Privacy Policy

OVERRIDE (see Legal notice). Contact: [email protected].

Account data: email, password (hashed), display name, language, subscription plan.

Content created by you: catalogs, lists, stores, items.

Technical identifiers: sessions, push tokens (if push notifications are enabled).

Authentication and service delivery: performance of contract (GDPR art. 6.1.b).

Push notifications: consent (GDPR art. 6.1.a).

Security and abuse prevention: legitimate interest (GDPR art. 6.1.f).

Data is processed by OVERRIDE and its technical sub-processors:

The Constant Company, LLC (Vultr): server hosting (datacenter in Paris, France).

Account data is retained as long as the account is active. Account deletion triggers permanent deletion within 30 days, except where retention is required by law.

Under the GDPR you have the right to access, rectify, erase, object to, restrict, and port your data. Exercise them at [email protected].

You may also lodge a complaint with the CNIL (cnil.fr).

Core data is hosted in France. No transfer outside the EU is performed for the base service. Optional features that involve sub-processors located outside the EU (e.g. push notifications, in-app purchases) rely on the European Commission's Standard Contractual Clauses.