Publisher

ALPHABRAND SAS

Simplified Joint-Stock Company (Société par actions simplifiée) with a share capital of €88,366

Registered office: 1530 Chemin de Banon, 13100 Aix-en-Provence, France

Registered with the Aix-en-Provence Trade and Companies Register under number 990 818 767

President: Pierre Bérard

Email: contact@alphabrand.ai

Hosting Provider

Google Cloud Platform (Google Ireland Limited)

Gordon House, Barrow Street, Dublin 4, Ireland

Website: https://cloud.google.com

Intellectual Property

All content available on the alphabrand.ai website—including but not limited to text, images, graphics, logos, icons, sound elements, software, and underlying technology—is the exclusive property of ALPHABRAND or is used with authorization.

Any reproduction, representation, modification, publication, adaptation, or distribution, in whole or in part, without prior written consent from ALPHABRAND is strictly prohibited.

Overview

This Privacy Policy explains how ALPHABRAND SAS ("alphabrand", "we", "us") processes personal data in connection with the alphabrand.ai website and the alphabrand application. We act as data controller for the data described below, unless stated otherwise.

Contact: contact@alphabrand.ai

Data We Process

• Account & workspace data: name, email, profile info, organization/workspace name and settings, role, authentication identifiers.
• Connected storage content (read-only): when you connect a cloud storage account (e.g., Google Drive or Microsoft OneDrive), we read file metadata and content you already have access to in order to index it for search and AI answers.
• Derived data for search: extracted text snippets and vector embeddings created from your files to enable semantic search and retrieval-augmented generation (RAG).
• Product usage data: actions in the app (e.g., searches, queries, clicks), device/browser info, and diagnostics to improve reliability and security.
• Support content: messages and attachments you share with support.

Where Data Comes From

Data is collected from you directly (account creation, app usage, support), from connected cloud storage you authorize, and from service providers (e.g., analytics or monitoring tools).

Why We Process Data & Legal Bases (GDPR)

• Provide and secure the service (account, authentication, storage connection, indexing, search, AI chat) — performance of a contract (Art. 6(1)(b)).
• Improve and monitor the product (analytics, diagnostics, fraud/security) — legitimate interests (Art. 6(1)(f)).
• Legal compliance and communication — legal obligation (Art. 6(1)(c)).
• Marketing communications (where applicable) — consent (Art. 6(1)(a)) or legitimate interests (Art. 6(1)(f)), with the ability to opt out at any time.

Cloud Storage Integrations

If you connect a cloud storage provider (e.g., Google Drive or Microsoft OneDrive), alphabrand operates in read-only mode. We list files/folders you can access, export or download file content to extract text, and build searchable indexes and embeddings for your workspace. We do not create, edit, move, or delete files in your storage.

• Permissions: we request the minimum read-only permissions required to read file metadata and content you already have access to.
• Tokens: OAuth tokens are encrypted and can be revoked by disconnecting the integration in settings or via your provider's security page.
• What we store: minimal metadata (e.g., file id, name, type, path, modified time), extracted text needed for retrieval, and embeddings derived from that text. We do not store original files.
• Disconnection & deletion: you can disconnect at any time. Upon disconnection or a deletion request, we delete associated cached text, embeddings, and related metadata from alphabrand.

Example: For Google Drive, we use read-only scopes to index content for search and AI Q&A. Similar principles apply to OneDrive.

AI Processing

• No training on your data: alphabrand does not use your content to train or fine-tune foundation models. Data is only processed to deliver features to your workspace.
• Workspace isolation: documents, embeddings, prompts, and chat history are siloed by workspace and are never shared across different workspaces.
• Model providers as processors: when we use third-party AI/OCR services to process text (e.g., LLMs, OCR), they act as processors under our instructions and are contractually prohibited from using your data to train their models.

Sharing & Service Providers

We do not sell your personal data. We share it only with service providers that help us run the service (e.g., cloud hosting, databases, monitoring, AI/OCR). These providers act as processors under data protection agreements.

We maintain an up-to-date list of subprocessors (including hosting and AI/OCR providers). You can request this list at contact@alphabrand.ai.

International Data Transfers

Where data is transferred outside the European Economic Area, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses and/or adequacy decisions, and we assess partner practices accordingly.

Data Retention

We keep personal data only as long as necessary for the purposes described above. Workspace content derivatives (e.g., extracted text and embeddings) persist while the integration is active and are deleted upon disconnection or verified deletion request. Backups are purged on a rolling schedule.

Security

We use industry-standard measures to protect data in transit and at rest (encryption, access controls, monitoring, and least-privilege practices). OAuth tokens and secrets are encrypted. Access to production systems is restricted and audited.

Your Rights

Under GDPR, you may have the right to access, rectify, erase, restrict or object to processing, and request data portability.

You can exercise these rights by contacting contact@alphabrand.ai. We may need to verify your identity before responding.

You also have the right to lodge a complaint with your local supervisory authority. In France, this is the CNIL.

Children's Privacy

alphabrand is not directed to children and is intended for use by organizations and professionals.

Changes to This Policy

We may update this policy from time to time. We will post any changes on this page and update the "last updated" date. Material changes may also be communicated by email or in-app notification.

Data Controller

ALPHABRAND SAS

1530 Chemin de Banon, 13100 Aix-en-Provence, France

RCS Aix-en-Provence 990 818 767

Email: contact@alphabrand.ai

What Are Cookies?

Cookies are small text files that are placed on your device when you visit a website. They help the website remember your preferences and improve your browsing experience.

How We Use Cookies

The alphabrand.ai website may place cookies necessary for its proper functioning, as well as optional analytical or advertising cookies.

You can manage your cookie preferences at any time via the consent banner displayed on the site.

Types of Cookies We Use

• Essential Cookies: These cookies are necessary for the website to function properly and cannot be disabled.
• Analytical Cookies: These cookies help us understand how visitors interact with our website by collecting and reporting information anonymously.
• Advertising Cookies: These cookies may be used to deliver relevant advertisements and track their effectiveness.

Managing Your Cookie Preferences

You can control and manage cookies in various ways. Please note that removing or blocking cookies may impact your user experience and some functionality may no longer be available.

Most browsers automatically accept cookies, but you can modify your browser settings to decline cookies if you prefer. Instructions for managing cookies can typically be found in your browser's help section.

Contact Us

If you have any questions about our use of cookies, please contact us at contact@alphabrand.ai