Privacy Policy

Last updated: 6 April 2026

1. Data Controller

The data controller for personal data collected via merchantrescues.fr is ECOM FR LLC, a company incorporated under US law (State of Delaware), represented by its Publication Director, Sory Kouyaté.

DPO contact: privacy@merchantrescues.fr

2. Data Collected

MerchantRescue collects the following categories of data:

  • Identification data — First name, last name, email address, phone number, company name.
  • Technical data — IP address, browser type, operating system, pages visited, session duration.
  • Merchant account data — Your online store URL, Google Merchant Center ID, product data from the GMC API (with your explicit authorisation).
  • Payment data — Processed exclusively by Stripe. MerchantRescue retains no card data.

3. Processing Purposes

  • Performance of the service contract: audit, corrections, appeal drafting.
  • Technical audit of your GMC account and website.
  • Communication regarding your case and customer service.
  • Continuous improvement of our tools and processes.
  • Compliance with our legal obligations (invoicing, accounting).

4. Legal Basis for Processing

Legal basis GDPR Article Data concerned
Contractual performance Art. 6.1.b RGPD Identification and merchant account data
Consent Art. 6.1.a RGPD Analytics cookies, marketing communications
Legitimate interest Art. 6.1.f RGPD Technical data, service improvement

5. Data Recipients

  • Stripe — Payment processor. Transaction processing in accordance with its own GDPR policy.
  • Infomaniak — Site host (Switzerland). Data is stored in ISO 27001-certified Swiss datacentres.
  • Google — Google Ireland Limited — Google Analytics 4 (audience analytics) and Google Ads (ad conversion measurement). Activated only after consent via the cookie banner. Google Consent Mode V2 ensures signals are anonymized until consent is granted.

6. Retention Periods

Data category Retention period
Client data (identification, case file)3 years after the end of the contractual relationship
Payment data (invoices)10 years (statutory accounting obligation)
Technical data (logs)12 months

7. Your Rights

Under the GDPR, you have the following rights over your personal data:

  • Right of access — Obtain a copy of all data we hold about you.
  • Right of rectification — Correct any inaccurate or incomplete data.
  • Right to erasure — Request deletion of your data (subject to legal obligations).
  • Right to restriction — Restrict processing of your data in certain circumstances.
  • Right to portability — Receive your data in a structured, machine-readable format.
  • Right to object — Object to processing based on legitimate interest or for direct marketing purposes.

To exercise these rights, contact our team. To withdraw your consent for tracking (Google Analytics, Google Ads), click the "cookies" icon at the bottom right of each page, or clear your browser cookies: privacy@merchantrescues.fr

8. Cookies

For more information about the cookies used by MerchantRescue, please consult our Cookie Policy.

9. International Transfers

As ECOM FR LLC is a US company, your data may be transferred to the United States. These transfers are governed by Standard Contractual Clauses (SCCs) approved by the European Commission, ensuring a level of protection equivalent to that required by the GDPR.

Data hosted by Infomaniak remains on servers located in Switzerland, a country recognised by the European Commission as providing an adequate level of protection.

10. Policy Updates

MerchantRescue reserves the right to update this Privacy Policy at any time to reflect legal, regulatory or operational changes. In the event of a material change, you will be notified by email at the address provided at registration, at least 15 days before the new provisions take effect.

Des questions sur ce document ?

Notre équipe est disponible pour vous répondre.

Nous contacter