Privacy Policy

Folio Studio is an online service that allows authors to import markdown files and export them as formatted books. This service is operated by Adrien Maillard, France.

For any questions regarding your personal data, contact us at: contact@foliostudio.app

Folio Studio only collects data necessary for the service to function:

• –Email address and full name (at registration)
• –Content of the projects and chapters you create and import
• –Payment data (processed by Stripe; Folio Studio never stores your bank details)
• –Technical data: IP address, browser type, access logs

Your data is used exclusively to:

• –Authenticate you and secure your account
• –Store and display your projects and chapters
• –Generate your exports (epub, PDF, docx)
• –Manage your Pro subscription via Stripe
• –Send you service-related emails (confirmation, payment receipt)

We never sell, rent or share your data with third parties for commercial purposes.

Folio Studio uses the following services:

• –Supabase (database and authentication) · EU hosting
• –Vercel (application hosting) · EU hosting available
• –Stripe (payments) · PCI DSS compliant
• –Resend (transactional emails)
• –Google (Google Analytics 4 and, later, Google Ads) for audience measurement and to evaluate our acquisition campaigns. This processing only happens with your prior consent (see Cookies section).
• –Sentry (application error monitoring) to detect and fix bugs. No personal data is intentionally sent; reports are anonymised as much as possible.

Your data is retained for as long as your account is active. If you delete your account, all your data will be deleted within 30 days, unless required by law.

To benefit from student pricing on student.foliostudio.app, you may submit a proof of enrollment. This processing is voluntary and only affects access to the reduced pricing.

• –Data collected: photo (or PDF) of your student card or enrollment certificate, and the name of your institution.
• –Purpose: verify your student status to apply the reduced pricing. No other use. No cross-referencing with other data.
• –Document retention: the card file is permanently deleted from our Supabase storage as soon as the validation or refusal decision is made(typically within 48 business hours). Only the status ("verified until {date}") and an internal log of the decision are kept for the duration of validity (1 year).
• –Access: only the Folio Studio administrator reviews the document, via an internal backoffice. No sharing with any third party, no use to train an AI model.
• –Recommendation: you can mask your student number and ID photo before upload. Only the name of your institution and the expiration date are necessary for verification.
• –Right to object: you can opt out of verification at any time (you keep access to the free plan) or request early deletion of the document if it is still in the queue, by writing to contact@foliostudio.app.

In accordance with the General Data Protection Regulation (GDPR), you have the following rights:

• –Right of access to your personal data
• –Right of rectification
• –Right to erasure ("right to be forgotten")
• –Right to data portability
• –Right to object to processing

To exercise these rights, contact us at contact@foliostudio.app. You also have the right to lodge a complaint with your national data protection authority.

Folio Studio uses three categories of cookies and identifiers. On your first visit, a banner lets you accept, reject or customise your choice. Until you make a decision, only strictly necessary cookies are active. You can change your choice at any time via the"Manage cookies" link at the bottom of every page.

Category 1 · Strictly necessary (always on)

• –Supabase authentication session (secure cookie, expires at sign-out or after 7 days of inactivity).
• –Language preference (cookie NEXT_LOCALE, 1 year).
• –Memory of your consent choice (cookie _fs_consent, 13 months, can be deleted from "Manage cookies").

Category 2 · Audience measurement (opt-in)

• –Google Analytics 4: helps us understand which pages perform well and improve the product. No data is shared with third parties for advertising. Aggregated data retention: 14 months on Google's side.

Category 3 · Marketing and advertising (opt-in)

• –Ad click identifiers: gclid (Google Ads), fbclid (Meta),ttclid (TikTok). Captured when you land on the site and associated with an anonymous session (stored 90 days in localStorage and via a HttpOnly cookiefolio_attr_session_id).
• –UTM parameters (utm_source, utm_medium, utm_campaign, etc.): captured under the same conditions for attribution purposes.
• –Google advertising mode (Consent Mode v2: ad_storage, ad_user_data,ad_personalization): only enabled if you accept this category.
• –If you later sign up, this anonymous session is linked to your account to measure the effectiveness of our acquisition campaigns. Matching conversions may be reported back to Google Ads for measurement (without ad personalisation).

Retention durations

• –Consent cookie (_fs_consent): 13 months (CNIL recommendation).
• –Advertising attribution cookie (folio_attr_session_id): 90 days.
• –Consent log in database: kept as long as your account exists (CNIL audit).
• –Account-linked attribution data: deleted with the account; anonymous attribution data (unlinked): automatically deleted after 24 months of inactivity.

If you reject categories 2 and 3, the site remains fully functional. Your visits are not measured and we cannot evaluate the effectiveness of our advertising campaigns on you.

This policy may be updated. In the event of a substantial change, you will be notified by email. Continued use of the service after notification constitutes acceptance. A change in cookie purposes triggers a new consent banner.