PELLI PRIVACY POLICY

Version dated October 6, 2025

Language and Interpretation

This Privacy Policy has been written in French and translated into English for convenience. In the event of any inconsistency or discrepancy between the French and English versions, the French version shall prevail.

French law applies to this Privacy Policy. In case of dispute, French courts shall have exclusive jurisdiction.

---

TABLE OF CONTENTS

1. Introduction
2. Data Controller and DPO
3. Personal Data Collected
4. Purposes and Legal Bases
5. Data Recipients
6. Data Transfers Outside the EU
7. Retention Period
8. Security and Confidentiality
9. Artificial Intelligence and Biometric Data
10. Your GDPR Rights
11. Cookies and Tracking Technologies
12. Minors
13. Policy Modifications
14. CNIL Complaint
15. Contact

---

1. Introduction

1.1 Pelli's Commitment

At Pelli, the protection of your personal data is an absolute priority. We are committed to complete transparency regarding how we collect, use, store, and protect your information.

Our approach is based on the principles of:

• Privacy by Design: Protection of privacy by design and by default
• Data sovereignty: Hosting exclusively in France and Europe
• Technical transparency: Auditable open source technologies, publicly documented architecture
• Minimization: Collection limited to what is strictly necessary
• Respect for rights: Facilitation of the exercise of your GDPR rights

1.2 Scope of this Policy

This Privacy Policy applies to:

• The Pelli platform: Web application accessible via app.pelli.io
• The website: pelli.io and all its subdomains
• Related services: APIs, integrations, transactional emails
• AI features: Facial recognition and semantic search (opt-in)

1.3 Legal Framework

Pelli commits to strict compliance with:

• The General Data Protection Regulation (GDPR) - EU Regulation 2016/679
• The amended French Data Protection Act (Loi Informatique et Libertés)
• The ePrivacy Directive concerning cookies and electronic communications
• The French Consumer Code

---

2. Data Controller and DPO

2.1 Data Controller

The controller of your personal data is:

LUMY.MEDIA SAS with capital of 2,000 euros RCS Brest B 889 608 790 Registered office: Quai de la Douane, Building LE GRAND LARGE, 29200 Brest, France Email: [email protected]

2.2 Data Protection Officer (DPO)

Pelli has appointed a Data Protection Officer (DPO) whom you can contact for any questions regarding your personal data:

Pelli DPO Email: [email protected] Mail: DPO Pelli - Lumy.Media, Quai de la Douane, Building LE GRAND LARGE, 29200 Brest, France

Role of the DPO:

• Ensure compliance with GDPR and applicable regulations
• Advise Pelli on its data protection obligations
• Process your requests to exercise your rights
• Be your point of contact for any questions regarding your data

Response: The DPO commits to responding to your requests within 30 days maximum (Article 12.3 GDPR).

---

3. Personal Data Collected

3.1 Principle of Minimization

Pelli applies the principle of data minimization (Article 5.1.c GDPR): we only collect data that is strictly necessary for providing the Service and complying with our legal obligations.

3.2 Data Collected Directly from You

3.2.1 During Account Creation

Mandatory data:

• Email: Unique identifier and means of communication
• First and last name (or company name if professional)
• Password: Stored in encrypted form (bcrypt hash)

Optional data:

• Company/photo studio name
• Professional website
• Phone number (for priority support)
• Postal address (required for shop module)
• SIRET (if French professional, for invoicing with VAT)
• Intra-community VAT number (EU professionals)

3.2.2 During Service Use

Account data:

• Customization settings: Colors, logo, typography of your galleries
• Preferences: Language, theme (light/dark), notifications enabled/disabled
• Email signature: If configured for client emails

Gallery data:

• Titles and descriptions of galleries
• Gallery passwords (if protection enabled): Stored in encrypted form
• Dates and settings: Creation date, expiration, download options
• Organization: Categories, folders, sort order

Content (Photos and Videos):

• Media files: Uploaded images and videos
• EXIF metadata: Date taken, camera, settings (this data can be retained or deleted according to your settings)

IMPORTANT: Pelli considers your photos and videos as your professional creations protected by copyright. We do not consider them as "personal data" in the strict sense of GDPR, but as your intellectual property (see Terms article 9).

3.2.3 During Paid Subscription

Billing data:

• First and last name (or company name)
• Complete billing address
• SIRET and VAT number (if professional)
• Billing email (may differ from account email)

Payment data:

• Banking information: Processed and stored exclusively by Stripe (our PCI-DSS certified payment processor)
• IMPORTANT: Pelli does NOT store ANY banking data (no card number, no cryptogram, no IBAN)
• Pelli only receives a secure token from Stripe allowing subscription management (renewals, refunds)

3.2.4 During Shop Module Use (Ultra plan only)

Stripe Connect data:

• Stripe Connect account: Link to your professional Stripe account (to receive payments from your sales)
• Banking information: Managed exclusively by Stripe, never by Pelli

Order data:

• Details of products sold: Names, prices, descriptions
• Order status: In progress, shipped, delivered, etc.
• Buyer emails (your End Clients): Provided by you or collected during order

3.3 Automatically Collected Data

3.3.1 Connection Logs and Technical Data

Each time you log into your account, we automatically collect:

• IP address: For security and fraud prevention
• Date and time of connection
• Browser type and version (User-Agent)
• Operating system (Windows, macOS, iOS, Android, etc.)
• Device type (computer, tablet, smartphone)
• Approximate location (country, city): Deduced from IP, only to detect suspicious connections

Purpose: Account security, intrusion detection, fraud prevention.

Retention: 1 year (legal obligation Article 6.II LCEN for fighting cybercrime).

3.3.2 Usage Data and Statistics

Navigation data (anonymized):

• Pages visited on the Pelli site
• Features used (gallery creation, photo upload, etc.)
• Time spent on the platform
• User journey (navigation flow)

Purpose: Service improvement, usability analysis (UX), bug detection.

Anonymization: This data is aggregated and anonymized via PostHog (see article 5.4) so that it can no longer be linked to an identified person.

Tool used: PostHog (self-hosted on our French servers) - No third-party tracking.

3.3.3 Public Gallery Data (Statistics)

For each public gallery, Pelli automatically collects:

• Number of views: Counter incremented with each visit
• Unique views: Number of distinct visitors (deduced from IP, anonymized after 24h)
• Interactions: Likes, super-likes, comments (associated with End Clients)
• Downloads: Which photos were downloaded and when

Purpose: Provide statistics to the Photographer to track engagement of their End Clients.

