Privacy Policy

Last updated May 23, 2026

1. Data Controller

Personal data collected through the Meliflo service is processed by:

Meliflo SAS (registration in progress)
Kerignen, Pont-Scorff, Brittany 56620, France
contact@meliflo.com

2. Data We Collect

We collect the following categories of data:

  • Account data: name, email address, phone number.
  • Location data: GPS coordinates of apiaries entered when configuring your devices. This data is linked to physical locations (apiaries) and may allow identification of a place of operation.
  • IoT data: sensor readings transmitted by your devices (temperature, humidity, activity signals, alerts, etc.).
  • Payment data: processed directly by our payment provider Stripe — we do not store your card details.

3. Purposes and Legal Basis

  • Account management and service access — performance of contract (Art. 6(1)(b) GDPR).
  • Sending alerts and notifications (email, SMS) — performance of contract (Art. 6(1)(b) GDPR).
  • Internal service analytics — legitimate interest (Art. 6(1)(f) GDPR). Analytics are strictly internal: we never sell or share your data with third parties.
  • Billing — performance of contract and legal obligation (Art. 6(1)(b) and (c) GDPR).

4. Sub-processors

Some of your data is passed to the following sub-processors:

  • Resend (Resend Inc., United States) — transactional email delivery.
  • Twilio (Twilio Inc., United States) — SMS notifications and verification.
  • Stripe (Stripe Payments Europe, Ltd., Ireland) — payment processing.

All sub-processors are bound by confidentiality and security obligations. Transfers of data outside the European Union are governed by Standard Contractual Clauses (SCCs) approved by the European Commission.

5. Data Retention

  • Account data: for the duration of the account, then 5 years after closure (French commercial limitation period).
  • IoT and location data: 3 rolling years from the date of collection.
  • Billing data: 10 years (French accounting obligation, Art. L.123-22 of the Commercial Code).

Cookies

We use only a single session cookie, strictly necessary for the operation of the service (keeping you signed in). No advertising, third-party analytics, or tracking cookies are set on your device.

7. Your Rights

Under the General Data Protection Regulation (GDPR, Articles 15–22), you have the following rights:

  • Right of access to your personal data (Art. 15).
  • Right to rectification of inaccurate data (Art. 16).
  • Right to erasure ("right to be forgotten") (Art. 17).
  • Right to restriction of processing (Art. 18).
  • Right to data portability (Art. 20).
  • Right to object to processing (Art. 21).

To exercise any of these rights, contact us at contact@meliflo.com. We will respond within one month.

You also have the right to lodge a complaint with the Commission Nationale de l'Informatique et des Libertés (CNIL)www.cnil.fr.

8. Security

We implement appropriate technical and organisational measures to protect your data against unauthorised access, loss, alteration, or disclosure.

9. Changes to This Policy

We may update this policy at any time. In the event of a material change, you will be notified by email. Continued use of the service after notification constitutes acceptance of the updated policy.