Wenote.pro Logo
Globe

Legal

Privacy policy

Last updated March 8, 2026

This policy explains how personal data is processed when you browse wenote.pro, create an account, use app.wenote.pro, subscribe to a paid plan, or contact us.

It covers both the public marketing website and the SaaS application, including account administration, subscription management, support, security, and hosted content required for the service.

Data controller

Controller
PLANCOM.PRO
Contact
contact@wenote.pro

Data we may process

  • Technical browsing data, such as IP address, browser type, requested pages, date and time of requests, and security logs.
  • Account and subscription data, such as name, email address, company name, login credentials, user roles, and plan information.
  • Project and collaboration data necessary to operate the service, such as files, annotations, comments, participants, workspace settings, and related technical metadata.
  • Billing and payment-related data handled through the subscription flow, including order identifiers, invoice data, tax status, and renewal information.
  • Information you voluntarily send by email or support requests, and data generated by third-party providers required for hosting, protection, payment, storage, and email delivery, including Cloudflare, Hetzner, Cloudflare R2, Google Fonts, Resend, and Lemon Squeezy where relevant.

Purposes and legal bases

  • Create and manage user accounts, workspaces, and subscriptions on the basis of contractual necessity.
  • Provide the SaaS service, host files, send service emails, and maintain security on the basis of contractual necessity and legitimate interest.
  • Handle inbound requests, demos, and pre-contractual exchanges on the basis of your request and our legitimate interest in responding.
  • Manage billing, taxes, bookkeeping, fraud prevention, and legal compliance on the basis of legal obligations and legitimate interest.
  • Defend our rights and investigate incidents where necessary.

Recipients

Data may be accessed on a need-to-know basis by internal teams and by technical providers involved in hosting, security, payment, email delivery, storage, and font delivery.

  • Cloudflare, Inc. for website delivery and anti-abuse protection.
  • Hetzner Online GmbH for application, API, and database hosting.
  • Cloudflare R2 for hosted file storage.
  • Google Fonts for remote font loading currently used on the website.
  • Resend / Plus Five Five, Inc. for transactional or service email delivery when applicable.
  • Lemon Squeezy for subscription billing, merchant-of-record functions, invoices, taxes, renewals, disputes, and related payment operations where applicable.

International transfers

Some providers may process personal data outside the European Economic Area, especially when security, font delivery, payment, or email services are operated from the United States.

Where relevant, such transfers rely on the safeguards offered by the providers, including standard contractual clauses when applicable.

Retention periods

  • Technical logs are kept for the period strictly necessary for security, incident analysis, and service continuity.
  • Account and workspace data are kept for the duration of the contractual relationship, then archived or deleted according to operational and legal requirements.
  • Billing records and accounting documents are kept for the legally required retention period.
  • Email or support requests are kept for the time needed to process the request, then archived for evidence or legal follow-up when justified.

Your rights

  • You may request access, rectification, erasure, restriction, portability, or object to the processing of your personal data when applicable.
  • You may exercise your rights by writing to contact@wenote.pro.
  • You may also lodge a complaint with the competent supervisory authority, including the CNIL in France.

Cookies and similar technologies

The marketing website does not intentionally use advertising cookies.

The website and application may nevertheless use strictly necessary technical cookies, session cookies, authentication tokens, local storage, or security mechanisms required to ensure website delivery, account login, anti-abuse protection, billing continuity, and essential functionality. If audience measurement or marketing trackers are added later, this policy and the consent mechanism will need to be updated.