Kantise

KANTISE PRIVACY POLICY

Last updated: January 04, 2026

MANIFESTO: YOUR DATA, YOUR VALUE

At Kantise, protecting your personal data is not an option, it is our top priority.

Kantise's primary goal is to put technology at the service of your self-knowledge. We allow you to reclaim your scattered data (sports, music, games, health), understand it, cross-reference it, and master it.

Because we process intimate data (mood, habits), we comply with the strictest standards. Your personal data belongs to you. Kantise adds value to it (analysis, meaning), but does not extract from it (no sale to third parties).

IMPORTANT: WHAT KANTISE IS NOT (DISCLAIMER)

Kantise is an information and exploration tool, and not a medical device.

The data, charts, scores, and correlations (e.g., "Link between Sleep and Mood") provided by the application are given for informational purposes to help you track your well-being. They do not constitute a diagnosis, prevention, or medical treatment.

Never make a medical decision (changing treatment, stopping medication) solely based on Kantise data. In case of doubt about your physical or mental health, always consult a healthcare professional.

1. WHAT DATA DO WE COLLECT?

We only collect data strictly necessary to provide you with a high-performance "Hub" and "Correlation" service.

A. When you browse our site (Visitor)

Navigation data: Technical cookies, IP address, browser type, pages visited (for anonymous statistics and security).

B. When you use the application (User)

  • Identification data: Display name, email address, encrypted password (or Google/Apple OAuth token), date of birth, time zone.
  • Location data: Approximate location (deduced from IP address or device settings) used to automatically adapt the interface language and display local weather data.
  • Technical data: Connection logs, IP address.

C. When you connect third-party services (The "Hub")

This is the core of our service. We only collect this data if you voluntarily connect an application to our Kantise services. Data categories collected include:

  • Sport (e.g., Strava): Activity details, durations, distances, heart rates, and geolocation data associated with routes.
  • Music (e.g., Spotify): Listening history, favorite artists, musical genres, audio features of tracks (tempo, energy, etc.).
  • Entertainment (e.g., Steam): Playtime, game library, unlocked achievements.
  • Health (e.g., Oura, Withings): Physiological data such as sleep (duration, phases), step count, weight, or heart rate variability.
  • Others: Local weather (based on your geolocation or declared city).

Note: We do not store your passwords for these third-party services. We use secure access "tokens" (OAuth) that you can revoke at any time.

For each connection to each service, the detail of shared data will be indicated as precisely as possible, relying on the details provided by the third-party service.

D. During your daily use (Manual Tracking)

Data you enter directly into the application:

  • Indicators (Trackers): Mood, energy level, hydration, custom tags.
  • Context (My Rhythm): Work hours, commute time, declared habits.
  • Goals: Personal challenges and progress.

2. PROCESSING OF PERSONAL DATA

We process your data for specific purposes and on an identified legal basis.

2.1. NECESSITY OF PROCESSING

We collect this data to make the application work. Without this data (especially API connections), Kantise cannot fulfill its mission as a "Hub" and correlation tool.

2.2. LIST OF PROCESSING

A) USE OF KANTISE SERVICES

1. Creation and management of your account
Data processed: Email address, Date of birth, Last name, First name, Password (encrypted), IP Address, Location.
Legal Basis: Contract execution (TOS).
Retention period: Until your account is deleted. In case of total inactivity, deletion after 10 years (after alert).
2. Aggregation and Graphical Presentation (The Hub)
Data processed: Raw data from third-party APIs (Sport, Music, Health, Games) and manual data.
Legal Basis: Contract execution.
Retention period: Until your account is deleted.
3. Calculation of Correlations and Analyses
Data processed: Cross-referencing API data (e.g., BPM) and manual data (e.g., Mood).
Legal Basis: Contract execution.
Retention period: Until your account is deleted.
4. Experience Customization (Goals, Rhythm)
Data processed: Configuration of your typical weeks, definition of your challenges.
Legal Basis: Consent (voluntary setting).
Retention period: Until account deletion or parameter modification.

