VITALCODE HEALTHCARE

Privacy Policy — VitalCode Healthcare

Privacy Policy

Last updated: May 25, 2026

This Privacy Policy explains how personal data is collected, used, stored and protected when users visit vitalcode.healthcare, contact the publisher, or purchase a digital VitalCode product.

1. Data Controller

The data controller for this website is:

Legal name: Séraphine MBEZELE NGONO
Legal form: Sole proprietorship
Registered office SIRET: 482 032 596 00058
VAT number: FR72482032596
Business address: 231, rue Saint-Honoré, 75001 Paris, France
Website: vitalcode.healthcare
Contact email: contact@vitalcode.healthcare

2. Personal Data Collected

The website may collect the following categories of personal data:

  • Identification data, such as first name, last name and email address.
  • Billing data, such as billing address, country, VAT-related information and order details.
  • Payment-related data processed through Stripe.
  • Technical data, such as IP address, browser type, device information and website usage data.
  • Communication data, when a user contacts the publisher by email or through a contact form.
  • Purchase data, including product purchased, order date, amount paid and access status.

The website does not intentionally collect sensitive medical data. Users should not send medical records, diagnoses, prescriptions or confidential health information through the website or by email.

3. Purposes of Processing

Personal data may be processed for the following purposes:

  • Processing and managing orders for digital products.
  • Providing access to purchased content, including PDFs, videos and digital resources.
  • Sending order confirmations, invoices and transactional emails.
  • Responding to user questions and support requests.
  • Managing customer accounts and access rights where applicable.
  • Complying with legal, accounting and tax obligations.
  • Securing the website and preventing fraud, abuse or unauthorized access.
  • Improving the website, user experience and digital services.

4. Legal Bases for Processing

Personal data is processed on the following legal bases:

  • Contract performance: to process orders and provide access to purchased digital products.
  • Legal obligation: to comply with accounting, tax and regulatory obligations.
  • Legitimate interest: to secure the website, manage customer relationships and improve services.
  • Consent: where required, especially for certain cookies, analytics or marketing tools.

5. Payment Processing

Payments made through the website are processed by Stripe, a secure third-party payment provider.

When a user places an order, payment-related data may be transmitted to Stripe for the purpose of processing the transaction, authenticating the payment, preventing fraud, managing disputes and complying with applicable financial and regulatory obligations.

The publisher does not store full bank card details. Payment information is collected and processed directly by Stripe according to Stripe’s own security, privacy and compliance standards.

For more information on how Stripe processes personal data, users may refer to the Stripe Privacy Policy.

6. Data Recipients

Personal data may be shared only when necessary with:

  • IONOS SARL, website hosting provider.
  • Stripe, for secure payment processing, payment authentication, fraud prevention, dispute management and transaction management.
  • Email and transactional communication services.
  • Technical service providers used to operate the website.
  • Accounting, tax or legal advisors where required.
  • Public authorities, if legally required.

Personal data is not sold to third parties.

7. Data Retention

Personal data is kept only for as long as necessary for the purposes described in this Privacy Policy, unless a longer retention period is required by law.

  • Customer and order data may be retained for the duration required for accounting, tax and legal obligations.
  • Contact requests may be retained for the time necessary to respond and manage the relationship.
  • Technical logs may be retained for security and fraud prevention purposes.
  • Cookie-related data is retained according to the duration defined by the applicable cookie settings and regulations.

8. International Transfers

Some technical providers, including Stripe, may be located outside the European Economic Area or may process data outside the European Economic Area. Where applicable, such transfers are protected by appropriate safeguards, such as adequacy decisions, standard contractual clauses or equivalent legal mechanisms.

9. User Rights

Under applicable data protection laws, users may have the following rights:

  • Right of access to their personal data.
  • Right to rectification of inaccurate or incomplete data.
  • Right to erasure of personal data, where applicable.
  • Right to restriction of processing.
  • Right to object to certain processing operations.
  • Right to data portability, where applicable.
  • Right to withdraw consent at any time where processing is based on consent.

To exercise these rights, users may contact the publisher at: contact@vitalcode.healthcare.

Users may also lodge a complaint with the competent data protection authority, including the CNIL in France, if they believe that their rights have not been respected.

10. Cookies and Tracking Technologies

The website may use cookies or similar technologies to ensure proper operation, improve user experience, measure audience and, where applicable, support marketing or advertising features.

Some cookies may be strictly necessary for the website to function and do not require consent. Other cookies, such as analytics, advertising or social media cookies, may require prior consent.

Users must be able to accept, refuse or manage cookies where required by applicable law. The CNIL states that certain trackers require prior consent, while others may be exempt depending on their purpose and configuration.

11. Security

The publisher takes reasonable technical and organizational measures to protect personal data against unauthorized access, loss, misuse, alteration or disclosure.

However, no website or online service can guarantee absolute security. Users are responsible for keeping their own account credentials and devices secure.

12. No Collection of Medical Data

VitalCode provides educational digital content and does not provide medical diagnosis, medical treatment or personalized healthcare follow-up.

Users should not submit sensitive health information, medical files, diagnoses, prescriptions or treatment details through the website or by email. If such information is sent voluntarily, the publisher may delete it when it is not necessary for the operation of the service.

13. Changes to this Privacy Policy

This Privacy Policy may be updated from time to time to reflect changes in the website, services, legal requirements or technical providers.

Users are encouraged to review this page regularly.

14. Contact

For any question regarding this Privacy Policy or the processing of personal data, users may contact:

contact@vitalcode.healthcare