Privacy Policy
Last updated: January 26, 2026
This Privacy Policy explains how SARL ZHULI (“Pageface”, “we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our website and services (the “Service”), including the Pageface platform and applications created by users on Pageface-PW.
1. Who we are (Data Controller)
Company: SARL ZHULI
SIREN: 908114556
Address: 2 Rue Louis Barthou, 64140 Billère, France
Contact email: [email protected]
2. Scope
This Policy covers personal data processed by Pageface when you:
- visit our website;
- create or manage an account;
- use Faceflow (website builder) and related features;
- use the Marketplace (as a customer or a verified developer);
- use AI tools provided within the Service.
Important: If you create and publish an application using Pageface-PW, that application may collect personal data from its end users. In that case, you (the application owner) are typically the Data Controller for end-user data, and Pageface acts as a Data Processor to the extent we host or process that data on your behalf.
3. Personal data we collect
3.1 Account and contact data
- Name (if provided)
- Email address
- Account identifiers and authentication information (e.g., hashed passwords, tokens)
- Support requests and communications
3.2 Billing and subscription data (if applicable)
- Plan details and subscription status
- Invoices and transaction metadata
- Payment method details may be processed by our payment providers (we generally do not store full card details)
3.3 Usage, technical, and log data
- IP address, device and browser information
- Service usage events (feature usage, page visits within the Service)
- Diagnostics, crash reports, security logs
- Approximate location derived from IP (country/city level)
3.4 Content you create in the Service
Depending on what you build, we may process content such as variables, components, layouts, forms, and pages, as well as assets you upload. Some content may contain personal data if you choose to include it.
3.5 Marketplace data
- Developer profile information and verification details (where applicable)
- Resources you publish (e.g., components, templates) and related metadata
- Download/usage statistics and ratings (if enabled)
3.6 AI features data
- Prompts, inputs, and outputs when you use AI tools
- Associated technical metadata (timestamps, feature usage)
We process AI inputs/outputs to provide the feature, improve reliability, prevent abuse, and maintain security. We do not use your private content to train public AI models without your explicit permission.
4. How we use personal data
We use personal data to:
- provide, operate, and maintain the Service;
- create and manage accounts, authentication, and access control;
- deploy, host, and deliver applications created using the Service;
- provide customer support and communicate service-related messages;
- operate the Marketplace and developer verification (where applicable);
- monitor performance, detect and prevent fraud/abuse, and keep the Service secure;
- comply with legal obligations and enforce our policies.
5. Legal bases for processing (GDPR)
When GDPR applies, we rely on one or more of the following legal bases:
- Contract — to provide the Service you request and manage your account.
- Legitimate interests — to secure, improve, and maintain the Service, prevent abuse, and analyze performance.
- Consent — where required (e.g., certain cookies/trackers, optional marketing).
- Legal obligation — to meet regulatory, tax, accounting, or law enforcement requirements.
6. Cookies and similar technologies
We use cookies and similar technologies for authentication, session management, security, preferences, and (optionally) analytics. For more information and your choices, please see our Cookie Policy.
7. Sharing and disclosures
We may share personal data with:
- Service providers (processors) — such as hosting, storage, email delivery, analytics, and payment processing, under contractual obligations to protect data.
- Marketplace participants — if you publish resources, certain public profile/resource information may be visible to others.
- Legal authorities — when required by law, court order, or to protect rights and safety.
We do not sell your personal data.
8. International data transfers
Our primary servers are located in Germany (Nuremberg). Personal data is primarily processed within the European Union. In some cases, data may be processed outside the European Economic Area (EEA) by trusted service providers. Where required, appropriate safeguards such as Standard Contractual Clauses (SCCs) are used.
9. Data retention
We retain personal data only as long as necessary for the purposes described in this Policy, including:
- Account data: for as long as your account is active (and for a limited period after deletion where necessary).
- Logs and security records: retained for a limited period to protect the Service and investigate incidents.
- Billing records: retained as required by applicable laws (e.g., tax/accounting).
10. Security
We implement reasonable technical and organizational measures designed to protect personal data, including access controls, encryption in transit (HTTPS/SSL), and monitoring. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.
11. Your rights
Depending on your location (including the EU/EEA), you may have the right to:
- request access to your personal data;
- request correction of inaccurate data;
- request deletion of your data (where applicable);
- object to or restrict certain processing;
- request data portability;
- withdraw consent at any time (where processing is based on consent).
To exercise your rights, contact us at [email protected]. We may request verification of your identity before responding.
If you are in the EU/EEA, you also have the right to lodge a complaint with your local supervisory authority (in France, the CNIL).
12. Children
The Service is not intended for children under 16 (or the minimum age required in your country). We do not knowingly collect personal data from children.
13. Changes to this Privacy Policy
We may update this Policy from time to time. We will post the updated version on this page and update the “Last updated” date above. If changes are material, we may provide additional notice within the Service.
14. Contact
For privacy questions or requests, contact:
SARL ZHULI
2 Rue Louis Barthou, 64140 Billère, France
[email protected]