Privacy policy

This privacy policy describes how Profilia collects and uses data when you visit profilia.app.

Data controller

The data controller is Adrien Albuquerque. Contact: [email protected].

Data Protection Officer (DPO): no DPO is designated. Under art. 37 GDPR this is not mandatory in our case (small business, no large-scale processing of sensitive data, no systematic monitoring at scale). For any privacy-related question, please contact the data controller directly.

Minimum age

Profilia is intended for users aged 15 and older, in line with art. 8 GDPR and the French Data Protection Act. If you are under 15, please obtain consent from a parent or legal guardian before using the site.

Data collected

Anonymous audience measurement

When you browse Profilia, start or complete a test, we record the following events in a strictly anonymous way:

  • The page or quiz and the profile obtained
  • Completion duration
  • Device type (mobile, desktop, tablet)
  • Scores
  • Language (French or English)
  • Country derived from the browser's Accept-Language header
  • Language detection: on your first visit, we read your browser's Accept-Language header to automatically suggest the site in your language. This information is not stored — only your explicit choice (clicking the language switcher) is remembered via a functional locale cookie.
  • The domain of the page you arrived from (e.g. google.com, reddit.com) — domain name only, never the full URL or query parameters

We do NOT collect any individual marketing attribution (UTM, landing page, ref_code) on these tables. That information is persisted only at explicit conversion events (outbound share, comparison, account deletion) on a dedicated table with no link to your browsing journey.

Rotating session identifier

To group events from the same visit we compute a session identifier from a truncated IP address (last octets zeroed), a coarse User-Agent (browser and OS family only, no version) and a secret salt regenerated every day and immediately thrown away. This "rotating salt" technique guarantees it is impossible to link two visits from the same user across different days. The identifier is therefore genuinely anonymous under the CJEU C-413/23 P ruling of 4 September 2025 and the CNIL guidelines of 4 July 2025 on consent-exempted audience measurement.

Aggregated data

Individual data is aggregated into daily statistics (number of completions per quiz and per profile). These aggregated statistics contain no individual information.

User account (optional)

Profilia offers optional account creation. Tests remain accessible without registration. If you choose to create an account, the following data is collected:

  • Email address: used solely for magic link authentication (no password is stored)
  • Name: to personalize your dashboard
  • Quiz history: completed quizzes, profiles obtained, scores, and dates are saved to allow you to track your evolution

You may sync quiz history completed before account creation (stored locally in your browser) to your account. This synchronization is voluntary.

Comparison sessions

The "Challenge a friend" feature creates a comparison session that allows you to compare your results with a friend's. These sessions:

  • Are accessible via a unique link (UUID) that you share
  • Contain participant scores and profiles (anonymous data)
  • Automatically expire after 30 days
  • Anyone with the link can view the results

Personality DNA sessions

The "My DNA" feature generates a cross-quiz personality profile. By default your DNA is computed entirely in your browser from your local history: nothing is sent to the server. A session is only persisted in our database if you explicitly click "Share". In that case:

  • It is accessible via a unique link (UUID)
  • It contains profiles and dimensions from your quizzes (anonymous data)
  • It automatically expires after 30 days

Cookies and third-party trackers

Profilia does not use any third-party cookies or trackers for advertising or analytics. No advertising script (Google Ads, AdSense, Meta Pixel) or third-party analytics tool (Google Analytics, Google Tag Manager) is loaded.

Web audience measurement is handled by Umami, an open-source solution that we self-host on the subdomain stats.profilia.app (Hetzner Germany infrastructure, no data transfer to a third-party vendor). Umami is cookieless: it does not set any cookie in your browser. For logged-out visitors, the visitor identifier is derived from your IP, User-Agent, and a daily rotating salt, ensuring that two visits from the same user cannot be linked across days. Events are retained for 25 months maximum and then automatically purged, in line with the CNIL ceiling for consent-exempt audience measurement (CNIL recommendation of 4 July 2025).