Legal basis: Legitimate interest of the Photographer to analyze the reception of their work (Article 6.1.f GDPR).

3.4 Data Collected via Third Parties

3.4.1 End Client Emails (Provided by Photographer)

When the Photographer manually enters End Client emails to send them a gallery link, Pelli collects:

• End Client email address
• End Client name (if provided by Photographer)
• Sending history: Email send dates, opens (if tracking enabled)

Joint controllership (Article 26 GDPR):

• Pelli: Provides the technical tool for sending emails
• Photographer: Responsible for initial collection of email and End Client consent

Photographer obligations:

• Inform their End Clients that Pelli will be used for sending galleries
• Obtain consent if required (depending on context: execution of photographer/client contract or explicit consent for newsletter)
• Respect the right of opposition of their End Clients

3.4.2 Google/Facebook Authentication (If Available)

If you choose to log in via Google or Facebook (OAuth), Pelli only receives:

• Email from your Google/Facebook account
• Public first and last name
• Public profile photo (optional)

IMPORTANT: Pelli NEVER receives your Google/Facebook password, nor any other private data from these platforms.

Legal basis: Consent (by clicking "Sign in with Google/Facebook").

---

4. Purposes and Legal Bases

In accordance with Article 6 of GDPR, any processing of personal data must be based on a valid legal basis. Here are the details of processing purposes and corresponding legal bases:

4.1 Account Management

Purpose:

• Creation and maintenance of your Pelli account
• Authentication and session management
• Customization of your personal space

Data processed:

• Email, first name, last name, password (encrypted)
• Account settings and preferences

Legal basis:

• Contract execution (Article 6.1.b GDPR): Necessary to provide the subscribed Service
• Consent (Article 6.1.a GDPR): For certain optional preferences (marketing notifications)

Duration: During Service use + 2 years after termination (commercial and tax obligation)

4.2 Service Provision

Purpose:

• Hosting and storage of your photo/video galleries
• Display of galleries to your End Clients
• Upload processing, image optimization
• Feature management (sharing, downloading, selection, comments)
• Application of customizations (watermark, colors, logo)

Data processed:

• Content (photos, videos), metadata
• Gallery settings, sharing links
• End Client interactions (views, likes, downloads)

Legal basis:

• Contract execution (Article 6.1.b GDPR)

Duration: During use + 30 days after termination for recovery (see Terms article 9.2)

4.3 Billing and Payments

Purpose:

• Generation and sending of invoices
• Payment processing (via Stripe)
• Subscription and renewal management
• Processing of refunds and payment disputes

Data processed:

• Billing information (name, address, SIRET/VAT)
• Payment history
• Stripe token (link to your payment method stored at Stripe)

Legal basis:

• Contract execution (Article 6.1.b GDPR) for payments
• Legal obligation (Article 6.1.c GDPR) for retention of invoices (10 years, Article L123-22 Commercial Code)

Duration:

• Active payment data: During subscription period
• Invoices: 10 years (French legal obligation)

4.4 Customer Support and Assistance

Purpose:

• Respond to your technical assistance requests
• Resolve reported problems and bugs
• Provide personalized support

Data processed:

• Email, name, content of your requests
• Screenshots or files provided for diagnosis
• History of support conversations

Legal basis:

• Contract execution (Article 6.1.b GDPR): Support is an integral part of the Service
• Legitimate interest (Article 6.1.f GDPR): Improvement of support quality

Duration: 2 years after last interaction (for history and continuous improvement)

4.5 Security and Fraud Prevention

Purpose:

• Detect and prevent intrusions, hacks, identity theft
• Fight fraudulent use (multiple account creation, quota abuse)
• Secure payment transactions
• Protect Platform integrity

Data processed:

• Connection logs (IP, date/time, browser)
• Detected abnormal behaviors (sudden massive uploads, repeated connection attempts)
• Reports of suspicious users

Legal basis:

• Legitimate interest (Article 6.1.f GDPR): Platform security and User protection
• Legal obligation (Article 6.1.c GDPR): Retention of logs 1 year (Article 6.II LCEN)

Duration:

• Connection logs: 1 year
• Proven fraud data: 5 years (blacklist for protection)

4.6 Service Improvement and Usage Analysis

Purpose:

• Analyze Service use to identify improvements
• Detect bugs and usability problems
• Prioritize development of new features
• Measure user satisfaction

Data processed:

• Anonymized usage statistics (pages visited, features used, time spent)
• User feedback (satisfaction surveys, feature suggestions)

Legal basis:

• Legitimate interest (Article 6.1.f GDPR): Continuous Service improvement for the benefit of all Users
• Consent (Article 6.1.a GDPR): For voluntary satisfaction surveys

Anonymization: Data is aggregated and anonymized irreversibly (no identification possible).

Duration: Anonymized data retained indefinitely (since not personal).

4.7 Transactional and Marketing Communications

4.7.1 Transactional Emails (Necessary for Service)

Purpose:

• Account creation confirmation, password reset
• Gallery shared notifications for your End Clients
• Security alerts (suspicious connection detected)
• Subscription renewal reminders
• Activity notifications on your galleries (new like, comment)
• Invoices and payment confirmations

Legal basis:

• Contract execution (Article 6.1.b GDPR): These emails are essential for Service operation
• Legal obligation (Article 6.1.c GDPR): Mandatory sending of invoices

Opt-out: Impossible for essential transactional emails (account confirmation, security, invoices), but you can disable certain non-essential notifications (likes, comments) in Settings > Notifications.

4.7.2 Marketing Communications (Optional)

Purpose:

• Pelli newsletter (news, new features, photography tips)
• Promotional offers (discounts, special offers)
• Satisfaction surveys and review requests

Legal basis:

• Consent (Article 6.1.a GDPR): You must explicitly agree to receive these communications (opt-in)

Opt-out: You can unsubscribe at any time:

• Via the "Unsubscribe" link at the bottom of each marketing email
• Via Settings > Notifications > Uncheck "Receive newsletter"

Frequency: Maximum 2 marketing emails per month (Pelli commitment).

4.8 Legal Obligations and Judicial Requisitions

Purpose:

• Respond to legal obligations (retention of invoices, logs)
• Cooperate with judicial authorities upon requisition (Article 6.II LCEN)
• Report illicit content to authorities (Article 6.I.7 LCEN: obligation for child pornography and terrorism)

Legal basis:

• Legal obligation (Article 6.1.c GDPR)

Data concerned:

• Invoices: 10 years
• Connection logs: 1 year
• Restricted account data: 90 days (potential judicial investigation)

---

5. Data Recipients

5.1 Internal Access (Pelli Staff)

Your data is accessible, according to needs related to their functions, to:

• Technical team: Developers and system administrators (for maintenance, bug resolution)
• Customer support: To respond to your assistance requests
• Accounting/billing team: For subscription and invoice management
• Management: For aggregated and anonymized strategic analysis

Security measures:

• Principle of least privilege: Each collaborator only has access to data strictly necessary for their function
• Strong authentication: Enhanced security measures for all internal access
• Access logs: Traceability of all personal data access
• Confidentiality charter: Contractual confidentiality commitment from all collaborators

5.2 Subprocessors (Article 28 GDPR)

Pelli uses technical subprocessors to provide the Service. All are located in the European Union and have signed subprocessing contracts compliant with Article 28 GDPR guaranteeing the protection of your data.

5.2.1 Hosting and Infrastructure

OVH (France) - ovhcloud.com

• Role: Hosting of main application servers
• Location: Gravelines datacenter, France
• Certifications: SecNumCloud ANSSI, ISO 27001, HDS
• Data processed: Account data, application database

Scaleway (France) - scaleway.com

• Role: S3 storage of files (photos/videos) + Backup
• Location: Paris datacenter, France + Backup in atomic bunker 20m underground (Paris)
• Certifications: ISO 27001, HDS
• Data processed: Photos, videos, uploaded files
• Official partnership: Pelli is an official Scaleway partner

5.2.2 Payments

Stripe (Ireland) - stripe.com

• Role: Secure processing of card payments
• Location: EU headquarters in Ireland (GDPR compliance)
• Certifications: PCI-DSS level 1 (highest security level for payments)
• Data processed:
  • At Stripe: Card number, cryptogram, IBAN (secure storage)
  • At Pelli: Stripe token only (no complete banking data)

5.2.3 Security and Performance

Cloudflare (EU) - cloudflare.com

• Role: CDN, DDoS security, SSL/TLS certificates only
• Location: EU datacenters (global network but GDPR compliance)
• IMPORTANT: Cloudflare does NOT store ANY personal data from Pelli (simple secure proxy for HTTPS)
• Data processed: No data stored, only encrypted transit (TLS 1.3)

5.2.4 Transactional Emails

Resend (EU) - resend.com

• Role: Sending transactional emails (confirmations, notifications, invoices)
• Location: EU infrastructure
• Data processed: Recipient email addresses, email content, sending logs (opens, clicks)
• Retention: Logs retained 30 days at Resend

5.2.5 Customer Support

Gleap (Germany) - gleap.io

• Role: Customer support widget (live chat, tickets)
• Location: Germany (GDPR compliance)
• Data processed: Name, email, support conversation content, shared screenshots
• Retention: Support history retained 2 years

5.2.6 Analytics (Self-hosted)

PostHog (Self-hosted on our OVH Gravelines servers) - posthog.com

• Role: Usage analysis and statistics (privacy-friendly alternative to Google Analytics)
• Location: Self-hosted on our OVH servers in France (no data sent to PostHog Inc.)
• Data processed: Anonymized navigation statistics (page views, clicks, user paths)
• Anonymization: Truncated IPs, anonymous identifiers, aggregated data

IMPORTANT: Unlike Google Analytics which sends your data to the USA, our PostHog instance is 100% self-hosted in France.

5.3 No Transfer to Commercial Third Parties

FORMAL COMMITMENT: Pelli NEVER sells your personal data to third parties.

Your data is never shared with:

• Advertising networks
• Data brokers
• Marketing research companies
• Social networks (except if you use OAuth authentication voluntarily)
• Commercial partners (except Photographes.io for Ultra plan with your consent)

5.4 Partners (With Your Consent)

Photographes.io (if Ultra Plan subscribed)

• Role: "Photographes.io Premium offered" offer included in Ultra plan
• Data shared: Only your email and first/last name (with your explicit consent when activating the offer)
• Purpose: Creation of your Photographes.io Premium account
• Opt-out: You can refuse this offer and not share your data with Photographes.io

5.5 Competent Authorities (Upon Requisition)

In accordance with the law, Pelli may be required to communicate your data to judicial and administrative authorities upon legal requisition:

• Police and gendarmerie (judicial requisition)
• Public Prosecutor (commission rogatoire)
• Tax authorities (tax audit)
• CNIL (GDPR compliance audit)

Procedure: Pelli verifies the legality and proportionality of any requisition before transmission and only communicates strictly requested data.

---

6. Data Transfers Outside the EU

6.1 Principle: No Transfers Outside the EU

FUNDAMENTAL COMMITMENT: All your personal data is hosted exclusively in France and the European Union.

Pelli has made the deliberate choice to exclusively use controlled European providers (and avoid uncontrolled services such as AWS, Google Cloud, Microsoft Azure) to guarantee complete French and European digital sovereignty and protect against extraterritorial laws:

• Cloud Act (USA): Allows US authorities to access data hosted by US companies, even if physically in Europe
• USA Freedom Act (USA): Mass surveillance program
• FISA Section 702 (USA): Collection of non-US persons' data

6.2 100% Europe Architecture

Location of your data:

NO data is transferred to:

• United States
• China
• Russia
• Or any other country outside the European Union

6.3 Protection Against Extraterritorial Laws

By choosing exclusively European hosts and subprocessors, Pelli guarantees that your data is subject only to European law:

• GDPR (EU Regulation 2016/679)
• ePrivacy Directive
• French Data Protection Act (France)

Protection against unauthorized access:

• No foreign authority (USA, China, etc.) can access your data without going through international judicial cooperation (long and controlled procedure)
• AES-256 encryption at rest and TLS 1.3 in transit
• SecNumCloud certificates (ANSSI) for OVH: guarantees French digital sovereignty

6.4 Exception: Cloudflare (Transit Only)

Cloudflare (US company) is used only for:

• DDoS security: Protection against denial of service attacks
• SSL/TLS certificates: HTTPS encryption of your connections
• CDN: Content delivery acceleration

IMPORTANT: Cloudflare acts as a simple proxy (intermediary) and does NOT store ANY personal data:

• Requests transit in encrypted form (TLS 1.3)
• No storage of photos, videos, accounts, payments
• Connection logs retained maximum 24h at Cloudflare then deleted
• "Privacy First" configuration activated (no tracking, no fingerprinting)

Legal basis: Legitimate interest (Article 6.1.f GDPR) to ensure Service security and availability.