B) PAYMENT AND SUBSCRIPTION

1. Management of Premium subscriptions
Data processed: Payment history, subscription status, card type (last 4 digits via Stripe). Note: Kantise never stores your full card number.
Legal Basis: Contract execution.
Retention period: 10 years for legal accounting obligations (invoicing).

C) COMMUNICATION AND SUPPORT

1. Customer Support (Help Center & Bugs)
Data processed: Email address, name, request content, technical logs. Support access to your account data is restricted and requires a specific procedure.
Legal Basis: Legitimate interest (helping you use the service).
Retention period: Contact tickets or emails are kept for 10 years after the request is closed.
2. Sending service communications
Data processed: Email address.
Legal Basis: Contract execution (for security alerts, invoices) or Consent (for newsletters, "Wrapped").
Retention period: As long as your account is active or until unsubscribed.

D) RESEARCH AND SECURITY

1. Research and Statistics
Data processed: Pseudonymized data (identified by a unique technical ID and not by your name) or aggregated statistics.
Legal Basis: Legitimate interest (Improving scientific knowledge and the product).
Retention period: Unlimited once anonymization or irreversible aggregation is perfromed.
2. Security and fraud prevention
Data processed: Connection logs, suspicious access attempts.
Legal Basis: Legitimate interest (Protecting our users).
Retention period: 1 rolling year.

3. WHO ARE THE RECIPIENTS OF YOUR DATA?

Your personal data is strictly confidential.

1. Internal Access

Only Kantise employees needing access to data for technical reasons or customer support have access, in a restricted and secure manner. They are bound by professional secrecy.

2. Technical Subcontractors

We work with trusted providers to operate the application. They are only authorized to process your data on our behalf and according to our strict instructions:

  • Hosting & DB: Clever Cloud (Servers located in Europe).
  • Payment: Stripe (Secure transaction management).
  • Email sending: Brevo.

They are contractually bound to a strict obligation of confidentiality and security regarding your data.

3. Social Sharing (Your choice)

If you use sharing features (e.g., sharing a correlation chart or a "Wrapped" on Instagram), you choose to make this data public.

4. TRANSFERS OUTSIDE THE EUROPEAN UNION

Our main infrastructure is located in Europe. If data is transferred (for example via third-party analysis tools or Stripe), we ensure that the transfer is governed by Standard Contractual Clauses validated by the European Commission.

5. YOUR RIGHTS

In accordance with GDPR, you have full control over your data:

  • Right of access: You can request a copy of all data we hold about you.
  • Right to rectification: You can modify your inaccurate information directly in the application (Profile Page).
  • Right to erasure ("Right to be forgotten"): You can request the complete deletion of your account and all your associated data.
  • Right to data portability: You can retrieve your data in an open and readable format (JSON/CSV) to use elsewhere.
  • Right to object: You can refuse the use of your data for certain analyses or communications.

A request?

To exercise these rights, contact us at privacy@kantise.com

You can also use the "Delete my account" button in the application settings.

6. SECURITY AND RETENTION

Security

We implement advanced technical measures to protect your data:

  • Pseudonymization: Your usage data is associated with a unique technical identifier (ID) and separated from your direct identity data as much as possible.
  • Encryption: Data encrypted in transit (TLS), encryption at rest.
  • Audits: Regular security audits of the infrastructure by our host (Clever Cloud) and internal security reviews of the application code.

Retention & Backups

  • Deletion: When your account is deleted, your data is erased from our active databases instantly.
  • Backups: Our security backups (encrypted) are kept for 90 days before being overwritten, to cover any major technical incident.

7. COOKIE MANAGEMENT

We use Cookiebot to manage your consent to cookies and trackers on our showcase site and application.

Cookiebot allows you to:

  • Be aware of the exhaustive list of cookies used.
  • Accept or refuse cookies by category (Necessary, Statistics, Marketing).
  • Modify or withdraw your consent at any time via the cookie management module present on the site.

8. CONTACT

For any questions: privacy@kantise.com

KANTISE SAS
[Adresse du Siège Social]
[Numéro SIRET]