Privacy Policy

Last updated: March 12, 2026

1. Who we are

Public Data Maps ("we", "us", "our") operates the website publicdatamaps.com. This policy explains how we collect, use, and protect your personal data when you use our service.

2. Data we collect

Account information

When you create an account we store your email address, display name, and profile photo URL (if you sign in with Google). This data is managed by Firebase Authentication and stored in Google Cloud Firestore.

Subscription & billing

If you subscribe to a paid plan, payment is processed by Stripe. We store your Stripe customer ID and subscription metadata (plan tier, seat count, billing interval) in Firestore. We do not store credit card numbers, bank details, or any raw payment credentials — those are held exclusively by Stripe under their privacy policy.

User preferences & saved data

Your theme preference, selected columns, saved searches, saved areas, quick filters, and other UI settings are stored in Firestore (synced across devices) and in your browser's localStorage (for instant restore on page load).

Organization data

If you create or join an organization, we store the organization name, member list (user IDs, emails, roles), invitations, connectors (uploaded CSV data including latitude/longitude and any columns present in your file), and shared quick filters.

Company data (SIRENE)

The company establishment data displayed in the application comes from the SIRENE v3 dataset published by INSEE (Institut National de la Statistique et des Études Économiques). This is publicly available open data. We do not collect this data from you.

Usage & analytics

We track search counts per user for quota enforcement (stored in Firestore). We do not use third-party analytics trackers. Server logs may temporarily record IP addresses and request metadata for debugging purposes.

3. How we use your data

  • To authenticate you and maintain your session
  • To process subscriptions and enforce usage quotas
  • To sync your preferences and saved searches across devices
  • To send transactional emails (account verification, organization invitations, billing notifications)
  • To provide AI-generated company overviews (queries are sent to Google Vertex AI with only the company's public SIRENE data)
  • To improve and debug the service

4. Third-party services

We rely on the following processors:

  • Google Cloud Platform / Firebase — authentication, database, hosting, AI (Vertex AI), file storage
  • Stripe — payment processing
  • Resend — transactional email delivery
  • Nominatim (OpenStreetMap) — geocoding search (your search queries are sent to their public API)

Each processor has its own privacy policy. We encourage you to review them.

5. Data retention

Account data and preferences are retained for as long as your account exists. If you delete your account, your Firestore profile, preferences, and saved searches are deleted. Organization data is retained until the organization is dissolved by its owner. Stripe retains billing records independently per their policy.

6. Cookies & local storage

We use localStorage to persist your UI preferences (theme, columns, filters) for a faster loading experience. Firebase Authentication uses cookies and IndexedDB to maintain your session. We do not use advertising or tracking cookies.

7. Your rights

Under the GDPR and French data protection law (Loi Informatique et Libertés), you have the right to access, rectify, delete, and port your personal data. You may also object to or restrict processing. To exercise these rights, contact us at romainwintgens@gmail.com.

8. Security

All traffic is encrypted via TLS. Secrets (API keys, database credentials) are stored in Google Cloud Secret Manager. Authentication tokens are short-lived and validated server-side on every API request. Database access is restricted to authenticated server-side routes only.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via email or an in-app notice. The "Last updated" date at the top reflects the most recent revision.

10. Contact

For any privacy-related questions, reach us at wintgensromain@gmail.com.