RECOUVRA
Sign in

Privacy policy

⚠️

Document to be finalised with an outsourced DPO and a fintech lawyer before public launch.

RECOUVRA collects and processes personal data in strict compliance with the General Data Protection Regulation (GDPR, EU 2016/679) and the French CNIL guidelines on debt collection (decision n° 2020-122).

Data controller

RECOUVRA SAS, contact: dpo@recouvra.com.

Legal bases

  • Performance of a contract — for creditor users who signed the mandate.
  • Legitimate interest — for dunning sent to debtors, within CNIL purposes.
  • Consent — for non-essential cookies and the newsletter.

Retention periods

Data related to collection cases is kept 5 years in active storage from case closure, then archived 5 more years in restricted access, then irreversibly anonymised. Technical logs are purged at 13 months.

Your rights

You have the right to access, rectify, erase (subject to legal constraints), object, port and restrict processing. To exercise these rights, write to dpo@recouvra.com — reply within 30 days at most. If you disagree, you can complain to the CNIL.

Subprocessors

Scaleway (hosting), Stripe (payments), Brevo (emails), OVH/Twilio (SMS), Merci Facteur (postal mail), AR24 (eIDAS e-registered mail), Yousign (e-signature), Pappers (company data enrichment). Each is bound by a GDPR processing agreement.

Transfers outside the EU

No transfer outside the European Union by default. Exceptions (e.g. US subprocessors certified under DPF) are governed by the European Commission Standard Contractual Clauses.