Privacy policy
As a french company, we operate under strict european data protection standards to ensure your privacy rights are respected.
Last updated: June 2, 2025
1. Who we are
Our company
Cameon is a service operated by Miweb, registered in France under SIREN 982 737 090.
We are passionate about making link management smarter and safer. If you have any questions, you can always reach us at [email protected].
2. What information we collect into cameon.io (sales website)
Contact forms
When you get in touch with us via a contact or demo form, we collect your name, email, and message.
We only use this to respond to your request and keep it for no longer than 1 year after our last exchange.
Google analytics
Into our website cameon.io, we use Google Analytics to understand how visitors use our pages.
Google places cookies only if you give us your consent. These cookies are kept for a maximum of 14 months. No analytics cookies are used into our application or redirect domains.
3. What information we collect into app.cameon.io (client area)
Client account data
When you sign up, we ask for your first name, last name, and email. You can also upload an avatar if you wish.
Payments are handled entirely by Stripe – we never see or store your bank card. We use this data to create and manage your account.
Authentication & security
We use expiring tokens (max 3 months) to keep you securely logged in.
To prevent fraud, we may temporarily log your IP and browser type for up to 6 months.
4. What information we collect into go.cameon.io (link redirects)
Visitor data
When someone clicks on a smart link or QR code, we process only the essentials:
- Browser language - Country and city derived from the IP (the IP itself is never stored) - Referring domain (only the domain name, never the full URL).
This allows us to redirect users to the right page, measure campaign performance, and support A/B testing.
No cookies, no tracking pixels, no hidden identifiers.
5. Data hosting and transfers
Hosting
Our infrastructure is hosted by Laravel Cloud (EU Central Frankfurt).
Cloudflare stores QR codes and profile images on S3-compatible bucket with EU jurisdiction.
Payments
Stripe processes payment information. They act as an independent controller for payment data.
Transfers to the USA are covered by Standard Contractual Clauses (SCC) and extra safeguards.
6. How long we keep data
Client accounts
We keep your account data for as long as you are a customer, and up to 3 years after in case of disputes or legal needs.
Visitor statistics
We keep statistics for 12 months (up to 24 months if justified).
Authentication tokens
Expire automatically after 3 months.
Invoices
10 years, as required by French law.
Contact requests
1 year after our last exchange.
7. How we protect your data
Encryption
Your data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access controls
Only authorized staff can access personal data, and they are trained in confidentiality and security best practices.
Breach response
If a breach were to occur, we would notify you and the authorities within 72 hours, as GDPR requires.
8. Your rights
Access & portability
You can ask us for a copy of your data in a structured format.
Rectification & erasure
You can ask us to correct or delete your data.
If you delete your account, we remove your personal data within 30 days (except what the law requires us to keep).
Restriction & objection
You can object to certain uses of your data, like analytics based on legitimate interest.
Consent withdrawal
If you gave consent (e.g., for newsletter or analytics cookies), you can withdraw it at any time.
Complaint
You can file a complaint with the CNIL (www.cnil.fr) if you think your rights are not respected.
Questions about our privacy policy?
If you have questions about this privacy policy or how we handle your personal data, our legal and support teams are here to help.