Privacy.
In plain words.
We collect the minimum data we need to reserve your ring, ship it to you, and keep you informed. We do not sell your data. We do not use it for advertising.
01 Who is responsible for your data
The data controller is Victor Nicolas Jean Bocquillon, trading as VICTORPRO, 2 rue du Château, 92200 Neuilly-sur-Seine, France. SIRET 991 954 777 00017, VAT FR82991954777.
For any question about your personal data, or to exercise your rights under the European General Data Protection Regulation (GDPR), write to hello@usemumble.com. We reply within 30 days, as required by law, and usually within 3 business days.
02 What we collect, and why
Depending on how you interact with Mumble, we collect different categories of data.
| Data | When we collect it | Why |
|---|---|---|
| Email address | When you join the free waitlist | To email you updates on the project and notify you when the Kickstarter opens |
| Email, name, billing and shipping address | When you place a €99 deposit | To process your payment, issue an invoice, honor a refund, and ship your ring when ready |
| Payment details (card number, CVC) | When you place a deposit | Processed directly by Stripe — we never see or store your card number |
| Company name, role, phone number | When you book a team sales call | To contact you about a team pilot and prepare a commercial proposal |
| IP address, browser type, page views | When you visit the website | Basic traffic analytics (aggregated, no personal tracking) and security |
03 Legal basis for processing
Under GDPR, every use of your data must rest on a legal basis. Here are ours:
- Performance of a contract — when you place a deposit, we process your data to reserve and eventually ship your ring. This is contractual necessity.
- Consent — when you join the free waitlist, you consent to receive project updates by email. You may withdraw this consent at any time.
- Legitimate interest — for basic security, fraud prevention and aggregated site analytics. We balance this against your privacy and minimize data collected.
- Legal obligation — we are required by French law to keep accounting and tax records for up to 10 years.
04 Who we share your data with
We only share your data with service providers strictly necessary to run Mumble. Each of them is GDPR-compliant and bound by a data processing agreement.
| Service | Purpose | Location |
|---|---|---|
| Stripe | Payment processing, invoicing, refunds | EU (Ireland) + US |
| Tally | Waitlist form collection | EU (Belgium) |
| Netlify | Website hosting, server logs | US |
| Email provider | Project updates, transactional emails | EU |
| Cal.com | Booking team sales calls | EU (Germany) |
We do not sell, rent or trade your personal data to third parties for marketing purposes. Period.
Some of our providers (notably Netlify) process data in the United States. These transfers are covered by the EU-US Data Privacy Framework and Standard Contractual Clauses, as required by GDPR.
05 How long we keep your data
- Waitlist emails — until you unsubscribe, or 3 years after your last interaction with us, whichever comes first.
- Deposit and order records — 10 years, as required by French accounting and tax law.
- Payment data — retained by Stripe according to their own retention policy. We never store card numbers ourselves.
- Website analytics logs — 12 months maximum, then deleted or anonymized.
- Refund correspondence — 3 years after the refund, for dispute resolution.
06 Your rights
Under GDPR, you have the following rights regarding your personal data. To exercise any of them, email hello@usemumble.com from the address we have on file.
- Right of access — request a copy of the data we hold on you
- Right of rectification — correct inaccurate or outdated data
- Right of erasure — ask us to delete your data, subject to legal retention obligations
- Right to object — object to our use of your data for legitimate interest processing
- Right to restrict processing — pause our use of your data while a dispute is resolved
- Right to data portability — receive your data in a structured, machine-readable format
- Right to withdraw consent — unsubscribe from emails, with a one-click link at the bottom of every message
- Right to lodge a complaint — if you believe we are mishandling your data, you may complain to the French data protection authority, the CNIL
07 Cookies
Mumble uses no third-party tracking cookies. No Facebook Pixel. No Google Analytics. No advertising cookies.
We use only strictly necessary cookies — for example, to remember your consent preferences if and when a cookie banner is shown. These require no consent under the ePrivacy Directive.
If we later add privacy-respecting analytics (such as Plausible or Simple Analytics), we will update this policy and notify you if you are on our waitlist.
08 Security
We take reasonable technical and organizational measures to protect your data, including HTTPS encryption site-wide, limited access to customer data (single-operator business), and use of established GDPR-compliant processors.
In the unlikely event of a data breach affecting your personal information, we will notify you and the CNIL within 72 hours of becoming aware of the breach, as required by GDPR.
09 Children
Mumble is not intended for minors. We do not knowingly collect data from anyone under 16. If you believe a minor has provided us with personal data, contact hello@usemumble.com and we will delete the information.
10 Changes to this policy
As the Mumble project evolves — new tools, new providers, new features — this policy will evolve with it. We will post the updated version here and, if the changes are material, notify waitlist subscribers by email. The date at the top of the page always reflects the most recent update.
Anything about your data, or about this policy:
hello@usemumble.com
Reply within 3 business days. For formal GDPR requests, up to 30 days, as allowed by law.