Privacy Policy
Last updated: 15 May 2026
IEM Manager (the "App") is published by The Color Of Sound Compagnie, a French limited liability company (SARL). This Privacy Policy explains what personal data we collect, why we collect it, where it is processed, and what rights you have under the European General Data Protection Regulation (GDPR) and applicable French law.
1. Data controller
The data controller for personal data processed through the App is:
- The Color Of Sound Compagnie, SARL
- 11bis Rue Adam Ledoux, 92400 Courbevoie, France
- SIRET: 502 783 699 00015 · RCS Nanterre 502 783 699
- VAT: FR42502783699
- Contact: contact@thecolorofsound.fr
2. Data we collect
The App collects only the personal data strictly necessary to provide its features:
2.1 Account data
- Your email address and display name, obtained through Sign in with Apple (iOS) or Sign in with Google (Android).
- A unique user identifier generated by Firebase Authentication.
2.2 Production data you create
- Projects, equipment lists, team members, workdays, scan events, and assignments that you actively enter into the App.
- Optional contact information (phone numbers, emails) you choose to enter for crew members on your team. This data is used solely for in-app contact actions.
2.3 Subscription data
- A purchase token and your subscription status (active, expired, in trial) provided by RevenueCat in connection with your Apple ID or Google account.
- We do not receive, store, or process your payment card details. All payment processing is handled exclusively by Apple App Store or Google Play.
2.4 What we do NOT collect
The App does not collect device identifiers for advertising, location data, browsing history, contacts from your phone book, photos, microphone recordings, or any biometric data. We do not embed any advertising or analytics SDK.
3. Why we collect this data (purposes and legal basis)
Each category of data is processed for a specific purpose and on a specific legal basis under GDPR article 6:
- Account creation and authentication — performance of the contract (Art. 6(1)(b)).
- Storing and syncing your production data — performance of the contract.
- Managing your subscription and trial — performance of the contract.
- Customer support, when you contact us — performance of the contract and our legitimate interest in providing support (Art. 6(1)(f)).
- Complying with legal obligations (tax records, requests from public authorities) — Art. 6(1)(c).
4. Sub-processors and international transfers
To operate the App, we rely on the following sub-processors. Some of these process data outside the European Economic Area (EEA), in particular in the United States. Such transfers are governed by the European Commission's Standard Contractual Clauses (SCC) as required by GDPR articles 44 to 50.
- Google Ireland Limited / Google LLC — Firebase Authentication, Cloud Firestore, Cloud Functions. Primary processing in EU data centers. Sub-processing may occur in the USA under SCC. (Google's privacy documentation)
- RevenueCat, Inc. — subscription state management (purchase tokens, entitlement status). Processing in the USA under SCC. (RevenueCat privacy policy)
- Apple Inc. / Apple Distribution International Ltd — Sign in with Apple, App Store billing. Apple acts as an independent controller for payment processing.
- Google LLC — Sign in with Google, Google Play billing. Google acts as an independent controller for payment processing.
- Netlify, Inc. — hosting of this website (not the App backend). Servers in the USA under SCC.
5. On-device processing
The App scans QR codes and barcodes using the following technologies, which run entirely on your device. Scanned images and frames are never transmitted to us or to any third party:
- iOS: Apple's AVFoundation framework (native, fully on-device).
- Android: Google ML Kit Barcode Scanning. The barcode detection model runs entirely on your device. Google may collect anonymized aggregated metadata about the SDK's usage (number of invocations, SDK version), which Google publishes under its own privacy policy.
6. Where your data is stored
Your production data is stored in Google Firestore, in regional Google Cloud data centers. Some data is cached locally on your device for offline use; this local cache is removed when you uninstall the App.
7. Who can see your data
Each project's data is visible only to the project creator and the team members the creator has invited and who have accepted the invitation. Access is enforced at the database level by Firestore Security Rules. We, the publisher, do not access your project data except as strictly necessary to provide support when you request it.
8. How long we keep your data
- Account and project data — retained for as long as you maintain an active account.
- Inactive accounts — accounts with no login activity for 36 consecutive months may be deleted after notice.
- Subscription records — retained for the duration of the legal accounting obligations (10 years for accounting records, per French commercial law).
- Support correspondence — retained for 3 years from our last contact.
You can delete a project at any time from the App, which removes all of its associated data. To delete your entire account and all associated data, write to contact@thecolorofsound.fr — we will process the request within 30 days as required by GDPR.
9. Your rights under GDPR
If you reside in the European Union, you have the following rights:
- Right of access — obtain a copy of the personal data we hold about you.
- Right to rectification — correct inaccurate or incomplete data.
- Right to erasure ("right to be forgotten").
- Right to restriction of processing.
- Right to object to processing based on legitimate interest.
- Right to data portability — receive your data in a structured, machine-readable format.
- Right to withdraw consent, where processing is based on consent.
- Right to lodge a complaint with the French data protection authority (CNIL) — www.cnil.fr.
To exercise any of these rights, write to contact@thecolorofsound.fr. We may ask you to confirm your identity before responding, and we will reply within one month.
10. Security
We implement appropriate technical and organizational measures to protect your data: HTTPS/TLS encryption for all data in transit, encryption at rest by our sub-processors, access control via Firebase Authentication, server-side authorization via Firestore Security Rules, and the principle of least privilege for administrative access.
11. Children
IEM Manager is a professional tool intended for use by adults working in audio production. It is not directed at children. We do not knowingly collect data from individuals under the age of 16. If you believe a child has provided us with personal data, please contact us so we can delete it.
12. Cookies on this website
This website (thecolorofsound.fr) does not use cookies, analytics, or tracking technologies of any kind.
13. Changes to this policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top will reflect the latest revision. Material changes will be communicated through the App and on this page.
14. Contact
For any privacy-related question or to exercise your rights, please write to:
contact@thecolorofsound.fr