---

7. Retention Period

In accordance with the principle of storage limitation (Article 5.1.e GDPR), Pelli retains your personal data only for the time necessary for the purposes for which it was collected.

7.1 Summary Table of Retention Periods

7.2 Active Account

Duration: As long as you actively use the Service.

Data concerned: All your account data (email, name, preferences, galleries, photos, etc.).

Deletion: If you do not log in for 3 consecutive years, Pelli will send you a reminder email. If no connection within 30 days following this email, the account will be considered inactive and data will be deleted (after possible export).

7.3 After Account Termination

Detailed procedure (see Terms article 9.2):

Account deletion is immediate:

• Upon Photographer's request via Pelli interface ("Delete my account" button)
• Upon request by email to [email protected]

No prior notice or progressive notifications. Deletion is effective immediately after confirmation.

Data recovery period (30 days after deletion):

• Access retained: You can log in read-only
• Recovery possible: Export of all your data (ZIP + JSON + CSV)

After 30 days:

• Final and irreversible deletion:
  • All your photos and videos are deleted from Scaleway S3 and Glacier backup
  • Your galleries and settings are deleted from the database
  • Your personal data is deleted or anonymized

What is retained (legal obligations):

• Invoices: 10 years (accounting obligation Article L123-22 Commercial Code)
• Last 12 months connection logs: Retained 1 year from their creation (Article 6.II LCEN)
• Anonymized data: Aggregated statistics without possibility of identification

What is deleted:

• Email, first name, last name, address, phone, SIRET
• Photos, videos, galleries, watermarks
• Customization settings
• Activity history
• Stripe token (payment access)

7.4 Invoices (10 years - Legal Obligation)

Obligation: Article L123-22 of the Commercial Code requires retention of accounting documents for 10 years.

Data retained in invoices:

• First/last name or company name, billing address
• SIRET and VAT number (if applicable)
• Amounts, dates, invoice number
• Service details (plan subscribed, period)

Anonymization impossible: This data cannot be anonymized as it must remain intact for tax audit.

Right to erasure: Not applicable for invoices (GDPR exception Article 17.3.b: legal obligation to retain).

7.5 Connection Logs (1 year - Legal Obligation)

Obligation: Article 6.II of LCEN requires hosts to retain connection logs for 1 year for fighting cybercrime.

Data retained:

• IP address, connection date/time
• User identifier (account linkage)

Deletion: Automatic after 1 year day for day from log creation.

Access: Only upon judicial requisition (police, gendarmerie, prosecutor).

7.6 Restricted Accounts for Illegal Content (90 days)

Context: If your account has been restricted for storage of manifestly illegal content (child pornography, terrorism, etc.), data is retained 90 days (see Terms article 10.1.2).

Purpose: Allow potential judicial investigation (legal obligation Article 6.II LCEN).

Data retained:

• All account data (email, name, etc.)
• Reported illicit content (retained as evidence)
• Connection logs

Deletion: Automatic after 90 days, unless judicial requisition requests extension.

Communication to authorities: Transmission upon judicial requisition (public prosecutor, investigating judge).

---

8. Security and Confidentiality

8.1 Security Commitment

The security of your personal data is an absolute priority for Pelli. We implement robust technical and organizational measures in accordance with Article 32 of GDPR.

8.2 Technical Security Measures

8.2.1 Encryption

Encryption in transit (Communications):

• TLS 1.3: Most recent encryption protocol for all communications between your browser and our servers
• SSL certificates: Valid certificates automatically renewed (Let's Encrypt via Cloudflare)
• HSTS enabled: HTTPS enforcement (impossible to connect via unencrypted HTTP)

Encryption at rest (Storage):

• AES-256: Encryption of all data at rest on OVH and Scaleway servers
• Disk encryption: Full disk encryption enabled on all servers
• Passwords: Hashed with bcrypt (secure hashing algorithm with unique salt per user)
• Gallery passwords: Hashed with bcrypt (never stored in clear)

8.2.2 Authentication and Access Control

Strong authentication:

• Secure sessions: Encrypted session tokens, automatic expiration after 30 days of inactivity
• Suspicious connection detection: Automatic alert if connection from new country/device

Access control:

• Principle of least privilege: Internal access limited to strict necessity by function
• Enhanced authentication: Strict security measures for all Pelli collaborators accessing production systems
• Access logs: Traceability of all personal data access (audit trail)

8.2.3 Secure Infrastructure

Certified datacenters:

• SecNumCloud ANSSI (OVH): Highest French security certification
• ISO 27001 (OVH, Scaleway): International information security standard
• Redundancy: High availability architecture (no single point of failure)

Network protection:

• Advanced firewalls: Filtering of malicious traffic
• Anti-DDoS: Protection against denial of service attacks (Cloudflare Layer 7)
• WAF (Web Application Firewall): Detection and blocking of web attacks (SQL injection, XSS, etc.)

Monitoring:

• 24/7 monitoring: Real-time security surveillance
• Automatic alerts: Immediate notification in case of anomaly
• Incident Response Plan: Security incident response procedure

8.2.4 Backup and Continuity

Robust backup:

• Automatic daily backups of all data
• 30-day retention: Ability to restore up to 30 days back
• Geographically distant backup: Copy in atomic bunker 20m underground (Scaleway Glacier, Paris)
• Backup encryption: AES-256 for backups

Business Continuity Plan (BCP):

• RTO (Recovery Time Objective): 24h maximum for complete service restoration
• RPO (Recovery Point Objective): Maximum data loss = last backup (24h max)

8.3 Organizational Security Measures

8.3.1 Security Policy

Documentation:

• Information security policy: Internal document defining security rules
• Operating procedures: Detailed guides for all sensitive operations
• Incident response plan: Procedure in case of data breach (Articles 33-34 GDPR)

Training and awareness:

• GDPR training: All collaborators trained in GDPR and data protection
• Phishing awareness: Regular tests to raise awareness of phishing attempts
• Confidentiality charter: Contractual confidentiality commitment from all collaborators

8.3.2 Subprocessor Management (Article 28 GDPR)

Rigorous selection:

• Security audit: Verification of certifications (ISO 27001, PCI-DSS, etc.)
• GDPR compliance: Only GDPR-compliant subprocessors are selected
• EU location: Absolute priority to European actors

Contractualization:

• Article 28 GDPR contracts: All subprocessors have signed a DPA (Data Processing Agreement)
• Regular audits: Verification of compliance with security commitments
• Sub-subprocessing clause: Prior authorization required

