Privacy Policy

Mio Mobile Application

Version of February 26, 2026

Introduction

This Privacy Policy describes how TTT — Thomas Poumarède (hereinafter "the Publisher", "we" or "our") collects, uses, stores and protects the personal data of users (hereinafter "you" or "the User") of the Mio mobile application (hereinafter "the Application"), available on the Apple App Store and Google Play Store.

We are committed to protecting your privacy and processing your personal data in accordance with Regulation (EU) 2016/679 of April 27, 2016 on the protection of natural persons with regard to the processing of personal data (GDPR) and French Law No. 78-17 of January 6, 1978, as amended, relating to information technology, data files and civil liberties.

By using the Application, you acknowledge that you have read this Privacy Policy and consent to the data processing described herein.

Article 1 – Data Controller

The data controller for your personal data is: TTT — Thomas Poumarède Sole proprietor SIRET: 525 331 153 00045 — APE Code: 6201Z Address: 15 Route de Gard-sign, 29840 Porspoder, France Email: contact@getmio.app

For any questions regarding the protection of your personal data, you may contact us at the email address above.

Article 2 – Personal Data Collected

The Application operates without user account creation. You are identified anonymously by a unique technical identifier (UUID) randomly generated when the Application is first launched and securely stored on your device.

We collect different categories of personal data depending on your use of the Application:

2.1 Data collected automatically

Device technical identifier: a unique anonymous identifier (UUID) generated by the Application, stored in the Keychain (iOS) or in encrypted SharedPreferences (Android). This identifier is not linked to your real identity and does not allow us to identify you personally.
Usage data: barcode scan history (barcode scanned, date and time of scan), monthly scan count.
Technical data: device type, operating system and version, Application version, device language.
Connection data (logs): IP address, connection date and time, actions performed. The IP address is used for rate limiting and approximate location detection (country).
Analytics data: Application interaction events (pages viewed, features used, in-app navigation), collected via PostHog (see Article 5).

2.2 Data voluntarily provided by the User

Market preference: the country you select as your reference market (e.g. "France") to contextualize results.
Community contributions: when you report an error or suggest a correction on a product page, we collect the correction type, the proposed country, and any evidence provided (free text, URL, or photographs).
Contribution photographs: if you attach a photo as evidence to a contribution (e.g., photo of a product label), it is uploaded and stored on our servers (see Article 5).
Origin confirmations: when you confirm a product's origin, we record this confirmation associated with your technical identifier.
Beta waitlist email: if you sign up for the beta waitlist via our website, we collect your email address and chosen platform (iOS or Android).

2.3 Data from automated processing

AI-enriched product data: when you scan a barcode, product information (name, brand, barcode) may be sent to an artificial intelligence service (Google Gemini) to search for and aggregate publicly available information about the product's country of manufacture. This processing is fully automated and only involves product data, not your personal data.

2.4 Data not collected

We do not collect:

Your name, surname, or any civil identity element (the Application operates without an account)
Your precise GPS geolocation
Your payment data
The content of your other applications or files
Your contacts, photo gallery, or other personal data not necessary for the Service
Your advertising identifier (IDFA/GAID) — the Application does not display any advertising
Your biometric data — the camera feed is processed locally for barcode detection and is neither recorded nor transmitted

Article 3 – Camera Usage

The Application uses your device's camera exclusively to scan product barcodes. This requires your explicit permission when the Application is first launched.

Technical operation:

The camera video feed is processed locally on your device by native system frameworks (Vision on iOS, ML Kit on Android) to detect and decode barcodes (EAN-8, EAN-13, UPC-E formats).
Only the decoded barcode number (a sequence of 8 or 13 digits) is transmitted to our servers.
The video feed is neither recorded, stored, nor transmitted outside your device.
No image is automatically captured during scanning.

If you revoke camera access permission in your device settings, the scanning feature will no longer be available, but other Application features (history, contributions, profile) will remain accessible.

Article 4 – Purposes and Legal Bases for Processing

Your personal data is processed for the following purposes:

Purpose	Data involved	Legal basis
Service provision (barcode scanning, display of product origin information)	Technical identifier, scanned barcode, technical data	Performance of contract (Terms of Use)
Scan history and monthly quota tracking	Technical identifier, scanned barcodes, timestamps	Performance of contract (Terms of Use)
AI-powered product data enrichment	Product data (barcode, name, brand) — no personal data	Legitimate interest (database improvement)
Community contribution management (corrections, reports)	Technical identifier, correction type, proposed country, evidence (text, URL, photo)	Legitimate interest (collaborative Service improvement)
Contribution gamification (points, badges)	Technical identifier, contribution statistics	Performance of contract (Terms of Use)
Usage statistics and Service improvement	Anonymized interaction events, technical data	Legitimate interest
Security, abuse prevention and rate limiting	IP address, technical identifier	Legitimate interest / Legal obligation
Beta waitlist management	Email address, platform	Consent

