Rayon
Legal
Last update: March 12, 2026
Rayon is operated under the soleil.dev brand and is publicly accessible at rayon.soleil.dev. The data controller is Julien L***. This policy explains what data is processed, why it is processed, and how users can exercise their rights.
Teacher account data: username, password hash, session token hash, and account metadata (creation and update timestamps).
Learning content data: course names/codes and topic planning information managed by teachers.
Student visit analytics: IP addresses are read from request headers and immediately transformed into a salted hash and a readable alias (for example, "Happy Rabbit"). Raw IP addresses are not stored in analytics tables.
Technical data: security and localization cookies are used to maintain teacher sessions and language preferences.
- To authenticate teachers and secure access to their dashboards.
- To render student course calendars.
- To provide course engagement analytics to the owning teacher (daily unique accesses and pseudonymized visitor list).
- To remember language preference for user experience.
Processing for account creation, login, and service delivery is based on contract performance. Processing for security and service analytics is based on legitimate interest in operating, securing, and improving the service.
Essential session cookie: used to keep teachers authenticated in their dashboard, with an expiration currently set to 30 days.
Language preference cookie: used to remember interface language, with an expiration currently set to 12 months.
These cookies are used for core functionality and are not used for cross-site advertising.
Data is accessible only to authorized persons and relevant service processors required to host the application and database. Where legally required, appropriate data processing agreements are maintained with those providers.
Engagement data is stored as daily aggregates. Teacher account and course data are retained while the account is active, then deleted according to operational and legal requirements.
Session records are created with a 30-day expiration window and are removed when expired sessions are encountered during authentication checks.
Passwords are never stored in clear text. Access is restricted to authenticated teachers for their own courses only. Pseudonymization salt is stored server-side.
Service infrastructure may rely on separate processors for application hosting and database hosting. Data processing agreements and safeguards are maintained with each provider where required.
Data subjects may request access, rectification, deletion, restriction, objection, or portability in accordance with applicable law. To submit a request, use the contact listed in the legal mentions page: contact@soleil.dev.
Data subjects may also lodge a complaint with their local supervisory authority.
Rayon is designed for educational use. Teachers are responsible for ensuring that any course content or student-related context they publish complies with local educational and privacy requirements.
This policy may be updated to reflect legal, technical, or operational changes. The "Last update" date at the top of this page indicates the effective version.