Privacy Policy

Data Controller

Marco Solutions (SASU), represented by Marco Martincic, acts as data controller in the sense of the GDPR. Contact: hello@roasted.page.

Data We Collect

• Email address — used only to deliver the roast and respond to support requests.
• Landing page URL — processed to generate the roast; retained short-term in logs for debugging and abuse protection.
• Payment metadata — handled entirely by Stripe on their infrastructure; we do not store card details.

Legal Basis (GDPR Art. 6)

• Contract performance — processing email and URL to deliver the service you purchased.
• Legal obligation — retaining invoice data for the duration required by French accounting law (10 years).

Sub-processors

To deliver the service, we share the minimum necessary data with the following processors:

• Stripe (Ireland) — payment processing and invoicing.
• Anthropic (USA) — AI roast generation. The URL content and screenshot are sent to Claude via API.
• ScreenshotOne — captures a screenshot of the public page you submitted.
• Resend — email delivery of the roast.
• Vercel (USA) — hosting and logs.
• Simple Analytics — privacy-friendly analytics, no personal identifiers collected.

Retention

• Email address: retained for transactional history and support. You can request deletion at any time.
• URL and page content: not stored long-term; purged from logs within 30 days.
• Invoices: retained 10 years as required by French law.

We do not send marketing emails and do not use your data for profiling.

Your Rights

Under the GDPR you have the right to access, rectify, delete, restrict, and port your data, and to lodge a complaint with a supervisory authority (CNIL in France). To exercise any of these rights, email hello@roasted.page.

International Transfers

Some sub-processors are located outside the EEA. Transfers are covered by Standard Contractual Clauses (SCC) or adequacy decisions.