AiCorrect

Privacy policy

Last updated: June 4, 2026

Privacy Policy — Plume Grammar Checker

Version: 1.0

1. Data controller

The controller of personal data is:

  • Publisher: Jolivet Eloise
  • Status: Sole proprietorship (micro-enterprise)
  • SIRET: 10403298200019
  • Registered office: 3 rue Paul Vaillant Couturier, 78210 Saint-Cyr-l'École, France

This policy explains what data we process, why, on what legal basis, with whom it is shared, how long it is kept, and what your rights are.

2. Data we collect

We apply the principle of minimisation: we collect only what is necessary for the Service to function.

  • Email address: provided when you create your account. It is the only identifying data we store.
  • Number of words corrected: we count only the number of words corrected, for usage tracking and billing. We collect neither the content of the texts, nor the length of words, nor the size of texts, nor any other information about what you write.
  • IP address: collected for security and the proper functioning of the Service.
  • Payment data: processed directly by our provider Stripe. We do not have access to your full bank-card details.
  • Audience-measurement data: collected on our website via Google Analytics, subject to your consent (see section 8).

3. The processing of your texts

This is central to our commitment: Plume Grammar Checker does not keep the texts you correct.

When you use correction, your text is sent to our artificial-intelligence provider, Mistral AI, which performs the correction and returns the result. Our servers do not store this text.

As of today:

  • Mistral AI processes the data via its infrastructure located in the European Union;
  • the texts sent via the API are not used to train Mistral's models;
  • Mistral AI nevertheless temporarily keeps requests for a maximum of 30 days to combat abuse, before deletion.

4. Purposes and legal bases

  • Email address — account creation, authentication, provision of the Service. Legal basis: performance of the contract.
  • Transmission of the text to be corrected — providing the requested correction. Legal basis: performance of the contract.
  • Number of words corrected — usage tracking and billing. Legal basis: performance of the contract.
  • Billing data (via Stripe) — management of payments and subscriptions. Legal basis: performance of the contract / legal obligation.
  • IP address, technical logs — security, prevention of abuse and fraud. Legal basis: legitimate interest.
  • Retention of invoices — compliance with accounting and tax obligations. Legal basis: legal obligation.
  • Audience measurement (Google Analytics) — understanding use of the website. Legal basis: consent.

5. Recipients and sub-processors

Your data is never sold. It is shared only with providers acting on our behalf, to the extent necessary for their task:

  • Mistral AI — text correction (EU infrastructure).
  • Stripe — payment processing.
  • Hetzner — hosting of the Service.

Each of these providers is bound by a GDPR-compliant contract.

6. Transfers of data outside the European Union

  • The processing of texts by Mistral AI is carried out on infrastructure located in the European Union.
  • The use of Stripe and Google Analytics may involve a transfer of certain data to countries outside the European Union, notably the United States. These transfers are governed by appropriate safeguards (European Commission standard contractual clauses and/or the EU–US Data Privacy Framework).

7. Retention periods

  • Email address and account data: kept as long as your account is active, then deleted when the account is deleted.
  • Number of words corrected: kept for the duration of the subscription.
  • Billing data and invoices: kept for the legal period applicable to accounting (10 years).
  • IP address and technical logs: kept for 12 months, then deleted.
  • Corrected texts: not kept by Plume Grammar Checker; kept for a maximum of 30 days by Mistral AI (see section 3).

8. Your rights

In accordance with the GDPR, you have the following rights:

  • Access: obtain a copy of your data.
  • Rectification: correct inaccurate data.
  • Erasure: request the deletion of your data.
  • Portability: retrieve your data in a reusable format.
  • Objection and restriction of processing.
  • Withdrawal of consent at any time, for processing based on it (for example audience measurement).

You can export your data (JSON file) and delete your account directly from your dashboard. For any other request, contact us at: contact@iaco.app

You also have the right to lodge a complaint with the CNIL (the French data protection authority), 3 Place de Fontenoy, 75007 Paris, France — www.cnil.fr.

9. Security

We implement appropriate technical and organisational measures to protect your data. As no system is infallible, we cannot, however, guarantee absolute security.

10. Minors

The Service is reserved for adults (18 years or older). We do not knowingly collect data concerning minors.

11. Changes

We may amend this privacy policy. In the event of a substantial change, you will be informed. The applicable version is the one published on the website on the date you use the Service.

12. Contact

For any question regarding your personal data: contact@iaco.app