Logo
skeptor

Privacy Policy

Effective date: August 18, 2025

Skeptor (operated by Verycode Lab, based in France and serving users worldwide) respects your privacy. This Privacy Policy explains what we collect, why we collect it, how we use and share it, and the choices you have. It applies to our websites, APIs, applications, and any tools that let you upload or send content to us (the “Services”).

We act as a data controller for personal data we collect directly (e.g., website, accounts, communications). When an organization uses the Services and asks us to handle content on their behalf, we act as a data processor and follow their documented instructions under our contract.

Summary

Key points at a glance:

  • We do not sell personal data.
  • We do not use your content or personal data to train our models.
  • Non-essential cookies (like analytics) run only with your consent; you can change choices anytime at cookie-settings.
  • We follow the GDPR. You can access, correct, delete, restrict, object, and port your data, and withdraw consent at any time.
  • Retention is minimized: processing content is kept only as long as needed; security/reliability logs are kept for short periods; legal/financial records are retained as required by law.

Who We Are & How to Contact Us

Controller: Verycode Lab SAS, France. Privacy contact: contact@skeptor.tech. You may lodge a complaint with your local authority or, in France, with the CNIL.

Roles (Controller vs. Processor)

  • Controller: our website, account management, communications, marketing (with consent), and service security.
  • Processor: content we handle on behalf of an organization customer through the Services—processed only on their instructions and deleted or returned per contract and configuration.

Information We Collect

  • Account & contact data (e.g., name, email), and—if you purchase—basic billing details.
  • Content you provide: files, text, or other data you upload or send to be processed by the Services.
  • Usage & log data: actions within the Services, timestamps, request/operation identifiers, and diagnostic data for reliability and security.
  • Technical data: IP address, device/browser type, operating system, settings, and similar information needed to deliver the Services.
  • Cookies & similar technologies: see “Cookies & Tracking” below and our Cookie Policy.
  • Support communications: messages and attachments you send to us.
  • Payments: for web purchases, our payment processor (e.g., Stripe or similar) processes your card details; we receive limited billing info and transaction references. For direct invoices, we process business contact and invoicing details.

Purposes & Legal Bases

  • Provide and operate the Services (process your requests/uploads, authenticate, deliver features, provide support) — performance of a contract.
  • Security & abuse prevention (monitoring, incident response, fraud/misuse detection) — legitimate interests and, where applicable, legal obligation.
  • Service improvement (quality, reliability, UX metrics without using your content to train models) — legitimate interests with safeguards.
  • Communications about changes, incidents, or policy updates — legitimate interests or legal obligation; optional marketing with consent (you can withdraw any time).
  • Payments & accounting (processing transactions and maintaining records) — performance of a contract and legal obligation.
  • Compliance (tax, accounting, regulatory) — legal obligation.

Cookies & Tracking

We use essential cookies to run the site (e.g., authentication, security) and, with your consent, analytics cookies to understand usage. Non-essential cookies run only after you consent in our banner. You can change choices anytime at cookie-settings. If your browser sends a Global Privacy Control (GPC) signal, we treat it as an opt-out for non-essential cookies where applicable.

Payments

  • Web purchases: card details are processed by our payment processor; we do not store full card numbers. We receive limited billing details and transaction references to manage your purchase, prevent fraud, and meet legal requirements.
  • Direct invoices: we process business contact and invoicing details and retain invoices as required by applicable law.

Sharing of Information

We do not sell personal information. We share data only with:

  • Service providers (e.g., hosting/cloud, email delivery, payments, analytics—if enabled, error monitoring, customer support, and security/anti-abuse) under confidentiality, security, and data-protection obligations.
  • Integrations you enable (external platforms or services) as you instruct.
  • Legal and safety obligations (e.g., valid law-enforcement requests, detecting/preventing fraud or abuse).
  • Corporate transactions (e.g., merger or acquisition) with appropriate safeguards and notice where required.

If you need details about our service providers, contact us and we’ll provide relevant information.

International Data Transfers

We primarily process data in the EEA. If personal data is transferred outside the EEA, we use approved safeguards such as the European Commission’s Standard Contractual Clauses and, where required, additional measures. We can share details upon request.

Data Retention

  • Processing content is stored only as long as needed to provide the requested feature and then deleted or anonymized.
  • Security and reliability logs are kept for short periods and longer only if needed to investigate incidents or improve safety.
  • Support communications are retained for a reasonable time to handle follow-ups.
  • Legal and financial records (e.g., invoices) are kept as required by applicable law.

Security

We implement appropriate technical and organizational measures to protect personal data, including encryption in transit and at rest (as applicable), access controls and least-privilege principles, audit logging, vulnerability and patch management, and incident response. Access to customer content is limited to authorized personnel under confidentiality obligations.

Your Rights

You may request access, correction, deletion, restriction, portability, and object to processing (including where we rely on legitimate interests). Where we rely on consent (e.g., analytics cookies or optional communications), you may withdraw it at any time. To exercise rights, email contact@skeptor.tech. If we process data on behalf of an organization, we may redirect your request to them. You also have the right to complain to a supervisory authority (e.g., the CNIL in France).

Age Restrictions

Our Services are not intended for individuals under 18. We do not knowingly collect personal data from individuals under 18. If we learn that such data was provided, we will delete it.

Changes to This Policy

We may update this Privacy Policy from time to time. If changes are material, we will notify you through the Services or by email before they take effect. The “Effective date” below shows when this version became active.

Contact Us

Questions or privacy requests? Email contact@skeptor.tech.