Last updated: June 2026
At Cockpit Signature, we take the protection of your personal data very seriously. This policy explains what data we collect, why, how we use it, and what your rights are. It applies to all users of the cockpitsignature.com website and the Cockpit Resto application.
1. Who Are We?
Candice Obadia — Cockpit Signature
Sole proprietor — micro-entrepreneur scheme (BNC)
SIRET: 93987414500013
Email: contact@cockpitsignature.com
As data controller, Cockpit Signature decides how your personal data is collected and used.
2. What Data Do We Collect?
Data You Provide Directly
- During registration: first name, last name, email, restaurant name, city, type of establishment, chosen plan
- When using the app: management data entered manually (revenue, schedules, purchases, notes, tasks, etc.)
- When contacting us: message, phone number if you call us
- During payment: payment data is processed directly by Stripe — we do not store your card number
Data Collected Automatically
- Browsing data: pages visited, session duration, IP address, browser type
- Functional and analytics cookies (see section 8)
- Application performance data
Data from Your Connected Tools
- Data synced from Zelty (revenue, orders)
- Data synced from Pennylane (purchases, expenses)
- Data synced from Combo (schedules, payroll costs)
This data remains yours. We only import it to power your cockpit.
3. Why Do We Use Your Data?
Legal Basis: Performance of Contract
- Create and manage your account
- Provide features according to your plan
- Process your payments via Stripe
- Provide customer support
Legal Basis: Legitimate Interest
- Improve application features
- Analyze usage to fix bugs
- Send you communications about important account updates
Legal Basis: Consent
- Send you marketing emails and tips (newsletter) — you can unsubscribe at any time
- Use non-essential analytics cookies
4. Who Has Access to Your Data?
We never sell your data. We only share it with:
| Subprocessor | Role | Policy |
|---|---|---|
| Stripe | Payment processing | stripe.com/en/privacy |
| Anthropic | Powers Sabine, the AI assistant integrated into the app (Claude API) | anthropic.com/privacy |
| Netlify | Hosting of the Cockpit Resto application | netlify.com |
| Supabase | Storage of application data | supabase.com/privacy |
| Infomaniak | Hosting of the marketing website | infomaniak.com |
| Resend | Sending of transactional emails | resend.com/privacy |
All our subprocessors are contractually required to respect the confidentiality and security of your data.
5. Artificial Intelligence — Sabine
The Cockpit Resto application includes Sabine, an automated analysis assistant powered by AI. Sabine uses the Claude API developed by Anthropic (PBC, San Francisco, USA) to analyze your data and provide management suggestions.
Data transmitted to Anthropic in this context is subject to their privacy policy (anthropic.com/privacy). Anthropic does not use it to train its models under API contracts.
In accordance with the European Regulation on Artificial Intelligence (AI Act, EU 2024/1689), Sabine is classified as a minimal-risk AI system. Each analysis is clearly identified as AI-generated within the interface.
6. Transfers Outside the European Union
Some of our providers (Stripe, Anthropic, Netlify, Supabase) are based in the United States. These transfers are governed by the European Commission’s Standard Contractual Clauses, in accordance with the GDPR.
7. Retention Period
- Active account data: for the entire duration of your subscription
- After cancellation: retained for 90 days, then permanently deleted
- Billing data: 10 years (legal accounting obligation)
- Browsing logs: 13 months maximum
8. Your Rights
- Right of access: obtain a copy of your data
- Right of rectification: correct inaccurate data
- Right to erasure: request deletion of your data (see /suppression-donnees)
- Right to portability: receive your data in a structured format
- Right to object: object to certain processing
- Right to restriction: temporarily suspend processing
To exercise these rights: contact@cockpitsignature.com — response time of 30 days maximum. In case of an unresolved dispute, you can contact the CNIL (www.cnil.fr).
9. Cookies
Strictly Necessary Cookies
Session, authentication — cannot be disabled.
Analytics Cookies
Google Analytics 4, Google Search Console, Meta Pixel — activated only after your consent. You can change your preferences at any time via the consent banner.
10. Security
We implement appropriate technical and organizational measures: encryption of data in transit (HTTPS/TLS), restricted access to production data, regular backups (Supabase Pro — 30 days of snapshots + PITR), role-based access management, two-factor authentication on all platforms.
11. Changes to This Policy
We may update this policy. In the event of a substantial change, you will be notified by email or through the application. The date of the last update is indicated at the top of the page.
12. Contact
contact@cockpitsignature.com
Cockpit Signature — Candice Obadia
