Privacy Policy
1. Data controller
The controller responsible for processing personal data collected via the site scorou.com is:
Julien Appert
SIRET: 51522073900038
Address: Berloc'h, 56440 Languidic
Contact: julien@scorou.com
2. Data collected
We collect the following data depending on your use of the service:
2.1 When creating an account
- Email address
- Username
- Password (stored as an irreversible hash)
2.2 When subscribing to a paid plan
- Payment information (processed directly by Stripe — see section 5)
- Transaction history (date, amount, status)
2.3 When using the service
- Scores created, edited, or deleted
- Display preferences and settings
- Anonymised browsing data (see section 4)
2.4 When contacting us
- Email address and message content
3. Purposes and legal bases
| Purpose Legal basis |
4. Audience measurement — Matomo
Scoroù uses Matomo, a self-hosted analytics solution. Matomo collects anonymised data (pages visited, session duration, device type) without transmitting this information to third parties. IP addresses are truncated before any storage. No third-party tracking cookies are used.
You can disable this tracking by enabling the "Do Not Track" option in your browser settings.
5. Sub-processors
We use the following sub-processors in the course of providing the service:
- Stripe, Inc. (United States) — card payment processing. Stripe is PCI DSS Level 1 certified. Payment data does not pass through our servers. Stripe Privacy Policy →
- Infomaniak Network SA (Switzerland) — data and website hosting. Data is stored in Switzerland, a country recognised by the European Commission as providing an adequate level of protection. Infomaniak Privacy Charter →
6. Retention periods
- Account data: retained for the duration of account activity, then deleted within 3 years of the last login.
- Payment data: 10 years from the transaction date (statutory accounting obligation).
- Browsing data (Matomo): rolling 13 months.
- Contact messages: 3 years from receipt.
7. Your rights
In accordance with the General Data Protection Regulation (GDPR — EU Regulation 2016/679), you have the following rights:
- Right of access (Art. 15): obtain a copy of the data held about you.
- Right to rectification (Art. 16): correct inaccurate or incomplete data.
- Right to erasure (Art. 17): request deletion of your data, subject to statutory retention obligations.
- Right to restriction of processing (Art. 18): temporarily suspend the use of your data.
- Right to data portability (Art. 20): receive your data in a structured, machine-readable format.
- Right to object (Art. 21): object to processing based on legitimate interest (in particular, audience measurement).
- Right to withdraw consent: at any time, for processing based on consent (newsletter).
To exercise any of these rights, contact us at: julien@scorou.com. We will respond within a maximum of one month.
You also have the right to lodge a complaint with the CNIL (Commission nationale de l'informatique et des libertés).
8. Security
We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, or disclosure: HTTPS encrypted connection, password hashing, restricted database access.
9. Cookies
Scoroù does not use advertising or third-party tracking cookies. A session cookie is used to maintain your login; it is strictly necessary for the service to function and does not require consent within the meaning of Article 82 of the French Data Protection Act.
10. Changes
This policy may be updated to reflect changes to the service or applicable regulations. The date of the last update appears at the bottom of the page. In the event of a material change, you will be notified by email.
Last updated: 19/05/2026