Privacy Policy — KeepAlive
Last updated: April 18, 2026 · Version: 1.0
This policy describes the processing of personal data carried out as part of the KeepAlive mobile application (iOS and Android) and its associated backend service, available at keep-alive.fr. It is drafted in accordance with Regulation (EU) 2016/679 ("GDPR" / "RGPD") and the French Data Protection Act ("loi Informatique et Libertés") No. 78-17 of 6 January 1978, as amended.
1. Identity of the data controller
The data controller within the meaning of Article 4(7) of the GDPR is:
- Romain JEAN, independent publisher (French micro-enterprise)
- Contact:
romain.jean34@gmail.com - Postal address: [to be confirmed — GDPR correspondence address]
Given the scale of the processing (micro-publishing, no systematic large-scale processing of sensitive data within the meaning of Article 9 GDPR outside an alert context) and pursuant to Article 37 of the GDPR, the appointment of a Data Protection Officer (DPO) is not mandatory. Any inquiry can be sent directly to the email address above.
2. Data collected and legal bases
| Category | Detail | Legal basis (Art. 6 GDPR) |
|---|---|---|
| Account credentials | Email address, phone number, password (stored hashed, never in clear) | Performance of contract (6.1.b) |
| Security codes | "Normal" code and "distress" code chosen by the user | Performance of contract (6.1.b) |
| Operator tickets | Metadata for handling by our on-call operator (timestamp of receipt, operator ID, session duration, final decision: dispatch / call / acknowledgment) | Performance of contract (6.1.b) + vital interest (6.1.d) |
| Precise geolocation | GPS coordinates streamed continuously during a distress session, and occasionally during a check-in | Consent (6.1.a) + vital interest (6.1.d) |
| Video / photo capture | JPEG stream ~30 fps during a distress session | Consent (6.1.a) + vital interest (6.1.d) |
| Audio capture | PCM 16-bit / 16 kHz audio stream during a distress session | Consent (6.1.a) + vital interest (6.1.d) |
| Check-in history | Timestamp and status (normal / distress / missed) | Performance of contract (6.1.b) |
| Technical diagnostics | Crashes and performance via Sentry — pseudonymized identifier, no email or phone number; truncated GPS; masked JWT | Legitimate interest (6.1.f) |
| Authentication JWT | Stored exclusively in the iOS Keychain via flutter_secure_storage | Performance of contract (6.1.b) |
| Push notification token (APN) | Used to deliver check-in reminders | Performance of contract (6.1.b) |
No data is collected for advertising, commercial profiling, or resale. The PrivacyInfo.xcprivacy file declares NSPrivacyTracking = false and lists no tracking domains.
3. Purposes
- Ensure the user's personal safety — detection of distress situations, handling of the alert by our 24/7 on-call operator, qualification (audio listening, photo review, GPS verification), dispatch of the relevant emergency services (police, gendarmerie, paramedics) when a threat is confirmed, transmission of an HMAC-signed forensic bundle to local authorities where applicable, and retention of evidence so the user can review it after the fact.
- Send check-in reminders scheduled by the user.
- Maintain and improve service stability (error diagnostics, performance metrics).
4. Retention periods
| Data | Period |
|---|---|
| User account | Lifetime of the account + 30 days after a deletion request |
| Operator tickets (timestamps, decisions) | 3 years (remote-monitoring traceability obligation, NF X50-755) |
| Check-in history (metadata) | 12 rolling months |
| Alert media (video, audio, GPS) | 90 days from session closure |
| Sentry reports | 90 days (default Sentry EU plan retention) |
| Server logs (access IP, application) | 12 months maximum (French CPCE Art. L.34-1) |
5. Recipients and processors
Data is never sold, rented, or shared for commercial purposes.
- Backend and operator console hosting: self-hosted infrastructure located in Falkenstein (Germany, EU).
- On-call remote-monitoring operators: KeepAlive or its authorized partners operating exclusively from within the European Union, bound by professional secrecy (French Penal Code Art. 226-13) and trained in alarm verification according to the NF X50-755 standard.
- Let's Encrypt (ISRG, United States) — TLS issuance only, no user data transmitted.
- Apple Push Notification service (APNs) — Apple Inc., United States; transmission of notification tokens.
- Sentry (EU region instance / Frankfurt) — pseudonymized crash reports.
When an alert is qualified by our on-call operator, the following items may be transmitted to the relevant authorities (police, gendarmerie, paramedics) depending on the jurisdiction: GPS position, account identity, the most recent meaningful audio/photo excerpt, and an HMAC-signed forensic bundle guaranteeing chain-of-custody integrity. No transmission occurs without prior human qualification by the operator.
6. Transfers outside the European Union
- Apple APNs: transfers covered by the Standard Contractual Clauses (Decision 2021/914) and Apple's adherence to the EU-U.S. Data Privacy Framework.
- Sentry: instance pinned to the EU region to avoid any transfer outside the EU.
7. Rights of data subjects
- Right of access to data (Art. 15)
- Right to rectification (Art. 16)
- Right to erasure (Art. 17)
- Right to data portability (Art. 20)
- Right to restriction of processing (Art. 18)
- Right to object to processing based on legitimate interest (Art. 21)
- Right to withdraw consent at any time (revocation of iOS Camera / Microphone / Location permissions)
Procedure: substantiated request to romain.jean34@gmail.com. Reply within 30 days (extendable by two months in case of complexity, Art. 12.3 GDPR). Complaints can be filed with the CNIL (French Data Protection Authority) — 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07 — www.cnil.fr.
8. Security
- Transport: TLS 1.2+ with certificate pinning on the leaf certificate and the Let's Encrypt E8 intermediate.
- Device storage: JWT and codes in the iOS Keychain via
flutter_secure_storage. Sensitive data wiped on sign-out. - Server storage: passwords hashed with salted bcrypt.
- Authentication: short-lived JWT.
- Logs auto-masked (
logger.dart): emails, JWT, truncated GPS. - Minimization: no biometric data within the meaning of Art. 9 GDPR.
9. Cookies and trackers
The mobile application uses no cookies or equivalent tracking technology (no advertising SDK, no pixel, no IDFA — NSPrivacyTracking = false). The keep-alive.fr website uses no third-party analytics cookie; any future audience measurement will be self-hosted and compliant with CNIL guidelines on cookies exempt from consent.
10. Minors
The application is rated 12+. In accordance with Article 8 of the GDPR and French law, registration of a minor under 15 years old requires the joint consent of the minor and the holder of parental authority.
11. Changes
Any substantial change (purpose, recipient, or retention period) will be notified in the application and/or by email prior to taking effect.
12. Contact & supervisory authority
- Data controller: Romain JEAN —
romain.jean34@gmail.com - CNIL — 3 Place de Fontenoy, TSA 80715, 75334 PARIS CEDEX 07 — www.cnil.fr — +33 (0)1 53 73 22 22