8.3.3 Security Tests and Audits

Internal tests:

• Pentests (penetration tests): At least 2 times per year by security experts
• Code audit: Security review of source code before each major deployment
• Vulnerability scan: Automatic and continuous (OWASP Top 10, CVE)

External audits:

• GDPR audit: GDPR compliance audit by specialized firm (planned annually)
• Bug bounty: Bug bounty program (coming) to encourage security researchers to report vulnerabilities

8.4 Data Breach Notification

In case of personal data breach (data breach), Pelli commits to respecting the obligations of Articles 33 and 34 of GDPR:

Notification to CNIL (Article 33):

• Deadline: 72 hours maximum after becoming aware of the breach
• Content: Nature of breach, categories and approximate number of affected persons, data concerned, probable consequences, measures taken or envisaged

Notification to Affected Persons (Article 34):

• If high risk: Direct notification by email to all affected persons
• Deadline: As soon as possible
• Content: Nature of breach, DPO contact details, probable consequences, measures taken, recommendations (e.g.: change password)

Mitigation measures:

• Immediate investigation to identify cause
• Security flaw correction
• Strengthening of security measures
• Transparent communication on incident and corrective actions

History: To date (October 2025), Pelli has never suffered a personal data breach.

8.5 Recommendations for Users

Pelli does everything possible to secure your data, but you also have a role to play:

Best practices:

• ✅ Use a unique and strong password (min 12 characters, uppercase, lowercase, numbers, special characters)
• ✅ Never share your credentials with third parties
• ✅ Log out after use (especially on shared computers)
• ✅ Regularly update your browser and operating system
• ✅ Check URL before logging in: app.pelli.io (beware of phishing sites)
• ✅ Immediately report any suspicious activity to [email protected]

Risks to avoid:

• ❌ Using the same password as other services
• ❌ Using a weak password ("123456", "password", your name, etc.)
• ❌ Sharing your credentials with collaborators (use Collaboration feature instead)
• ❌ Clicking suspicious links in emails claiming to be from Pelli (always verify sender: @pelli.io)

---

9. Artificial Intelligence and Biometric Data

9.1 Privacy by Design Philosophy

Pelli commits to a Privacy by Design approach for all artificial intelligence features, in accordance with Article 25 of GDPR (data protection by design).

Principles applied:

1. Mandatory opt-in: All AI features are disabled by default
2. Granular control: Independent activation by feature AND by gallery
3. Complete transparency: Open source technologies, documented architecture (public White Paper)
4. Local processing: 100% on French servers, no data sent to third parties
5. No training: Your data is NEVER used to train models
6. Complete isolation: Impossible to link data between galleries or between photographers

9.2 Facial Recognition (Ultra Plan) - Article 9 GDPR

9.2.1 Nature of Processing

The facial recognition feature allows End Clients to easily search for photos where they appear within a gallery.

Technology used:

• InsightFace: Open source library (MIT License, +25,000 GitHub stars)
• Local deployment: On French Pelli servers (OVH Gravelines), no external API

IMPORTANT: Pelli does NOT perform biometric identification (we do NOT create a face database to identify people). We only perform face detection (geometric location).

9.2.2 GDPR Article 9 Compliance (Biometric Data)

Article 9 of GDPR qualifies biometric data as "sensitive data" and prohibits their processing, except for exceptions.

Pelli's legal basis:

• Explicit consent of the Photographer (Article 9.2.a GDPR): Voluntary and informed activation of the feature
• Absence of high risk: Our approach does NOT constitute biometric identification in the sense of Article 9

CNIL analysis: Simple face detection without creation of unique biometric template and without nominative identification can be considered as processing of personal data (Article 4.1 GDPR) but not necessarily as processing of sensitive biometric data (Article 9).

Pelli guarantees:

• ✅ No storage of biometric templates: Only geometric positions (X/Y coordinates, width, height) are stored
• ✅ No biometric identification: We do not create a unique signature of the face, no comparison with a face database
• ✅ Strict isolation: Impossible to link a face from one gallery to a face from another gallery (same person = 2 independent detections)
• ✅ Limited purpose: Only to facilitate navigation in the gallery (legitimate interest of photographer and clients)

9.2.3 Data Stored

What is stored:

• Geometric coordinates of faces in each image:
  • X position (abscissa of detection rectangle)
  • Y position (ordinate of detection rectangle)
  • Detection rectangle width
  • Detection rectangle height
• Unique identifier of detection rectangle (random ID, not linked to a person)
• Image reference: Which photo contains this face

What is NOT stored:

• ❌ Biometric templates (facial vectors, encodings)
• ❌ Identity or name of persons (no nominative identification)
• ❌ Unique physiological characteristics (nose shape, eyes, etc.)
• ❌ Face databases for comparison

Concrete example:

{
  "image_id": "photo_mariage_123.jpg",
  "face_detections": [
    { "id": "face_abc123", "x": 450, "y": 320, "width": 180, "height": 220 },
    { "id": "face_def456", "x": 1200, "y": 400, "width": 200, "height": 240 }
  ]
}

→ This photo contains 2 detected faces, at indicated coordinates. No name, no biometric template.

9.2.4 Isolation and Confidentiality

Isolation by gallery:

• Detections from Gallery A can never be linked to detections from Gallery B
• Even if the same person appears in both galleries, the system has no way to know
• Each gallery has its own detection data, completely independent

Isolation by photographer:

• No possible correspondence between galleries of different photographers
• No shared central database

Deletion:

• Facial detection data is automatically deleted with the gallery (30 days after termination, see article 7.3)
• Manual deactivation possible: Gallery > Settings > AI Features > Disable facial recognition → Immediate data deletion

9.2.5 Photographer Obligations (Information of Persons)

By activating facial recognition, the Photographer commits to:

Inform their End Clients:

• That the face search feature is enabled on this gallery
• How it works (geometric detection, no biometric identification)
• That they can request deactivation of the feature

Information template: Pelli provides a downloadable information clause template in Resources > Legal Documents:

"This gallery uses a face detection feature to allow you to easily find photos where you appear. No biometric identification is performed, only geometric positions of faces are temporarily stored. You can request deactivation of this feature at any time by contacting us."

Right of opposition: Any photographed person can request the Photographer to deactivate facial recognition for the gallery concerning them.

9.2.6 DPIA (Data Protection Impact Assessment)

In accordance with Article 35 GDPR, a data protection impact assessment (DPIA) was carried out for facial recognition.

