Privacy Policy

Learn how we collect, use, and protect your personal data at LogFlux.

Preamble

In the course of its activity and for the purposes of providing the Services (as defined in our General Terms and Conditions), LogFlux (as defined in our Imprint, hereafter referred to as the “Service”) is required to collect and process the personal data of its users (hereafter referred to as the “Users”).

This privacy policy, implemented by the Service, is intended to provide the Users with a summary and overview of the processing of personal data carried out by Service.

At LogFlux, we are committed to comply with the GDPR and other privacy regulations. The privacy of your data is of the uttermost importance for us.

Definitions

Personal data: any information relating to an identified or identifiable natural person, that is, a person who can be identified, directly or indirectly, by reference to an identification number or to one or more elements specific to that person.

Processing of personal data: any operation or any set of operations relating to personal data, whatever the process used, and in particular the collection, recording, organisation, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, as well as locking, erasure, or destruction.

Cookies: cookies are pieces of information placed on the hard drive of Internet users by the server of the site they visit. It contains several pieces of data: the name of the server which installed it, an identifier in the form of a unique number, and possibly an expiry date. This information is sometimes stored on the computer in a simple text file that a server accesses to read and save pieces of information.

Data Protection Officer - DPO

The Service has appointed a Data Protection Officer who can be contacted at the following address: dpo@logflux.io

Data collected

The Service collects data from Users in order to make the Services for which they have subscribed to the platform available to them.

The mandatory or optional nature of the data provided (in order to complete the Users’ registration and to render the Services) is indicated at the time of collection by an asterisk.

In addition, certain data is collected automatically as a result of the User’s actions on the site (see the paragraph on cookies).

The types of data we collect include:

  • Account Information: Email address, name, company information, billing address
  • Log Data: Application logs, system logs, and metadata uploaded by Users
  • Usage Data: Service usage statistics, feature utilization, performance metrics
  • Technical Data: IP addresses, browser information, device information
  • Payment Information: Billing details processed through our payment processors

Purposes

The personal data collected by the Service during the provision of the Services is necessary for the performance of the contracts concluded with the Users, or to allow the Service to pursue its legitimate interests while respecting the rights of the Users. Certain data may also be processed based on the Users’ consent.

The purposes for which the Service processes data are the following:

  • Commercial and accounting management of the contract
  • Management of customer acquisition and marketing activities
  • Detection of malicious behaviour (fraud, abuse, security threats)
  • The improvement of the Users’ experience on the site and platform
  • Providing log management and analytics services
  • Technical support and customer service
  • System monitoring and performance optimization
  • Compliance with legal obligations

Recipients of the data

The personal data collected is intended for the Service’s commercial, technical, and accounting departments. It may be transmitted to the Service’s subsidiaries, or to third-party data processors which the Service is authorized to use within the context of the performance of its Services.

Our current sub-processors include:

  • Paddle: Payment processing
  • AWS: Infrastructure hosting and data storage
  • Freshdesk: Customer support and communication management

In this context, personal data may be transferred to an EU or non-EU country. The Service implements guarantees ensuring the protection and security of this data, in compliance with applicable rules and regulations.

The Service does not transfer or rent personal data to third parties for marketing purposes.

In addition, personal data may only be disclosed to third parties in the following cases:

  • With the Users’ authorization
  • At the request of the competent legal authorities, upon judicial request, or in the context of a legal dispute
  • To protect the rights, property, or safety of LogFlux, our users, or others

Data retention period

To satisfy its legal obligations or in order to have the necessary elements to assert its rights, the Service will be able to retain the data under the conditions established by applicable rules and regulations.

Thus, personal data collected by the Service relating to the identity and contact details of its Users is retained for a maximum period of two years after the termination of the contractual relationship for Users that are customers, or from their collection by the data controller or the last contact from the Users that are prospects, for the data relating to the latter.

Log Data Retention: User log data is retained according to the retention policies configured by the User within their account settings. The Service will delete log data automatically when the retention period expires, unless otherwise requested by the User.

The termination of the contractual relationship is understood as the express termination of the contract by the User, or the non-use of the LogFlux Services for a period of five years.

Rights of Users

In accordance with applicable rules, the Users have the right to access and rectify their personal data, which enables them to rectify, complete, update, or delete data that is inaccurate, incomplete, ambiguous, or outdated, or whose collection, use, communication, or storage is prohibited.

The Users also have the right to request the limitation of the processing, and to oppose on legitimate grounds the processing of their personal data. The User may also communicate instructions on the fate of their personal data in the event of their death.

Where applicable, the User may request the portability of their personal data or, where the legal basis for the processing is consent, withdraw their consent at any time.

The Users may exercise their rights by sending an email to privacy@logflux.io or a letter to the address mentioned in our Imprint.

These requests shall be processed within a maximum period of 30 days.

The Users may also at any time modify the data pertaining to them by logging on to https://dashboard.logflux.io and accessing their account settings or by contacting the customer relations department at support@logflux.io.

The Users may unsubscribe from the Service’s newsletter or marketing emails by following the unsubscribe links in each of these emails.

The Users may access detailed information on the use of their personal data, in particular concerning the purposes of the processing, the legal bases enabling the Service to process the data, its storage period, its recipients, and, where applicable, its transfer to a country outside the European Union as well as the related compliance guarantees put in place for such transfers. To do so, the User can send their request by email to privacy@logflux.io.

Security

The Service has taken all necessary precautions to preserve the security of personal data and, in particular, to prevent it from being accessed by unauthorized third parties, distorted, or damaged.

These measures include the following:

  • Multi-level firewall
  • Proven solutions for anti-virus protection and detection of intrusion attempts
  • Encrypted data transmission using SSL/TLS/HTTPS technology
  • End-to-end encryption for all log data
  • Tier 3 certified data centres
  • Regular security audits and penetration testing
  • Access controls and authentication systems
  • Monitoring and logging of all system access

In addition, access to processing data on behalf of the Service by the receiving third-party services requires authentication of the persons accessing the data, by means of an individual access code and password, that is sufficiently robust and regularly renewed.

Data transmitted over unsecured communication channels is subject to technical measures designed to make such data incomprehensible to any unauthorised person.

Any questions about the security of the Service’s website can be directed to security@logflux.io

Cookies and tracking

The Service uses cookies and similar technologies to improve the user experience, analyze site usage, and provide personalized content. Users can control cookie preferences through their browser settings.

We use the following types of cookies:

  • Essential Cookies: Required for the website to function properly
  • Analytics Cookies: Help us understand how visitors use our website
  • Preference Cookies: Remember user preferences and settings
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

International data transfers

When we transfer personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Other legally recognized transfer mechanisms

Data subject rights under GDPR

If you are a resident of the European Union, you have the following rights regarding your personal data:

  • Right of access: Request copies of your personal data
  • Right to rectification: Request correction of inaccurate personal data
  • Right to erasure: Request deletion of your personal data
  • Right to restrict processing: Request limitation of processing
  • Right to data portability: Request transfer of data to another service
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent for consent-based processing

Modification of the Privacy Policy

The Service reserves the right to change this Privacy Policy to comply with changes in the applicable laws and regulations.

The Users shall be notified of any changes made to this policy via our website or by email at least sixty days prior, when possible, to their entry into force.

Contact

Any questions about the Service’s Privacy Policy can be directed by email to privacy@logflux.io or by mail to the address as defined in our Imprint.

For general inquiries, you can also contact us at support@logflux.io.

Complaints

If you believe that we have not complied with this Privacy Policy or data protection laws, you have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction.