Privacy Policy
In force as of 27 April 2026 — In accordance with EU Regulation 2016/679 (GDPR).
1. Data controller
The data controller for data collected on futurmoi.fr is:
- NDA Conseil (SASU)
- 5 allée des volubilis, 26000 Valence, France
- SIRET: 94443059400019
- Contact: contact[at]nda-conseil.com
2. Data Protection Officer (DPO)
NDA Conseil does not meet the criteria for mandatory DPO designation (Article 37 GDPR). For any questions regarding the protection of your data, you may contact the data controller directly at: contact[at]nda-conseil.com.
3. Data collected and purposes
FuturMoi only collects data strictly necessary for providing the service. The table below details each processing activity:
Minimum age: The FuturMoi service is reserved for persons aged 15 and over. FuturMoi does not knowingly collect personal data from persons under 15. If we learn that such collection has taken place, the relevant data will be deleted immediately.
| Data | Purpose | Legal basis (GDPR) | Retention period |
|---|---|---|---|
| Email address | Capsule validation, sending on the chosen date, email change | Contract performance (Art. 6.1.b) | Until send date + 30 days, then permanent deletion |
| Email address (paid capsule — accounting record) | Accounting record of the transaction | Legal obligation (Art. 6.1.c GDPR — accounting law) | 10 years from the transaction date |
| First name or nickname | Personalisation of the capsule and delivery email | Contract performance (Art. 6.1.b) | Until send date + 30 days, then permanent deletion |
| Text message | Main content of the time capsule | Contract performance (Art. 6.1.b) | Until send date + 30 days, then permanent deletion |
| Attachments (photo, voice, video) | Enriching the capsule | Contract performance (Art. 6.1.b) | Download link active for 15 days after sending. After that, archiving on separate servers for 1 year (recovery possible on request, with recovery fee). Permanent deletion after this year. |
| Technical session identifier | Website operation (navigation, CSRF forms) | Legitimate interest (Art. 6.1.f) | Duration of the session, deleted when browser is closed |
| Payment data | Billing for paid capsules (via Stripe) | Contract performance (Art. 6.1.b) | Managed by Stripe — see Stripe policy. FuturMoi retains the transaction ID and associated email for 10 years (legal accounting obligation). |
| Navigation statistics | Audience measurement (Matomo, self-hosted) | Legitimate interest (Art. 6.1.f) — CNIL exemption | Maximum 13 months |
4. Data "in hibernation" — FuturMoi's unique feature
🔒 FuturMoi's founding principle: The user deliberately chooses to put their data on hold until a future date they have set themselves (up to 10 years). This "voluntary hibernation" is the very essence of the service.
In practice:
- During the waiting phase: data (message, email, first name, attachments) is stored securely and encrypted on FuturMoi's servers. It is neither accessed nor used for any purpose other than future delivery.
- The user freely accepts this hibernation by confirming their capsule with the email code. They cannot "re-read" their message on the website — that's the principle of surprise.
- After delivery: the message, email, and first name are permanently deleted from the servers within 30 days. This period allows the user to share their experience on the platform.
- Attachments: the download link remains active for 15 days after sending. After that, files are archived on separate servers and can be recovered on request for 1 year, subject to a flat recovery fee of €15.00 incl. VAT (see Pricing). After this year, attachments are permanently deleted.
- Without user action within 30 days of delivery, data associated with the message is automatically and permanently erased.
This storage is not imposed on the user — they initiated it. The hibernation period is entirely chosen by them, up to 10 years.
5. Data recipients
Personal data is never sold or rented to third parties. It may be shared only with the following processors, strictly for service delivery purposes:
- Hosting provider (OVH): data storage on secure servers
- SMTP email provider (Brevo): sending validation and delivery emails
- Stripe (Stripe Inc. / Stripe Payments Europe): secure payment processing for paid capsules — banking data never passes through FuturMoi's servers
Each processor is bound to FuturMoi by contractual clauses guaranteeing data confidentiality.
In the event of non-targeted advertising inserted at the end of a capsule, no personal data (email, first name) is transmitted to the advertiser.
6. Transfers outside the European Union
FuturMoi strives to process data within the European Union. Stripe, as a US company, relies on appropriate safeguards (EU Commission Standard Contractual Clauses) for data transfers to the United States.
7. Security
FuturMoi implements appropriate technical and organisational measures to protect your data against any loss, unauthorised access, disclosure, or alteration, including:
- HTTPS (TLS) connection across the entire site
- Parameterised SQL queries (protection against injection attacks)
- CSRF tokens on all forms
- Anti-bot protection (ALTCHA)
- Data access restricted to authorised operators only
- Regular backups with restoration tests
8. Your rights (GDPR)
Under the GDPR, you have the following rights:
- Right of access (Art. 15): obtain confirmation that your data is being processed and receive a copy
- Right to rectification (Art. 16): correct inaccurate or incomplete data
- Right to erasure (Art. 17): request deletion of your data where retention is no longer necessary
- Right to restriction (Art. 18): obtain temporary suspension of processing
- Right to data portability (Art. 20): receive your data in a structured, machine-readable format
- Right to object (Art. 21): object to processing based on legitimate interest
To exercise these rights, contact us at: contact[at]nda-conseil.com, stating your request and the email address used when creating your capsule.
We respond within 30 days (extendable to 3 months for complex or multiple requests).
9. Post-mortem directives
In accordance with applicable data protection law, you may define directives concerning what happens to your data after your death (storage, erasure, communication). To do so, contact us at contact[at]nda-conseil.com.
In the absence of directives, heirs may request the destruction of data or access to it as part of a succession.
10. Audience measurement — Matomo
FuturMoi uses Matomo, an open-source audience measurement tool that is self-hosted (on a server located within the EU). Matomo is configured in accordance with CNIL recommendations:
- Anonymisation of the last part of the IP address before storage
- No tracking cookies deposited on your device
- Data not shared with third parties
This configuration means that FuturMoi benefits from an exemption from consent for audience measurement, in accordance with applicable supervisory authority guidance.
11. Cookies
FuturMoi uses no advertising, tracking, or profiling cookies.
A single cookie is stored on your device:
- Session cookie (PHPSESSID): a strictly necessary technical cookie for the website to function (session management, CSRF security, capsule draft). It is deleted when you close your browser. No consent is required for this cookie (ePrivacy Directive, Art. 5.3).
12. Supervisory authority
If you believe that the processing of your personal data does not comply with applicable regulations, you have the right to lodge a complaint with your national data protection authority. In France:
CNIL (Commission Nationale de l'Informatique et des Libertés)
3 Place de Fontenoy — TSA 80715 — 75334 Paris Cedex 07
Tel.: +33 1 53 73 22 22 — www.cnil.fr
You may also contact the data protection authority in your country of residence.
13. Changes to this Privacy Policy
FuturMoi reserves the right to modify this policy at any time. In the event of a material modification, users with an active capsule will be notified by email where possible. The effective date is indicated at the top of this page.
Questions about your data?
Contact us →