πŸ‡«πŸ‡· Hosted in France πŸ‡ͺπŸ‡Ί GDPR Compliant πŸ”’ No US Data Transfers

Security & GDPR Compliance

CountHub is built from the ground up for European privacy standards. 100% EU infrastructure, cookie-free analytics, and no data transfers outside the EU.

EU flag icon EU Data Residency

Hosted in France

All CountHub infrastructure is hosted on French cloud infrastructure in Paris data centers. Your data never leaves the European Union.

  • Database: France
  • Application servers: France
  • Data storage: France
Globe icon

Paris, France

EU Data Center

EU flag icon

Lock icon No US Data Transfers

Unlike many SaaS tools that rely on US infrastructure, CountHub keeps all data within the EU. This simplifies your GDPR compliance significantly.

❌ Typical US-Hosted Timer

EU Subscriber β†’ US Server β†’ Timer Rendered

Requires Standard Contractual Clauses (SCCs), privacy impact assessments, and potentially explicit consent.

βœ… CountHub (EU-Hosted)

EU Subscriber β†’ France Server β†’ Timer Rendered

No cross-border transfers, no SCCs required, simplified GDPR compliance.

Checkmark icon Cookie-Free Analytics

CountHub's view analytics are completely cookie-free. We track countdown views without storing any cookies or requiring consent banners.

How It Works

  • Each countdown view is logged server-side
  • We record the timestamp and countdown ID only
  • No personal data is stored for analytics
  • No tracking across sessions or devices
  • No consent banner required

Note: Our marketing website uses Plausible Analytics, which is also privacy-focused and doesn't use cookies.

Checkmark icon No Cookies Required

Analytics icon Data Processing Practices

What We Collect

  • Account information (email, name)
  • Countdown configurations
  • View counts (aggregate only)
  • Payment information (via Stripe)

What We Don't Collect

  • Subscriber email addresses
  • Subscriber personal data
  • Tracking cookies
  • Browsing history

Data Retention

  • Account data: Until deletion
  • Countdown data: Until deleted
  • View analytics: 2 years
  • Server logs: 30 days

Third Parties

  • Stripe (EU): Payments
  • French cloud (FR): Infrastructure
  • Plausible (EU): Website analytics
  • No US-based subprocessors

Lock icon Security Measures

Lock icon

Encryption in Transit

All traffic encrypted via TLS 1.3

Lock icon

Encryption at Rest

Database encrypted with AES-256

Lock icon

Secure Authentication

bcrypt password hashing, JWT tokens

Target icon

Input Validation

Protection against SQL injection, XSS

Lightning bolt icon

Rate Limiting

Protection against abuse and DDoS

Analytics icon

Access Logging

Complete audit trail of access

Briefcase icon Data Processing Agreement

For business customers requiring a formal Data Processing Agreement (DPA), we provide a comprehensive document covering all GDPR requirements.

DPA Includes

  • Subject matter and duration of processing
  • Nature and purpose of processing
  • Types of personal data
  • Categories of data subjects
  • Subprocessor list
  • Technical and organizational measures
  • Data breach notification procedures
Request DPA

Checkmark icon Your Rights

Under GDPR, you have specific rights regarding your personal data. CountHub makes it easy to exercise these rights.

Right to Access

Request a copy of all data we hold about you

Right to Rectification

Correct any inaccurate personal data

Right to Erasure

Request deletion of your account and data

Right to Portability

Export your data in machine-readable format

To exercise any of these rights, contact us at privacy@counthub.io

Ready for GDPR-Compliant Countdowns?

Join European businesses using CountHub for worry-free email marketing.

Get Started with CountHub

€9/month β€’ EU hosted β€’ No US data transfers β€’ Cookie-free