Privacy Policy.

Last updated: March 15, 2026 — GDPR compliant

1. Data Controller

The data controller is Flukx Studio, contactable at [email protected].

2. Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, authentication provider (Google, GitHub, or email)
  • Usage data: credit balance, scan history, grid configurations
  • Technical data: IP address, browser type, device information, access logs
  • Payment data: processed securely by our payment provider — we do not store card details

3. Legal Basis for Processing

Under the GDPR (Regulation EU 2016/679), we process your data based on:

  • Contract performance: to provide the Geogrid service and manage your account
  • Legitimate interest: to prevent abuse, improve our service, and ensure platform security
  • Consent: for marketing communications and non-essential cookies
  • Legal obligation: to comply with applicable laws and regulations

4. How We Use Your Data

  • Provide, maintain, and improve the Geogrid platform
  • Manage your account, credits, and subscription
  • Send transactional emails (password reset, account confirmation)
  • Detect and prevent fraudulent activity and multi-account abuse
  • Generate anonymized, aggregated analytics

5. Data Sharing

We do not sell your personal data. We may share data with:

  • Supabase: database and authentication infrastructure
  • Hetzner: hosting and content delivery
  • Payment processors: for subscription billing
  • Legal authorities: when required by law

6. Data Retention

We retain your personal data for as long as your account is active. Upon account deletion, personal data is erased within 30 days. Anonymized analytics data may be retained indefinitely. Legal and billing records are retained as required by applicable law.

7. Your Rights (GDPR)

As an EU/EEA resident, you have the right to:

  • Access — request a copy of your personal data
  • Rectification — correct inaccurate or incomplete data
  • Erasure — request deletion of your personal data
  • Restriction — restrict processing of your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interest
  • Withdraw consent — at any time, without affecting prior processing

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

8. International Transfers

Your data may be transferred to and processed in countries outside the EU/EEA (e.g., United States for hosting). We ensure adequate safeguards are in place through Standard Contractual Clauses (SCCs) or equivalent mechanisms approved by the European Commission.

9. Cookies

We use strictly necessary cookies for authentication and session management. Analytics cookies are only set with your explicit consent. You can manage your cookie preferences at any time through your browser settings.

10. Contact & Complaints

For any privacy-related questions or to exercise your rights, contact [email protected].

You also have the right to lodge a complaint with your local data protection authority. In France, this is the CNIL (Commission Nationale de l'Informatique et des Libertés).