Article 5 – Data Recipients and Processors

Your personal data may be shared with the following categories of recipients:

5.1 Technical processors

We use technical service providers to ensure the Application's operation. These processors act solely on our instructions and are contractually required to maintain the confidentiality and security of your data:

Provider	Function	Data location	Safeguards
Render.com (Render Services, Inc.)	Application server and database hosting	European Union (Oregon region for compute, data in the EU)	GDPR-compliant DPA
PostHog, Inc.	Usage analytics and statistics (PostHog EU Cloud)	European Union (Frankfurt, Germany)	EU hosting, GDPR-compliant DPA
Cloudflare, Inc.	Contribution photo storage (Cloudflare R2)	European Union	GDPR-compliant DPA, Standard Contractual Clauses
Brevo (Sendinblue SAS)	Beta waitlist management (email sending)	France	GDPR
Google LLC (Gemini API)	AI processing for product data enrichment	United States	Data Privacy Framework, Standard Contractual Clauses
Langfuse GmbH	AI processing traceability and quality	European Union (Germany)	GDPR
Apple Inc.	Application distribution (App Store)	United States	Data Privacy Framework
Google LLC (Play Store)	Application distribution (Google Play)	United States	Data Privacy Framework

5.2 Product data sources

To provide product origin information, we query public data sources and third-party services:

Open Food Facts (via the MIO API): an open, collaborative database on food products.
Serper (Google Search API): web search to identify publicly available information about product origins. Only product data (name, brand, barcode) is transmitted, never your personal data.
Jina AI (web reading service): text content extraction from public retailer web pages to identify origin information.

5.3 Authorities

We may be required to share your data with administrative or judicial authorities when required by law (legal requisitions, court orders).

5.4 No sale of data

We never sell your personal data to third parties. We do not share your data for third-party commercial prospecting purposes. We do not display any advertising in the Application.

Article 6 – Data Retention Periods

We retain your personal data for the following periods:

Data type	Retention period
Technical identifier (UUID)	As long as the Application is installed on your device
Scan history	2-year rolling window (scans older than 2 years are automatically deleted)
Community contributions	Lifetime of the Service (approved contributions permanently enrich the database)
Contribution photos	Lifetime of the Service (associated with contributions)
Contribution statistics (points, badges)	As long as the technical identifier is active
Technical logs (IP address, connections)	12 months
Beta waitlist email	Until the Application's public launch or upon deletion request
Analytics data (PostHog)	Per PostHog's retention policy (maximum 12 months for raw data)

Upon expiration of these periods, your data is deleted or irreversibly anonymized.

Article 7 – Data Transfers Outside the European Union

Your personal data is primarily hosted on servers located within the European Union.

However, some of our processors are based in the United States. Data transfers to these providers are governed by:

The EU-US Data Privacy Framework (DPF), recognized by the European Commission as providing an adequate level of protection (adequacy decision of July 10, 2023), for certified providers (Google, Apple);
Standard Contractual Clauses adopted by the European Commission, where the DPF does not apply.

Transfer details:

Provider	Country	Transfer mechanism
Google LLC (Gemini API)	United States	Data Privacy Framework + Standard Contractual Clauses
Apple Inc. (App Store)	United States	Data Privacy Framework
Google LLC (Play Store)	United States	Data Privacy Framework
Cloudflare, Inc. (R2)	Data in the EU	No transfer outside the EU
PostHog, Inc. (EU Cloud)	Data in the EU (Frankfurt)	No transfer outside the EU

You may obtain a copy of the appropriate safeguards by contacting us at the address indicated in Article 1.

Article 8 – Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, destruction, or alteration, including:

Encryption of data in transit (HTTPS/TLS) and at rest
Secure storage of the technical identifier: Keychain (iOS) and AES-256 encrypted SharedPreferences (Android)
API key authentication for requests
Strict access controls (principle of least privilege)
Rate limiting to prevent abuse
System access logging and monitoring
Regular security updates
Regular data backups

In the event of a data breach likely to pose a risk to your rights and freedoms, we will notify you as soon as possible in accordance with our legal obligations.

Article 9 – Your Rights

In accordance with the GDPR, you have the following rights regarding your personal data:

9.1 Right of access

You have the right to obtain confirmation as to whether or not your data is being processed and, where it is, to access that data and obtain a copy.

9.2 Right to rectification

You have the right to obtain the rectification of inaccurate data concerning you and to have incomplete data completed.

9.3 Right to erasure ("right to be forgotten")

You have the right to obtain the erasure of your personal data in certain cases provided for by the GDPR (data no longer necessary, withdrawal of consent, objection, unlawful processing).