For users logged into a Profilia account, a stable pseudonymous identifier (your internal user ID, never your email or name) is associated with your Umami sessions so we can retrieve your quiz history across devices. This association is opt-out at any time from Settings → Data & privacy, and is automatically cleared at logout. Legal basis: contract performance (you created the account voluntarily). Logged-out visitors remain strictly anonymous as described above.

Third-party services

Resend (transactional emails)

Login emails (magic links) are sent via the Resend service. Your email address is transmitted to Resend solely for sending the authentication email. Learn more: Resend's privacy policy.

Sentry (error tracking)

The website uses Sentry to detect and fix technical errors. Sentry collects technical diagnostic data: error messages, execution traces, browser type and version, URL visited at the time of the error, and IP address. IP addresses are automatically anonymized by Sentry and are not used for identification purposes. No other personal data (name, email, etc.) is transmitted. This processing is based on our legitimate interest in ensuring service stability. Learn more: Sentry's privacy policy.

Legal basis

  • Legitimate interest: anonymous quiz tracking allows us to improve the service (usage statistics, abandon rates, profile distribution). Technical error tracking (Sentry) also falls under legitimate interest.
  • Performance of contract: collecting your email during account creation is necessary to provide the authentication and quiz history service.

Data retention

  • Anonymous audience measurement data (quiz completions, starts, page views): retained for up to 25 months, then purged automatically (CNIL maximum for consent-exempted audience measurement).
  • Attributed conversion data (shares, signups with UTM): retained for up to 13 months.
  • User account data: retained as long as your account is active. When you delete your account, a 30-day grace period lets you cancel via an email link; after that, all of your personal data (account, email, sessions, badges) is permanently erased and your quiz results are detached from your identity (kept for aggregate statistics only).
  • Magic link authentication tokens: valid for 15 minutes, then purged hourly.
  • Comparison sessions: automatically deleted after 30 days.
  • Shared DNA sessions: automatically deleted after 30 days.
  • Server access logs (nginx): IP addresses are truncated (/24 for IPv4, /48 for IPv6) before being written.
  • Aggregated statistics (DailyStat): retained indefinitely as they cannot be linked to any individual.

Sub-processors and non-EU transfers

Profilia relies on a limited set of sub-processors. Each is covered by a Data Processing Agreement and, for US vendors, by the EU-US Data Privacy Framework:

  • Hetzner Online GmbH (Germany) — servers and database hosting. No non-EU transfer.
  • Resend (United States, DPF) — sending magic link and account deletion emails.
  • Sentry (United States, DPF) — technical error monitoring, IPs anonymised at source.
  • Cloudflare (United States, DPF) — CDN and anti-DDoS protection, processes anonymised technical logs.

Your rights

Under the GDPR, you have the following rights:

  • Right of access: know what data concerns you
  • Right to rectification: have inaccurate data corrected
  • Right to erasure: request the deletion of your data
  • Right to object: object to the processing of your data
  • Right to data portability: receive your data in a structured format

If you have an account: you can export all of your personal data as JSON from the "Data & privacy" section of your settings, and trigger account deletion with a 30-day grace period from the same screen.

Anonymous audience measurement data: thanks to the daily rotating salt, it is technically impossible for us to identify your visits among aggregate data. We cannot honour an individual erasure request on these tables, but they are purged automatically after 25 months at the latest.

Right to object to tracking: our internal audience measurement is exempt from consent because it is genuinely anonymous, so there is nothing to "disable" on our side. No third-party marketing or analytics cookies are set on this site.

Right to complain: if you believe your rights are not respected, you may lodge a complaint with the French data protection authority (CNIL).

For any questions or requests, contact us at: [email protected].

Changes

This policy may be updated at any time. The date of the last modification is indicated below.

Cookie declaration

Below is the list of cookies set on this site. All are strictly necessary to operate the service and exempt from prior consent (Article 82 of the French Data Protection Act).

  • laravel_session, XSRF-TOKEN — form security and temporary session identification (session duration).
  • locale — stores your language preference if you've selected one explicitly (12 months).

No advertising, analytics or profiling cookies are set.

Last updated: April 9, 2026