DSB Intelligence
Get started free

Privacy Policy

Last updated: June 1, 2026

This policy describes how DSB Intelligence collects, uses, and protects your personal data, in compliance with GDPR (EU) and CNDP (Morocco).

1. Data controller

Data Scale Business — DSB Intelligence
DPO: Youness Elouargui — dpo@datascalebusiness.io
General contact: privacy@dsbi.ai

2. Data we collect

2.1 Identification (account)

  • Email, first name, last name (optional)
  • Password (bcrypt-hashed — never stored in clear)
  • Account creation date, last login
  • Locale (FR/EN)

2.2 Imported LinkedIn data

Published posts, audience composition, profile visitors. You upload this data manually from your LinkedIn account; we do not connect to the LinkedIn API directly.

2.3 Profile DNA

Industry, target audience, LinkedIn objectives, communication tone, priority KPIs, business description (free-text, optional).

2.4 Payment

Handled by Stripe (PCI-DSS Level 1 certified). We never store your card numbers; only stripe_customer_id and stripe_subscription_id.

2.5 Logs and analytics

  • Server logs (IP, user-agent, endpoints) — 30 days
  • Audit logs of sensitive actions — 24 months
  • PostHog analytics (anonymised events) — 12 months, opt-in via the cookie banner

3. Purposes

  • Deliver the DSB Intelligence service (AI LinkedIn analytics)
  • Generate insights via Anthropic's Claude API
  • Billing and subscription management (via Stripe)
  • Transactional emails (account, security, billing)
  • Product improvement (aggregated, anonymised analytics)
  • Security and fraud prevention

4. Legal basis (GDPR Article 6)

  • Contract performance (account, payment)
  • Legitimate interest (security logs, audits)
  • Consent (analytics, non-essential cookies)

5. Retention

  • Active account: as long as you maintain it
  • Inactivity > 12 months: automatic deletion after warning emails
  • Payment data: 10 years (accounting requirement)
  • Audit logs: 24 months
  • Server logs: 30 days

6. Subprocessors (Article 28)

SubprocessorLocationPurpose
VercelEU (Frankfurt)Frontend hosting
NeonEU (Frankfurt)Database
RailwayEUBackend hosting
AnthropicUS (SCC)Claude API (AI)
StripeEUPayments
ResendUS (SCC)Transactional email

7. International transfers

Anthropic and Resend are US-based. These transfers are covered by the Standard Contractual Clauses (SCC) approved by the European Commission.

8. Your rights

Under GDPR Articles 15-21, you have the following rights:

  • Access, rectification, erasure
  • Restriction, portability, objection
  • Withdrawal of consent at any time

Self-service: Settings → Privacy. By email: privacy@dsbi.ai. Maximum response delay: 30 days.

You may also file a complaint with the CNIL (France) or the CNDP (Morocco).

9. Security

Enforced HTTPS, at-rest encryption (Postgres + S3), bcrypt hashing, rate-limiting, multi-tenant isolation via PostgreSQL Row-Level Security, sensitive-action audit logs.

10. Cookies

See our Cookie Policy.

11. Minors

The service is reserved for individuals aged 16 and above.

12. Changes

You will be notified by email at least 30 days before any substantial changes.