Listar
Back to trust center

🛡️ Privacy

Privacy Policy

How we collect, use and protect your personal data as a Listar user.

Last updated: February 24, 2025

Introduction

Listar SAS (hereinafter "Listar", "we") places great importance on the protection of your personal data. This privacy policy aims to inform you about how we collect, use and protect your personal data in compliance with the General Data Protection Regulation (GDPR) and French data protection laws.

1. Data Controller

The data controller is:

Listar
Registered office: 22 avenue des Champs Elysées, 75008 Paris, France
Email: contact@listar.fr

Data Protection Officer (DPO): dpo@listar.fr

2. Personal Data Collected

When using our platform and browser extension, we collect the following data:

2.1 Data you provide

  • First and last name
  • Professional email address
  • Password (stored encrypted)
  • Company name
  • Billing information

2.2 Automatically collected data

  • IP address
  • Browser type and operating system
  • Pages visited and actions performed on the platform
  • Login date and time

2.3 Search-related data

We retain your search history performed on the platform to allow you to review it later and to improve our services.

2.4 Data collected via the browser extension

When you use our Chrome extension on a LinkedIn or Facebook profile page and click the Listar button, the extension collects the following information:

  • Visible profile information: name, job title, company, city, profile picture
  • Profile identifier: LinkedIn slug or Facebook ID, used to initiate the contact details search
  • Authentication token: stored locally in the browser to maintain your signed-in session

The extension does not collect any data in the background. Processing is triggered only by an explicit user action (clicking the Listar button). Collected data is transmitted to the Listar API over a secure connection (HTTPS) to execute the requested search.

3. Purpose of Processing

Your personal data is processed for the following purposes:

  • Account management: creation, authentication and management of your personal space
  • Service delivery: executing searches and data enrichment, including via the browser extension
  • Billing: subscription and payment management
  • Communication: sending transactional emails (registration confirmation, password reset, invoices)
  • Customer support: responding to your support requests
  • Service improvement: usage analysis to improve our platform
  • Legal obligations: compliance with accounting and tax requirements

4. Legal Basis for Processing

The processing of your data is based on the following legal grounds:

  • Performance of a contract: processing necessary to provide our services (Article 6.1.b GDPR)
  • Legitimate interest: improving our services and platform security (Article 6.1.f GDPR)
  • Legal obligation: retention of billing data (Article 6.1.c GDPR)
  • Consent: for marketing communications, where applicable (Article 6.1.a GDPR)

5. Data Recipients

Your personal data may be shared with the following recipients:

5.1 Service providers

  • Stripe (payments): secure credit card payment processing. Stripe is PCI-DSS certified.
  • Mailjet (email): transactional email delivery.
  • Google (authentication): sign-in via Google Sign-In. Only email and name are transmitted.
  • Hosting provider: our servers are hosted within the European Union.

5.2 Other recipients

Your data may also be disclosed to competent authorities upon judicial request or in compliance with legal obligations.

6. Data Transfers Outside the European Union

Some of our service providers (Stripe, Mailjet, Google) may transfer your data outside the European Union. These transfers are governed by appropriate safeguards:

  • European Commission standard contractual clauses
  • European Commission adequacy decisions
  • Data Privacy Framework (DPF) for transfers to the United States

7. Data Retention

Your personal data is retained for the following periods:

  • Account data: retained for the duration of your account, then deleted within 30 days of account closure
  • Billing data: retained for 10 years in compliance with accounting obligations
  • Connection logs: retained for 12 months in compliance with regulations
  • Search history: retained for the duration of your account
  • Extension data: the authentication token is deleted upon sign-out or uninstallation of the extension

8. Your Rights

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: obtain confirmation that your data is being processed and receive a copy
  • Right to rectification: have inaccurate or incomplete data corrected
  • Right to erasure: request deletion of your data in certain cases
  • Right to restriction: request suspension of processing of your data
  • Right to data portability: receive your data in a structured, machine-readable format
  • Right to object: object to the processing of your data on legitimate grounds
  • Right to withdraw consent: at any time for consent-based processing

To exercise these rights, contact our DPO at: dpo@listar.fr

You also have the right to lodge a complaint with the CNIL (French Data Protection Authority): www.cnil.fr

9. Cookies

Listar only uses cookies strictly necessary for the operation of the service:

  • Session cookies: maintain your connection during browsing
  • Security cookies: protect against CSRF attacks

We do not use tracking or analytics cookies. Your browsing is not tracked for advertising purposes.

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • Data encryption in transit (HTTPS/TLS)
  • Password encryption (bcrypt)
  • Data access restricted on a need-to-know basis
  • Access monitoring and logging
  • Secure hosting within the European Union

11. B2B Data Accessible via Listar

Professional data accessible through our enrichment service comes from public sources and data partners. If you are concerned by this data and wish to exercise your rights:

  • Right to object: you can request to no longer appear in our search results
  • Right to rectification: you can report inaccurate information

For any request, contact: dpo@listar.fr

12. Policy Changes

We reserve the right to modify this privacy policy at any time. In case of substantial changes, we will notify you by email or via a notification on the platform. The last update date is indicated at the top of this page.

13. Contact

For any questions regarding this privacy policy or the processing of your personal data: