Effective Date: May 28, 2026

This Privacy Policy explains how Rebels collects, uses, and protects your personal data when you purchase or use our desktop applications, licenses, and subscriptions ("Apps"). We process personal data in accordance with the EU General Data Protection Regulation (GDPR).

The data controller responsible for your personal data is:

Rebels
200 rue de la Croix Nivert, 75015 Paris, France
Email: [email protected]

• Account data: your email address, collected through Firebase Authentication (a Google service) to create and secure your account.
• License & usage data: records of your licenses, entitlements, and subscription status, stored on our infrastructure to deliver and manage access to the Apps.
• Organization member data: for organization subscriptions, the organization administrator provides the email addresses of the users granted access. Those emails are processed to provision and manage member access.
• Payment & billing data: handled by Paddle as Merchant of Record. Rebels does not collect or store your full payment card details.
• Technical metadata: such as IP addresses and device information, processed by our subprocessors to secure authentication and prevent abuse.

• To create and authenticate your account;
• To deliver, license, and manage access to the Apps;
• To process purchases and subscriptions (via Paddle);
• To provide support and respond to your requests;
• To send service-related and, where you have not opted out, Rebels-related communications such as updates and newsletters. You can opt out at any time by contacting us.

We process your personal data on the following legal bases:

• Performance of a contract: to provide the Apps, licenses, and subscriptions you purchase;
• Legitimate interests: to secure our services, prevent abuse, and improve the Apps;
• Consent: for optional communications, which you may withdraw at any time;
• Legal obligation: where retention or disclosure is required by law.

We share personal data with the following service providers strictly to operate the Apps:

• Paddle: payment processing and Merchant of Record. See Paddle's Privacy Policy.
• Google / Firebase: authentication. See Google's Privacy Policy and Firebase's Data Privacy and Security Terms.
• Cloudflare: hosting and storage of license and entitlement data. See Cloudflare's Privacy Policy.

We do not sell or rent your personal data. We disclose data to third parties only as described here or as required by law.

Some of our subprocessors may process data outside the European Economic Area. Where this occurs, transfers are protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses.

We retain your personal data for as long as you maintain an account or active license, and thereafter only as long as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Under the GDPR you have the right to access, rectify, erase, restrict, and port your personal data, and to object to certain processing. To exercise these rights, contact us at [email protected].

Personal data is stored using industry-standard security practices, including encryption in transit. Authentication data is stored securely by Google's Firebase infrastructure; license data is stored on Cloudflare infrastructure.

Our website and Apps use only the cookies and tracking technologies necessary for authentication, payment processing, and core functionality, including those set by Firebase and Paddle.

We may update this Privacy Policy from time to time. Changes are effective when posted on this page. Please review it periodically.

For any privacy-related questions, contact us at: [email protected]
Website: https://rebelsproductions.com