DPIA conclusion:

• Residual risk: Low (after protective measures)
• Protective measures: Opt-in, isolation, no storage of biometric templates, automatic deletion
• Proportionality: Legitimate interest of photographer and clients (facilitated navigation) vs. low risk for rights and freedoms

DPIA document: Available upon request at [email protected] (for supervisory authorities or users).

9.3 AI Semantic Search (Ultra Plan) - Article 13 GDPR

9.3.1 Nature of Processing

AI semantic search allows End Clients to search for photos by keywords (e.g.: "blue dress", "sunset", "smile").

Technology:

• CLIP model: OpenAI CLIP-ViT-Base-Patch32 (open source via Hugging Face)
• Qdrant vector database: Open source (Apache 2.0 License), deployed on French Pelli servers

Operation:

1. Analysis of each image to extract semantic content (objects, scenes, colors, moods)
2. Generation of a numerical vector (512-dimension embedding) representing content
3. Storage of vector in local Qdrant database (Scaleway Paris)
4. Vector similarity search upon text query

9.3.2 Data Processed

Input data:

• Gallery images (analyzed locally on Pelli servers)

Data stored:

• Semantic vectors: 512 numbers per image representing visual content
• Image reference: Link between vector and source image

Data NOT processed:

• No identifying personal data (no name, no email, no face)
• Vectors are purely descriptive of visual content (objects, scenes, colors)

9.3.3 Local Processing and Confidentiality

100% local processing:

• Analysis performed on OVH Gravelines servers (France)
• Vectors stored on Scaleway Paris (France)
• No data sent to OpenAI (CLIP model is downloaded and executed locally)

Isolation:

• Each gallery has its own collection of vectors in Qdrant
• Impossible to search between different galleries
• Vector deletion upon gallery deletion

No training:

• CLIP model is pre-trained on public datasets (LAION-400M)
• No fine-tuning with photographers' photos
• Fixed model, executed in inference mode only

9.3.4 Legal Basis

Legitimate interest (Article 6.1.f GDPR):

• Interest of photographer: Offer better navigation experience to clients
• Interest of End Clients: Easily find searched photos
• No risk for rights and freedoms (non-personal data, local processing, isolation)

Consent (Article 6.1.a GDPR):

• Voluntary activation by Photographer (opt-in)

9.4 Commitment: No Use for AI Training

FORMAL AND IRREVOCABLE COMMITMENT:

Pelli commits to NEVER use Photographers' photos or data to:

• ❌ Train new proprietary Pelli AI models
• ❌ Improve or fine-tune existing models
• ❌ Resell to AI providers (OpenAI, Google, etc.)
• ❌ Create public or private datasets
• ❌ Contribute to academic research projects without explicit consent

Models used:

• Pre-trained models on public datasets (ImageNet, COCO, LAION, etc.)
• Deployed as-is: No modification, no retraining
• Inference mode only: Models are used to analyze, not to learn

Audit: This policy is contractually inscribed and audited annually by an external firm.

---

10. Your GDPR Rights

In accordance with Chapter III of GDPR (Articles 12 to 22), you have extensive rights over your personal data.

10.1 Right of Access (Article 15 GDPR)

You have the right to obtain:

• Confirmation whether Pelli processes your personal data or not
• A free copy of all your personal data
• Information on: purposes, categories of data, recipients, retention period, rights, source of data

How to exercise this right:

• Via your personal space > Settings > Privacy and data > "Download my data"
• By email to [email protected] with subject "Access request Article 15 GDPR"

Restitution format:

• ZIP: Archive containing all your photos and videos (original high resolution)
• JSON: Structured metadata (galleries, settings, statistics)
• PDF: Readable summary report

Response time: 30 days maximum (Article 12.3 GDPR), generally within 7 days.

10.2 Right of Rectification (Article 16 GDPR)

You have the right to correct inaccurate data or complete incomplete data.

How to exercise this right:

• Via your personal space > Settings > Profile > Edit information
• By email to [email protected] with mention of data to rectify and supporting documents

Examples:

• Correction of a typo in your name
• Update of your postal address
• Modification of your SIRET following status change

Deadline: Immediate modification if via interface, or within 30 days if request by email.

10.3 Right to Erasure / "Right to be Forgotten" (Article 17 GDPR)

You have the right to request deletion of your personal data in the following cases:

• Data is no longer necessary for the purposes
• You withdraw your consent (if processing was based on consent)
• You object to processing (see article 10.6)
• Data was processed unlawfully
• Data must be erased to comply with a legal obligation

How to exercise this right:

• Via Settings > Account > "Delete my account" (complete account deletion)
• By email to [email protected] for partial deletion of certain data

Exceptions (Article 17.3 GDPR - Pelli CANNOT delete):

• Invoices: Mandatory retention for 10 years (Article L123-22 Commercial Code)
• Connection logs: Retention 1 year (Article 6.II LCEN)
• Data necessary for a legal obligation French or European
• Establishment, exercise or defense of legal claims (if dispute in progress)

Deadline: Deletion within 30 days after verification of request legality.

10.4 Right to Data Portability (Article 20 GDPR)

You have the right to retrieve your data in a structured, commonly used and machine-readable format to:

• Keep it yourself
• Transmit it to another service provider

Conditions: This right applies only if:

• Processing is based on consent or contract execution
• Processing is carried out by automated means

How to exercise this right:

• Via Settings > Privacy and data > "Export my data in portable format"
• By email to [email protected]

Formats provided:

• ZIP: All your photos and videos (original files)
• JSON: Structured metadata (galleries, settings, clients, statistics) - Compatible with third-party APIs
• CSV: Tabular data (invoices, payment history, activity logs)

Direct transmission: If technically possible, Pelli can directly transmit your data to another data controller (e.g.: Pelli competitor).

Deadline: Export generation within 24-48h, download link valid 7 days.

10.5 Right to Restriction of Processing (Article 18 GDPR)

You have the right to request restriction (freeze) of processing of your data in the following cases:

• You contest the accuracy of data (restriction during verification)
• Processing is unlawful but you prefer restriction to erasure
• Pelli no longer needs data but you need it for establishment, exercise or defense of legal claims
• You exercised your right to object (restriction during verification of legitimate grounds)

How to exercise this right:

• By email to [email protected] with subject "Restriction request Article 18 GDPR" and grounds

Consequences:

• Data is retained but can no longer be processed (except storage)
• You will be informed before lifting of restriction

Deadline: Implementation within 30 days after verification.

