Privacy notice

Who we are

La caisse is operated by Citizen Pay BV, a Belgian company with registered office at Cantersteen 47, 1000 Brussels, company number 1029.985.788, VAT BE 1029.985.788. Citizen Pay BV is the data controller for the personal data described in this notice. You can reach us at privacy@lacaisse.eu.

When this notice applies

We process personal data when you:

• visit lacaisse.eu or a fund subdomain we operate;
• create or hold a La caisse account;
• operate a fund on our hosted infrastructure; or
• participate as a member, merchant, or guest of a fund we host.

If you participate in a fund operated by a third party who self-hosts La caisse, that operator is the controller for your data — not us.

What we collect and why

We process the following categories of personal data:

• Account data — name, email, password hash, passkey credentials. To provide and secure your account (GDPR art. 6.1.b — contract).
• Fund operational data — fund name, branding, members, allocation rules, transactions. To run the fund on your behalf (contract; processor on behalf of the fund operator).
• Billing data — payment tokens, invoices, VAT numbers. To process subscription payments and meet accounting obligations.
• Usage logs — IP, browser, session activity. For security, abuse prevention, and debugging (legitimate interest, art. 6.1.f).
• Support correspondence — emails and messages you send us. To respond to your queries (legitimate interest).
• Marketing emails — only if you opt in, withdrawable at any time (consent, art. 6.1.a).

For member data processed on behalf of a fund operator, we act as a processor. The fund operator is the controller and decides retention, access, and disclosure for that data.

Sub-processors

We rely on the sub-processors below to operate the service:

• Vercel Inc. — application hosting (EU; US transfers under Standard Contractual Clauses).
• Supabase Inc. — database, authentication, storage (EU region).
• Resend Inc. — transactional and notification email (EU; US transfers under SCCs).
• Citizenpay — open banking and token settlement (EU).

Transfers to the United States rely on Standard Contractual Clauses and the EU-U.S. Data Privacy Framework where applicable. An up-to-date sub-processor list is available on request.

How long we keep your data

• Account data: while your account is active, plus 30 days after closure.
• Fund operational data: while the fund is active. After closure, exportable for 30 days, then deleted within 90 days.
• Billing records: 7 years (Belgian accounting law).
• Logs: 30 to 90 days depending on category.

Your rights

Under the GDPR you have the right to:

• access the personal data we hold about you;
• have inaccurate data corrected;
• have data erased, subject to retention obligations;
• restrict or object to processing;
• receive your data in a portable format;
• withdraw any consent you have given;
• lodge a complaint with the Belgian Data Protection Authority at www.dataprotectionauthority.be.

To exercise these rights, email privacy@lacaisse.eu. We respond within 30 days.

Cookies

We only use cookies strictly necessary to operate the service: session, locale, and security. We do not use analytics, advertising, or tracking cookies, and we do not show a consent banner.

Security

We use TLS in transit, encryption at rest, passkey support for phishing-resistant authentication, and isolated per-fund data scopes. Incidents affecting personal data are reported to the Data Protection Authority within 72 hours where required.

Changes to this notice

We may update this notice. Material changes are announced by email to account holders. The "last updated" date above always reflects the most recent change.

Contact

Citizen Pay BV — Cantersteen 47, 1000 Brussels — privacy@lacaisse.eu.