Listar
Back to trust center

🔐 Infrastructure & security

Security Documentation

Technical and organizational measures put in place by Listar to ensure the security, confidentiality and availability of your data.

Last updated: February 24, 2025 — Hosting: European Union

ℹ️
This page only presents security measures documented and confirmed in our official Privacy Policy. We do not claim certifications or measures we cannot justify.

🔒 Encryption & in-transit security

In-transit encryption (HTTPS/TLS)

All communications between your browser, the Chrome extension and Listar servers are encrypted. Data never travels over the internet in plain text.

HTTPSTLS

Password encryption

User passwords are never stored in plain text. They are protected by a robust hashing algorithm before any database write.

bcrypt

🔑 Access management & confidentiality

Need-to-know principle

Access to user personal data is strictly limited to Listar team members who need it to operate the service.

Monitoring & logging

Platform access is monitored and logged. Connection logs are kept for 12 months in accordance with French regulations.

Logs 12 months

☁️ Infrastructure & data location

Hosting within the European Union

Our servers are hosted at Amazon Web Services EMEA SARL (Luxembourg, EU — SIREN 831 001 334). No user data is stored outside the EEA, except data processed by our sub-processors Stripe, Mailjet and Google (covered by appropriate contractual safeguards).

🧩 Chrome extension security

Triggered only on explicit action

The Chrome extension does not collect any data in the background. Processing is triggered only when you click the Listar button on a LinkedIn or Facebook page.

Secure authentication token

The authentication token is stored locally in the browser to maintain your session. It is automatically removed on logout or extension uninstall.

📅 Retention durations

Data typeRetention duration
User account dataAccount lifetime + 30 days after closure
Billing data10 years (legal accounting requirement)
Connection logs12 months (regulatory requirement)
Search historyUser account lifetime
Authentication token (extension)Removed on logout or uninstall
Customer data submitted for enrichment90 days max, then automatic deletion

Report a vulnerability or ask a question

For any security question or to responsibly report a vulnerability, contact our DPO.

🔐 dpo@listar.fr