Skip to Content

Privacy Policy

IntroductionIdentity of the Data ControllerData CollectedUse of the DataSharing of Data with Third PartiesData RetentionData SecurityUser RightsCookie PolicyWhatsApp NotificationsGmail Connection and PermissionsPaymentsChanges to the Privacy PolicyContact

Introduction

Last update : November 14,  2025 

This Privacy Policy applies to the Coliflo service, provided by Calidris Sàrl, a company based in Lausanne, Switzerland and active since 2013. It describes how we collect, use, and protect data in the context of our email-automation service powered through WhatsApp.

Identity of the Data Controller

The data controller is: Calidris Sàrl

Chemin des Seytines 10

1264 Saint-Cergue, Suisse

Email : hello@coliflo.com

Data Collected

We collect only the data strictly necessary for the operation of the service:

  • Connected Gmail email address, display name and signature
  • Whatsapp phone number
  • Selected response tone
  • Anonymized statistics (response times, number of processed emails)

We do not collect or permanently store:

  • The content of processed emails (retained for a maximum of 7 days)
  • Attachments
  • Correspondents’ names or email addresses

Use of the Data

The collected data is used to:

  • Provide Coliflo services
  • Personalize generated responses
  • Display a weekly performance report
  • Improve service quality (aggregated statistics)

Sharing of Data with Third Parties

No personal data is sold, rented, or shared with unnecessary third parties. Only the following service providers may access certain technical data, strictly for operational purposes:

  • Google Gemini (anonymized content sent via API)
  • WhatsApp API
  • Infomaniak (secure hosting of sensitive data on ISO 27001-certified servers in Switzerland)

Data Retention

  • Technical data (processed emails, WhatsApp messages): maximum 7 days
  • Aggregated anonymized statistics: unlimited duration
  • User account data: until deletion request or end of service use

Data Security

  • Secure hosting in Switzerland (Infomaniak, ISO 27001)
  • Encrypted Gmail access via AES-256-GCM
  • Restricted data access through secure authentication

User Rights

  • In accordance with the Swiss LPD and the European GDPR, you have the following rights:
    • Access to your personal data
    • Rectification
    • Deletion
    • Portability
    • Restriction or objection to processing
  • To exercise your rights, contact us at: hello@coliflo.com

Cookie Policy

The Coliflo website uses only cookies strictly necessary for platform operation. No advertising or third-party tracking cookies are used without your prior consent. Anonymous cookies may be employed for internal statistical purposes (e.g., visits count, conversion rate). You may disable cookies via your browser settings.

WhatsApp Notifications

By using Coliflo, you agree to receive WhatsApp notifications regarding email processing, proposed responses, or weekly activity summaries. No marketing content will be sent via WhatsApp without your explicit consent. You may request to stop notifications at any time by contacting us.

Gmail Connection and Permissions

To operate, Coliflo requires authorization to access your Gmail inbox via Google's secure OAuth2 protocol. When connecting, you agree to grant us limited access to the following scopes: gmail.readonly and gmail.send, allowing:

  • Reading your incoming emails
  • Sending automatically generated replies

We do not have access to:

  • Your drafts
  • Deleting or modifying your emails
  • Your full Gmail history

These permissions can be revoked at any time from your Google account dashboard:

https://myaccount.google.com/permissions

Coliflo is Google-certified and complies with Gmail ecosystem security standards.

You may request full deletion of your data at any time by emailing hello@coliflo.com. We will respond within a maximum of 14 days.

Payments

Payments related to the use of the Coliflo service are processed through Stripe, integrated into our Odoo infrastructure. We do not collect or store your credit card information directly. All transactions are secured and processed in accordance with PCI-DSS (Payment Card Industry Data Security Standard) by Stripe. For more information, you may consult Stripe’s Privacy Policy: 🔗 https://stripe.com/privacy

Changes to the Privacy Policy

This policy may be updated at any time. In case of major changes, you will be notified by email or via WhatsApp.

Contact

For any questions regarding data privacy:

Calidris Sàrl – Service Coliflo

hello@coliflo.com

1264 Saint-Cergue, Suisse