Privacy policy
Information about how we process personal data when you use iconrev.com and related services.
Last updated: May 2026 — information for visitors and customers, including those in France.
Data controller
The controller of personal data collected through iconrev.com and related services is Iconrev (contact: contact@iconrev.com). Processing is carried out in accordance with Regulation (EU) 2016/679 (GDPR) and applicable national law.
Data we may collect
Identity and contact data: email address when you create an account, activate a plate, or contact support. Order and payment data: information required to process payment and delivery (handled by our payment provider Stripe under its own policies). Plate activation data: plate identifier and link to your Google Business profile when you complete activation. Technical and usage data: limited server logs, session or security identifiers, and aggregated or pseudonymised analytics (for example to improve the site). Content of messages you send via forms or chat.
Purposes and legal bases
Performance of a contract or pre-contract steps: orders, delivery, tracking, plate activation, customer account. Legitimate interests: security, fraud prevention, audience measurement, service improvement, responding to requests. Legal obligations: retention where required by law. Consent: where required for specific processing (for example certain communications).
Recipients and processors
Data may be shared with processors strictly necessary to operate the service: hosting and application delivery (e.g. Vercel), database and authentication (e.g. Supabase), payments (Stripe), email or analytics providers where used. They process data on our instructions under GDPR-compliant agreements.
Transfers outside the European Economic Area
Some providers may be located outside the EU. Where applicable, we rely on mechanisms recognised by EU law (for example the European Commission’s Standard Contractual Clauses, and supplementary measures where required) to ensure an adequate level of protection.
Retention
We keep data only as long as needed for the purposes described: for example for the duration of the commercial relationship and any legal obligations (accounting, disputes), then deletion or anonymisation within reasonable timelines. Analytics data may be kept in a form that does not identify individuals beyond a limited period.
Your rights
Under the GDPR you may have the right of access, rectification, erasure, restriction, objection on grounds relating to your situation, and data portability where processing is based on consent or contract and is automated. You may lodge a complaint with a supervisory authority (in France, the CNIL). To exercise your rights: contact@iconrev.com — we may ask for proof of identity where there is reasonable doubt.
Security
We implement appropriate technical and organisational measures (encryption in transit where relevant, access controls, secure hosting) to protect your data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
Changes
This policy may be updated to reflect changes to the site or the law. The date at the top indicates the latest revision; please review it periodically.