Privacy Policy
Last updated: 18 June 2026
1. Data controller
UniVox is the controller of your personal data within the meaning of the General Data Protection Regulation (GDPR). For any question about your data, contact us at contact@univox.me.
2. Data we collect
We collect the following data:
- Account data: email address, username, hashed password. Provided at registration.
- Published content: ratings, comments, mentions, photos attached to your contributions.
- Browsing data: URLs of the pages on which you activate the extension (processed to attach your ratings to a page, never resold).
- Technical data: IP address, browser/device type, server access logs kept for 30 days for security purposes.
- Push notifications: device token (FCM) if you enable notifications on the mobile app.
3. Purposes and legal basis
| Purpose | Legal basis |
|---|---|
| Provide and improve the service | Performance of the contract |
| Sending transactional emails (password reset, etc.) | Performance of the contract |
| Activity push notifications | Consent |
| Moderation and fraud prevention | Legitimate interest |
| Compliance with legal obligations | Legal obligation |
4. Retention period
Your account data and content are kept as long as your account is active. After you delete your account, your data is erased within 30 days, except for data required by law (e.g. connection logs, 1 year) and moderated content (6 months).
5. Data sharing
We do not sell your data. We rely on the following sub-processors:
- Brevo (Sendinblue SAS) - sending transactional emails, hosted in France/EU.
- Firebase Cloud Messaging (Google LLC) - sending push notifications on the mobile app, under the Privacy Shield / standard contractual clauses.
- Hosting provider - servers located in the European Union.
We may disclose data to the competent authorities upon a lawful request.
6. Security
Passwords are hashed (bcrypt). Communications are encrypted with TLS. Access to production data is restricted and logged. Despite these measures, no system is infallible; we encourage you to use a unique, strong password.
7. Your rights
In accordance with the GDPR, you have the following rights over your personal data:
- Access: obtain a copy of your data;
- Rectification: correct inaccurate data;
- Erasure: delete your account and your data;
- Portability: receive your data in a structured format;
- Objection / restriction: restrict certain processing;
- Withdrawal of consent: disable notifications at any time.
To exercise these rights, contact us at contact@univox.me. You may also lodge a complaint with the CNIL.
8. Cookies and local storage
UniVox does not use advertising cookies or third-party trackers. The browser extension uses the browser’s local storage to keep your session and preferences. The mobile app uses an equivalent local storage.
9. Changes
This policy may be updated. Significant changes will be notified to you by email at least 15 days before they take effect.
Questions? Write to us at contact@univox.me.
FREN