Data controller
For marketing website, account and billing data, the data controller is the publisher of the Service: [TO COMPLETE: legal name + address], contact@maintvision.com.
Last updated: 8 July 2026
This policy explains what personal data Maint Vision processes, why, with which sub-processors, for how long, and what your rights are. It complies with the General Data Protection Regulation (GDPR).
For marketing website, account and billing data, the data controller is the publisher of the Service: [TO COMPLETE: legal name + address], contact@maintvision.com.
Two situations must be distinguished:
Email address, name, phone (optional), password (stored only as a bcrypt hash, never in clear text), role and permissions, last sign-in date.
The data you enter in the application: assets, work orders, requests, parts, procedures, messages, attached files and photos. This content may contain personal data (for example your own vendors’ or customers’ contact details), for which you are responsible.
When you subscribe to a paid plan, payment is processed by Stripe. We keep the organization name, billing email, plan and subscription status. We never have access to card numbers.
Audit logs of sensitive events (sign-ins, password resets, role and permission changes), which may include the IP address and browser (user-agent), for security and traceability.
If you enable notifications, a push token (Expo Push) is associated with your device. It is deleted on sign-out or when the device is no longer registered.
We rely on a limited number of sub-processors, each governed by a data processing agreement (DPA):
We do not sell or rent your personal data, and we do not use it for any advertising purpose.
Customer application data (database and files) is hosted in the European Union. Some providers (e.g. Vercel, Stripe) may be established outside the EU; any transfers are governed by appropriate safeguards (European Commission Standard Contractual Clauses and/or the applicable data protection framework).
We implement appropriate technical and organizational measures: password hashing (bcrypt), encryption in transit (HTTPS/TLS), strict data isolation between organizations (multi-tenant separation), httpOnly authentication cookies, request rate limiting, access logging and security headers (CSP, HSTS).
Under the GDPR, you have the rights of access, rectification, erasure, restriction, objection and portability of your data. To exercise them: contact@maintvision.com.
If your data is processed by your organization within the application, please address your request to it first (data controller); we assist it in that capacity. You may also lodge a complaint with your supervisory authority (in France, the CNIL — cnil.fr).
The marketing website uses no advertising cookies. With your consent (collected via the banner shown on your first visit), we use Google Analytics to measure site traffic; it then sets measurement cookies (_ga, _ga_*). Declining has no effect on browsing, and you can change your choice at any time by clearing the site’s cookies.
The application only uses technical cookies strictly necessary for authentication (mv_access, mv_refresh), without which the Service cannot function.
For any question about this policy, write to contact@maintvision.com. We may update this policy; the last-updated date appears at the top of the page.
A question about these documents? Contact us