Deleting your data: Since the Application operates without a user account, you can delete your data in three ways:

From the Application: Profile tab → "Delete my data". This action immediately and permanently deletes all your server data (scan history, contributions, statistics) and resets your local preferences.
From our website: go to https://getmio.app/delete-data, enter your technical identifier and confirm the deletion.
By email: contact us at contact@getmio.app with your technical identifier. We will delete your data within 30 days.

9.4 Right to restriction of processing

You have the right to obtain the restriction of processing of your data in certain cases (accuracy contested, unlawful processing, data needed for legal claims).

9.5 Right to data portability

You have the right to receive the data you have provided to us in a structured, commonly used and machine-readable format, and to transmit it to another data controller.

9.6 Right to object

You have the right to object at any time to the processing of your data based on our legitimate interest, on grounds relating to your particular situation.

9.7 Right to define post-mortem directives

In accordance with French data protection law, you have the right to define directives regarding the retention, erasure and communication of your data after your death.

9.8 Exercising your rights

To exercise your rights, you may:

Contact us by email at contact@getmio.app
Send us a letter to the address indicated in Article 1

We will respond to your request within one (1) month of receipt. This period may be extended by two (2) months depending on the complexity or number of requests.

We may ask you to provide your technical identifier to process your request.

Article 10 – Trackers and Local Storage

The mobile Application does not use cookies in the strict sense (a technology specific to web browsers).

However, we use local storage technologies for the proper functioning of the Service:

Technical identifier (UUID): randomly generated, securely stored on your device, to identify you anonymously and manage your scan quota.
User preferences: selected market (country), onboarding status, Terms of Use acceptance — stored locally on your device.
Local history: list of confirmed products and suggested origins — stored locally on your device.

For usage statistics, we use PostHog EU Cloud, configured to host data in the European Union (Frankfurt, Germany). PostHog collects interaction events (pages viewed, features used) associated with your technical identifier, without placing third-party cookies.

The Application does not participate in advertising tracking. We do not use your device's advertising identifier (IDFA on iOS, GAID on Android) and do not participate in any advertising network.

Article 11 – Protection of Minors

The Application is reserved for persons aged sixteen (16) years and over, in accordance with Article 8 of the GDPR and its transposition into French law.

We do not knowingly collect personal data from minors under 16 years of age. If we discover that data concerning a minor under 16 has been collected, we will delete it as soon as possible.

If you are a parent or guardian and believe that your child has provided us with personal data, please contact us.

Article 12 – Changes to the Privacy Policy

We may modify this Privacy Policy at any time to adapt it to legal, regulatory, or technical developments, or to reflect changes in our practices.

In the event of a substantial modification, we will notify you by in-app notification at least fifteen (15) days before the changes take effect.

The date of the last update is indicated at the top of this document. We encourage you to review this Policy regularly.

Article 13 – Complaint to the Supervisory Authority

If you believe that the processing of your personal data constitutes a violation of the GDPR, you have the right to lodge a complaint with the French Data Protection Authority (CNIL):

CNIL

3 Place de Fontenoy – TSA 80715

75334 Paris Cedex 07

www.cnil.fr

We encourage you, however, to contact us first so that we can attempt to resolve your issue.

Article 14 – Contact

For any questions regarding this Privacy Policy or the processing of your personal data, you may contact us:

By email: contact@getmio.app
By mail: TTT — Thomas Poumarède, 15 Route de Gard-sign, 29840 Porspoder, France
Via the contact form within the Application

Article 15 – Platform-Specific Information

15.1 Apple App Store (iOS)

The Application is distributed via the Apple App Store. Any purchases are managed exclusively by Apple in accordance with its terms of use.
The Application does not collect data within the meaning of Apple's "App Tracking Transparency" feature. We do not request permission to track you via the IDFA.
App Store privacy labels: the information displayed on the App Store listing reflects the practices described in this Policy.

15.2 Google Play Store (Android)

The Application is distributed via the Google Play Store. Any purchases are managed exclusively by Google in accordance with its terms of use.
The Application does not collect Google's advertising identifier (GAID).
Google Play Data Safety section: the information displayed on the Google Play listing reflects the practices described in this Policy.

15.3 Data Types Summary for Store Listings

Data type	Collected	Shared with third parties	Linked to identity	Purpose
Device identifier (anonymous UUID)	Yes	No	No	Service operation
Scan history (barcodes)	Yes	No	No	Service operation
Usage data (analytics)	Yes	Yes (PostHog)	No	Analysis and improvement
Photos (contributions)	Yes (voluntary)	No	No	User content
IP address	Yes (automatic)	No	No	Security
Technical data (OS, app version)	Yes (automatic)	Yes (PostHog)	No	Analysis and diagnostics
Email (beta signup only)	Yes (voluntary)	Yes (Brevo)	Yes	Communication

Article 16 – Effective Date

This Privacy Policy takes effect on February 26, 2026.

---

By using the Mio Application, you acknowledge that you have read and understood this Privacy Policy.