10.6 Right to Object (Article 21 GDPR)

You have the right to object at any time to processing of your data for reasons related to your particular situation:

10.6.1 Objection for Legitimate Interest

If processing is based on legitimate interest (Article 6.1.f GDPR), you can object to it.

Examples at Pelli:

• Processing for security and fraud prevention purposes
• Service improvement (anonymized statistics)

How to exercise this right:

• By email to [email protected] with grounds related to your particular situation

Consequences:

• Pelli ceases processing, unless it demonstrates compelling legitimate grounds that prevail over your rights (e.g.: Platform security)

10.6.2 Objection to Commercial Prospecting

Absolute right of objection: You can object at any time to processing of your data for commercial prospecting purposes (newsletters, promotional offers).

How to exercise this right:

• Via the "Unsubscribe" link at the bottom of each marketing email
• Via Settings > Notifications > Uncheck "Receive Pelli newsletter"
• By email to [email protected]

Immediate effect: You will no longer receive marketing emails (essential transactional emails remain active).

10.7 Right not to be Subject to Automated Decision-Making (Article 22 GDPR)

You have the right not to be subject to a decision based exclusively on automated processing (including profiling) producing legal effects or significantly affecting your situation.

Pelli declaration: Pelli performs NO automated decision-making significantly affecting Users.

Examples of what Pelli does NOT do:

• ❌ Automatic user scoring for account acceptance/refusal
• ❌ Algorithmic personalized pricing
• ❌ Profiling for discrimination or exclusion purposes

What Pelli does (without significant impact):

• ✅ Automatic detection of illicit content (moderation) → Always with final human validation
• ✅ Feature recommendations (suggestions) → Never binding

10.8 Procedures for Exercising Your Rights

10.8.1 Via Your Personal Space (Self-Service)

For the following rights, autonomous exercise via your Pelli interface:

• Right of access: Settings > Privacy and data > "Download my data"
• Right of rectification: Settings > Profile > Edit information
• Right to portability: Settings > Privacy and data > "Export my data"
• Right of objection marketing: Settings > Notifications > Uncheck "Receive newsletter"

10.8.2 By Email to DPO

For all rights, especially those requiring verification:

• Email: [email protected]
• Subject: Specify the right exercised (e.g.: "Erasure request Article 17 GDPR")
• Content: Indicate your identity (name, account email), right exercised, grounds (if applicable)

ID document: Pelli may request a copy of your ID document to verify your identity (only if legitimate doubt, Article 12.6 GDPR).

10.8.3 By Postal Mail

Address: DPO Pelli - Lumy.Media Quai de la Douane, Building LE GRAND LARGE 29200 Brest, France

Format: Registered letter with acknowledgment of receipt for traceability.

10.9 Response Times and Free Exercise

Response time: 30 days maximum from receipt of your request (Article 12.3 GDPR).

Possible extension: If the request is complex, Pelli may extend by 2 additional months (i.e. 90 days total) by informing you of grounds within the first 30 days.

Free exercise: Exercise of your rights is completely free.

Exceptions: Pelli may charge reasonable fees (administrative costs) if:

• Your requests are manifestly unfounded or excessive (e.g.: multiple repetitive requests)
• Article 12.5 GDPR

10.10 Refusal to Act

Pelli may refuse to act on your request if:

• It is manifestly unfounded or excessive (harassment, abuse)
• A legal exception applies (e.g.: obligation to retain invoices 10 years)
• Pelli has compelling legitimate grounds (e.g.: objection for legitimate interest but Pelli's interest prevails)

In case of refusal:

• Reasoned notification by email within 30 days
• Information on your right to complaint to CNIL (see article 14)
• Possibility of judicial recourse (see Terms article 15)

---

11. Cookies and Tracking Technologies

11.1 Minimal Cookie Policy

COMMITMENT: Pelli commits to a minimal cookie policy respectful of your privacy.

Principle: Pelli uses NO advertising tracking or commercial targeting cookies. We do not need a cookie consent banner for strictly necessary cookies.

11.2 Strictly Necessary Cookies (Exempted from Consent)

In accordance with Article 82 of the French Data Protection Act, certain cookies are exempted from consent as strictly necessary for service operation.

Cookies used by Pelli:

IMPORTANT: These cookies contain NO directly identifiable personal data. They only contain encrypted technical identifiers (session tokens).

11.3 Analytics - Self-hosted PostHog (No Cookies)

Pelli uses PostHog for anonymized usage statistics, but in a privacy-first configuration:

Configuration:

• Self-hosted: PostHog is deployed on our OVH Gravelines servers (France), no data sent to PostHog Inc. (USA)
• No cookies: PostHog is configured in "cookieless" mode (no cookie set)
• Anonymized IPs: IP addresses are truncated (e.g.: 192.168.XXX.XXX) before storage
• Anonymous identifiers: Generation of random ID not linked to your identity
• No cross-site tracking: No correspondence with other websites

Data collected (anonymized):

• Pages visited (URLs without sensitive parameters)
• Features used (buttons clicked, forms submitted)
• User journey (navigation flow)
• Time spent on each page

Purpose: Usability improvement (UX) and bug detection.

Opt-out: You can disable PostHog in Settings > Privacy > Uncheck "Allow anonymous usage statistics".

11.4 Third-Party Cookies - None

IMPORTANT: Pelli uses NO third-party cookies:

• ❌ No Google Analytics
• ❌ No Facebook Pixel
• ❌ No targeted advertising (Google Ads, Facebook Ads, etc.)
• ❌ No integrated social networks (Like, Share, Tweet buttons with tracking)

Stripe (Payments): Stripe may set cookies on the payment page hosted by Stripe (not on Pelli). See Stripe cookie policy.

11.5 Cookie Management

Control in your browser: You can manage cookies directly in your browser settings:

• Chrome: Settings > Privacy and security > Cookies
• Firefox: Settings > Privacy and security > Cookies
• Safari: Preferences > Privacy > Cookies

Pelli cookie deletion: You can delete Pelli cookies at any time (you will be logged out).

Cookie blocking: If you block strictly necessary cookies (session, CSRF), Pelli will not work (impossible to log in).

11.6 Alternative Tracking Technologies (Without Cookies)

Pelli uses cookieless technologies for certain features:

LocalStorage:

• Purpose: Memorization of user preferences (light/dark theme, language, etc.)
• Duration: Indefinite (until manual deletion by user)
• Data: Only UI settings, no identifying personal data

SessionStorage:

• Purpose: Temporary data during navigation (shop cart, gallery filters)
• Duration: Session (deleted on tab/browser close)

Fingerprinting: Pelli does NOT use fingerprinting techniques (digital fingerprint) to track users.

