stored, no personal data) to measure audience anonymously (pages visited, duration, device, language).

Contact form: The contact form collects the user's name and email address for the purpose of processing their request, based on the legitimate interest of the data controller (Art. 6.1.f GDPR). This data is retained for the time necessary to process the request, then deleted.

4. Sub-processors

As part of the operation of the Service, certain data may be transmitted to the following sub-processors:

Sub-processor Role Location Safeguards
Hetzner Online GmbH Server and database hosting Germany (EU) Native GDPR (EU)
Apple Inc. Push notifications (APNs) and distribution (App Store) — iOS users United States Standard Contractual Clauses (SCCs)
Google LLC Push notifications (FCM) and distribution (Google Play Store) — Android users United States Standard Contractual Clauses (SCCs)
Tesla, Inc. Fleet Telemetry (Sentry Mode events) United States Consent + Standard Contractual Clauses (SCCs)
Cloudflare, Inc. CDN and DDoS protection Global (anycast network) Standard Contractual Clauses (SCCs)

The application's core data (user accounts, tokens, events) is stored exclusively in Germany, within the European Union.

5. Data Security

The data controller implements the following technical and organizational measures to ensure the security of personal data:

  • Token encryption: Tesla access tokens are encrypted with AES-256 before being stored in the database.
  • Encryption in transit: All communications are protected by TLS 1.3.
  • Authentication: User sessions rely on short-lived JWT tokens.
  • Backups: Encrypted backups are performed daily.
  • Server access: Server access is restricted to SSH connections only.

6. Your Rights (GDPR)

In accordance with Articles 15 to 22 of the GDPR, you have the following rights over your personal data:

  • Right of access (Art. 15) — Obtain confirmation that your data is being processed and receive a copy of it.
  • Right to rectification (Art. 16) — Have your inaccurate or incomplete data corrected.
  • Right to erasure (Art. 17) — Request the deletion of your data. You can also delete your account directly from the SentryAlert application.
  • Right to restriction of processing (Art. 18) — Request the suspension of processing of your data in certain cases.
  • Right to data portability (Art. 20) — Receive your data in a structured, commonly used and machine-readable format.
  • Right to object (Art. 21) — Object to the processing of your data on legitimate grounds.

To exercise any of these rights, please send your request to privacy@sentryalert.app. We commit to responding within 30 days of receiving the request.

If you believe that the processing of your data does not comply with applicable regulations, you have the right to lodge a complaint with the French Data Protection Authority (CNIL): www.cnil.fr.

7. 광고 측정 및 캠페인

어떤 광고 캠페인이 SentryAlert를 알리는 데 도움이 되는지 파악하기 위해, 저희는 두 광고 네트워크(Meta(Facebook, Instagram) 및 Google(Ads, Analytics))와 일부 기술 신호를 공유할 수 있습니다. 이러한 도구는 아래 조건에 따라 여러분의 동의가 있을 때만 활성화됩니다.

사용되는 도구(동의하실 경우)

  • Meta Pixel — 방문을 측정하기 위해 브라우저에 로드되는 스크립트.
  • Meta Conversions API — 저희 서버에서 Meta로 보내는 서버 간 호출.
  • Google Tag — 브라우저에 로드되는 스크립트로, Consent Mode v2가 활성화됨.
  • Google Analytics 4 — 행동 기반 방문자 측정.

동의 시 광고 네트워크로 전송되는 기술 데이터

  • 방문한 페이지(URL).
  • 캠페인 파라미터(utm_source, utm_medium, utm_campaign, utm_content, utm_term).
  • 광고 클릭 식별자(Meta는 fbclid, Google은 gclid).
  • 대략적인 국가(Cloudflare가 IP 주소로부터 추정 — 국가 수준만 해당).
  • 브라우저 유형 및 기기 카테고리.
  • 방문 타임스탬프.

동의하더라도 광고 네트워크에 절대 전송하지 않는 데이터

  • Tesla 데이터(차량 상태, 배터리, GPS 위치, Sentry 알림).
  • VIN — 차량 식별 번호.
  • 사진 또는 동영상.
  • 이름, 이메일 주소, 비밀번호.
  • SentryAlert 계정의 내용.
  • 정확한 위치(GPS 좌표).

법적 근거

  • EU / EEA / 영국 / 스위스: 사전 마케팅 동의(GDPR 제6조 1항 (a), ePrivacy 지침 제5조 3항).
  • 이 지역 외: 적용되는 현지 규정에 따라 이러한 도구가 기본적으로 활성화될 수 있습니다.

기술적 준수

  • Google Consent Mode v2: 저희의 Google 태그는 ad_storage, analytics_storage, ad_user_data, ad_personalization에 대해 기본적으로 'denied' 신호를 받습니다. 이 신호는 여러분이 동의한 이후에만 'granted'로 전환됩니다.
  • Meta Pixel 및 Conversions API: 여러분이 광고 측정에 동의하기 전까지는 어떠한 호출도 수행되지 않습니다.

모든 페이지의 푸터에서 '개인정보 환경설정'을 클릭하여 언제든지 선택을 변경할 수 있습니다.

광고 네트워크 방침

공식 참고 자료

이 방침은 다음 공식 출처를 근거로 합니다:

8. Changes to This Policy

The data controller reserves the right to modify this privacy policy at any time. Any changes will be published on this page with an indication of the update date. Users are advised to regularly review this page to stay informed of any changes.

Last updated: March 8, 2026