Privacy Policy
This policy describes how JAM, operating under the trade name Webvori, collects, uses and protects your personal data in connection with the use of the website webvori.com.
Data controller
JAM — SIREN 903 063 485 — 17 chemin de Mader, 31490 Léguevin
Contact: sales@webvori.com
No DPO has been designated. GDPR requests are handled directly at the address above.
Data collected
We collect only the data necessary for the purposes described.
Via the contact / quote form
- Full name
- Email address
- Phone number (optional)
- Company / business
- Sector of activity
- Description of the need / project
- Approximate budget (optional)
Purpose: to respond to your commercial request and provide a diagnosis or quote.
Legal basis: performance of pre-contractual measures (GDPR art. 6.1.b).
Retention period: 3 years from the last contact if no contract is signed; 10 years from the end of the contract for accounting and legal obligations.
Via Stripe payment
Payment data (card number, CVV, expiry date) never pass through our servers. They are collected and processed exclusively by Stripe Inc., our payment provider, certified PCI-DSS level 1.
We receive from Stripe only: Stripe customer ID, card type, last 4 digits, payment status, amount, date.
Purpose: contract execution, invoicing, accounting.
Legal basis: contract execution (GDPR art. 6.1.b) + legal obligation (art. 6.1.c).
Retention: 10 years (French accounting obligation).
Stripe policy: https://stripe.com/privacy
Via browsing
- IP address processed ephemerally for website security (rate limiting, anti-spam). No third-party analytics tool is currently active (no Google Analytics, no Vercel Analytics, no advertising pixel).
Purpose: security and availability of the website.
Legal basis: legitimate interest (GDPR art. 6.1.f).
Retention: ephemeral processing; IP logs are not retained beyond the technically necessary duration.
Recipients
Your data is never sold, rented or transferred. It is shared only with our technical sub-processors required for service delivery.
| Sub-processor | Purpose | Hosting |
|---|---|---|
| Vercel Inc. | Website hosting | United States (EU standard contractual clauses) |
| Stripe Inc. | Payment processing | Ireland / United States |
| Resend Inc. | Transactional email delivery | United States (EU standard contractual clauses) |
Your rights
Under the GDPR, you have the following rights:
- Access: obtain a copy of the data we hold.
- Rectification: correct inaccurate data.
- Erasure ("right to be forgotten"): subject to legal retention obligations.
- Restriction of processing.
- Portability: retrieve your data in a structured format.
- Objection to processing on legitimate grounds.
- Withdrawal of consent at any time (for consent-based processing).
To exercise these rights: sales@webvori.com. Response within 30 days maximum.
You also have the right to lodge a complaint with the French data protection authority (CNIL): www.cnil.fr.
B2B commercial prospecting
In the course of our commercial activity, we may process professional contact data (name, professional email, company) collected from public sources (company website, professional social networks).
Purpose: initial B2B commercial outreach.
Legal basis: legitimate interest (GDPR art. 6.1.f) — professional data relating to legal entities or their representatives.
Retention: immediate deletion upon objection or negative response; 6 months maximum without response.
Right to object: reply to the email received or contact sales@webvori.com.
Automated decisions and profiling
No automated decision-making producing legal effects, nor any profiling within the meaning of Article 22 of the GDPR, is implemented on this website.
Security
All communications with the website use HTTPS (TLS 1.3). Stored data is encrypted at rest by our service providers. No user passwords are stored in plain text.
Amendments
We reserve the right to amend this policy. Any material change will be notified on the website and/or by email to active clients.
Last updated: 8 juin 2026