11.7 Do Not Track (DNT)

Pelli respects the Do Not Track (DNT) signal:

• If your browser sends a DNT signal, Pelli automatically disables PostHog (analytics)
• No impact on essential features (which do not track)

DNT activation: Your browser settings > Privacy > Send a "Do not track" signal.

---

12. Minors

12.1 Minimum Age of Use

The Pelli Service is reserved for persons aged at least 18 years.

Minors aged 16 to 18: May use the Service only with written authorization from a legal representative (parent or guardian).

Minors under 16: Absolute prohibition of Service use (Article 8 GDPR - parental consent required for data processing).

12.2 Collection of Minor Data

Pelli does not knowingly collect personal data from minors under 18 without parental authorization.

Verification: Pelli may request proof of age or written parental authorization in case of doubt about User age.

Deletion: If Pelli discovers that a minor has created an account without parental authorization, the account will be immediately suspended and data deleted after notification to minor and/or legal representatives.

12.3 Photos of Minors in Galleries

Photographers may legitimately photograph minors (weddings, families, newborns, etc.) as part of their professional activity.

Photographer obligations (see Terms article 6.7):

• Obtain written consent from legal representatives for any public distribution of photos of minors (Article 9 Civil Code - Right to image)
• Inform legal representatives if facial recognition is enabled on the gallery (Article 9 GDPR - Biometric data of minors)
• Respect consent limits (use, duration, etc.)

Recommendation: Pelli provides a downloadable parental consent form in Resources > Legal Documents.

12.4 Reporting Content Involving Minors

Child pornography: ZERO TOLERANCE.

Any sexual image involving a minor is:

• Strictly prohibited (see Terms article 7.2.1)
• Immediately reported to the public prosecutor and PHAROS (Article 6.I.7 LCEN - legal obligation)
• Immediately deleted and account restricted (see Terms article 10.4)

Reporting: [email protected] (processing within 2h maximum, 24/7).

Criminal liability: Photographer engages criminal liability (up to 5 years prison + 75,000€ fine, Article 227-23 Criminal Code).

---

13. Policy Modifications

13.1 Right to Modify

Pelli reserves the right to modify this Privacy Policy at any time, notably to:

• Comply with legislative or regulatory developments (new GDPR texts, CNIL, etc.)
• Reflect changes in data processing practices (new subprocessors, new features)
• Improve clarity and transparency

13.2 Notification of Modifications

Minor modifications (corrections, clarifications, minor updates):

• Notification by banner in your personal space for 30 days
• Mention of new version at bottom of Policy

Substantial modifications (new purposes, new recipients, new technologies, changes impacting your rights):

• Notification by email 30 days before entry into force
• Pop-up upon your next login with summary of changes and link to new complete version
• Active acceptance obligation to continue using Service

13.3 Right of Refusal

In case of substantial modification that you do not accept, you can:

• Terminate your account without penalty within 30 days following notification
• Benefit from a prorated refund of your annual subscription (if applicable)
• Recover your data during the 30 days following termination

13.4 Consultation of Previous Versions

Current version: Always available at pelli.io/privacy with mention of last update date and version number.

Previous versions: Archived and available upon request at [email protected] for historical reference or litigation.

Current version number: v2.0 - Date: October 6, 2025

---

14. CNIL Complaint

14.1 Right to Complain

If you believe that Pelli does not respect your rights regarding personal data protection or its GDPR obligations, you have the right to lodge a complaint with CNIL (French National Commission on Informatics and Liberty), in accordance with Article 77 of GDPR.

CNIL (French Supervisory Authority):

• Website: cnil.fr
• Online complaints: cnil.fr/plaintes (dedicated form)
• Mail:

  CNIL
  Service des Plaintes
  3 Place de Fontenoy
  TSA 80715
  75334 PARIS CEDEX 07
  

14.2 Complaint Procedure

Before contacting CNIL (recommended but not mandatory):

1. Contact our DPO: [email protected] with detailed statement of problem
2. Response time: 30 days maximum for reasoned response
3. Amicable resolution: In most cases, the problem can be resolved directly with Pelli

If unsatisfied or no response:

1. File an online complaint on CNIL website
2. Fill out form with:
   • Your identity
   • Precise description of observed breach
   • Exchanges with Pelli (emails, letters)
   • Possible evidence
3. CNIL will investigate your complaint and may:
   • Request explanations from Pelli
   • Conduct an audit (on-site or documentary)
   • Impose sanctions (warning, formal notice, fine up to 20M€ or 4% of global turnover)

14.3 Judicial Recourse

Independently of a complaint to CNIL, you also have judicial recourse before competent courts (see Terms article 15).

Legal action:

• Competent court: French courts (jurisdiction of Brest or your domicile if consumer)
• Damages: Possibility to claim compensation for suffered damage (Article 82 GDPR)
• Assistance: Possibility to be represented by a consumer rights or digital rights association

---

15. Contact

15.1 Data Controller

LUMY.MEDIA SAS with capital of 2,000 € RCS Brest B 889 608 790 Registered office: Quai de la Douane, Building LE GRAND LARGE, 29200 Brest, France

General email: [email protected] Website: pelli.io

15.2 Data Protection Officer (DPO)

For any questions regarding your personal data:

Email: [email protected] (response within 30 days max, generally within 7 days) Mail:

DPO Pelli - Lumy.Media
Quai de la Douane, Building LE GRAND LARGE
29200 Brest, France

DPO role:

• Respond to your questions on processing of your data
• Process your GDPR rights exercise requests
• Support you in case of difficulty
• Ensure GDPR compliance of Pelli

15.3 Specialized Contacts

Technical support: [email protected] Security / Data breach: [email protected] (response within 2h) Illicit content reporting: [email protected] (processing within 2h-48h) Legal questions: [email protected]

---

Last update date: October 6, 2025

Version number: 2.0

---

PELLI COMMITMENT

At Pelli, we believe that the protection of your personal data is not just a legal obligation, but a fundamental ethical commitment.

We have chosen French and European digital sovereignty (100% of your data hosted in France/EU), technical transparency (auditable open source technologies), and respect for your privacy (no data sale, no advertising tracking, Privacy by Design approach for AI).

Our mission is to provide you with the best photo gallery service for photographers, without ever compromising your data or that of your clients.

For any questions, our team and our DPO are at your disposal: [email protected]

---

Thank you for your trust.

The Pelli Team 🇫🇷