Privacy Policy

Last updated: March 27, 2026

Important notice: This English version is a courtesy translation. The French version remains the legally binding document. In case of any discrepancy, the French version prevails.

Data controller

Beeleven SASU, a simplified joint-stock company (société par actions simplifiée unipersonnelle), registered with the Paris Trade and Companies Registry under number 102 307 345.

Registered office: 7 rue Curial, 75019 Paris, France.

Email: hello@detekia.fr

Publication director: Guillaume Bourdon.

Data collected and purposes

Detekia collects a minimal amount of data, strictly necessary for the operation of the service.

Analyzed URL — When you launch a GEO analysis, the URL you enter is processed in real time to generate your score. The URL and results are cached in our secure database for 24 hours to speed up subsequent analyses of the same website. After 24 hours, this data is automatically deleted. Legal basis: legitimate interest (provision of the requested service).

Email address (optional) — If you choose to receive your report by email via the capture form, your email address is stored in our database along with the analyzed URL and the score obtained. This data is used to send you your report and, if you consent, alerts about changes to your score. Legal basis: consent.

Payment data — When you purchase the full GEO report, payment is entirely processed by Stripe Payments Europe, Ltd. Beeleven SASU does not collect, store or process any banking data (card number, expiration date, CVV). Only the information transmitted by Stripe after payment is processed: buyer's email, transaction ID, amount. Legal basis: contract performance.

Customer data (paid reports) — When purchasing a paid report (€29 or €99), the following information collected by Stripe during payment is stored in our secure database and associated with the report: email address, name, billing country, Stripe customer ID. This data is used exclusively for customer support (report re-delivery, goodwill gestures) and contract management. It is never used for marketing purposes. Retention period: 3 years from the date of purchase. You can request deletion at any time by writing to guillaume@beeleven.fr or via the /api/delete-report endpoint. Legal basis: contract performance (GDPR Article 6.1.b).

Browsing data — Detekia uses Vercel Analytics to measure website traffic (page views, visit duration, geographic origin). Vercel Analytics does not set cookies, does not use third-party trackers and does not collect personally identifiable data. The data is aggregated and anonymous. Legal basis: legitimate interest (service improvement).

Data Detekia does not collect

Detekia does not create user accounts and does not collect passwords. Detekia does not collect banking data. Detekia does not collect IP addresses for identification purposes. Detekia does not use advertising cookies or third-party trackers. Detekia does not sell any data to third parties.

Cookies

Detekia only uses cookies strictly necessary for the operation of the website (session cookies, consent preferences). No advertising or third-party tracking cookies are set.

Vercel Analytics, used for audience measurement, operates without cookies.

The cookie consent banner allows you to accept or refuse non-essential cookies.

Processors and data recipients

The data collected by Detekia is processed by the following processors, all compliant with GDPR or the EU-US data protection framework:

  • Vercel Inc. (United States) — website hosting and analytics. Compliant with the EU-US Data Privacy Framework.
  • Upstash (hosted in the EU, eu-west-1 region) — storage of analysis results, reports, email leads and asynchronous orchestration (QStash). Data hosted in the European Union.
  • Stripe Payments Europe, Ltd. (Ireland) — payment processing and refunds. PCI DSS Level 1 certified, GDPR compliant.
  • Resend (United States) — transactional email delivery (reports, confirmations, alerts). Compliant with the EU-US Data Privacy Framework.
  • Anthropic (United States) — recommendation generation and editorial neutrality analysis via the Claude API. Only the textual content of the analyzed page is transmitted. Compliant with the EU-US Data Privacy Framework.
  • OpenAI (United States) — AI visibility testing via the GPT API. Simulated queries do not contain personal data. Compliant with the EU-US Data Privacy Framework.
  • Jina AI (EU/US) — web page content extraction for analysis. The URL of the analyzed page is transmitted. GDPR compliant.
  • Browserless.io (United States) — JavaScript web page rendering for sites requiring a headless browser. The URL of the analyzed page is transmitted. Compliant with the EU-US Data Privacy Framework.
  • PDFShift (EU) — PDF report generation. Report HTML content is transmitted for conversion. Hosted in the European Union.
  • Google Analytics 4 — anonymized analytics, subject to user consent. Compliant with the EU-US Data Privacy Framework.

No personal data is transmitted to any third parties other than those listed above.

Data retention

  • Analyzed URL and results: 24 hours (automatic cache).
  • Email address (optional capture): retained until deletion is requested by the user.
  • Stripe transaction data: retained for the legally required accounting document retention period (10 years).
  • Customer data (paid reports): email, name, country — retained for 3 years from the date of purchase, deletable upon request.
  • Vercel Analytics data: aggregated and anonymous, retained by Vercel according to its retention policy.

Your rights

In accordance with the General Data Protection Regulation (GDPR), you have the following rights regarding your personal data:

  • Right of access — You may request a copy of all personal data we hold about you.
  • Right to rectification — You may request the correction of inaccurate or incomplete data.
  • Right to erasure — You may request the deletion of your personal data. For emails collected via the capture form, deletion is immediate upon request.
  • Right to object — You may object to the processing of your data at any time.
  • Right to data portability — You may request to receive your data in a structured, machine-readable format.
  • Right to withdraw consent — For processing based on consent (email capture), you may withdraw your consent at any time.

To exercise any of these rights, send an email to hello@detekia.fr specifying your request. We will respond within a maximum of 30 days.

If you believe that the processing of your data does not comply with regulations, you may file a complaint with the CNIL (French data protection authority): www.cnil.fr.

Data transfers outside the EU

Some of our processors are located in the United States (Vercel, Resend, our AI provider). These transfers are governed by the EU-US Data Privacy Framework, recognized by the European Commission as providing an adequate level of protection (adequacy decision of July 10, 2023).

Payment data is processed by Stripe Payments Europe, Ltd., established in Ireland (EU).

Cache data (URLs, analysis results) is stored in the eu-west-1 region (EU).

Security

Beeleven SASU implements appropriate technical and organizational measures to protect personal data against loss, theft, unauthorized access, disclosure or destruction. Communications are encrypted via HTTPS/TLS. Database access is protected by authentication.

Changes to this policy

This privacy policy may be updated at any time. The last update date is indicated at the top of this page. We encourage you to check this page regularly.

Contact

For any questions regarding the protection of your data: hello@detekia.fr