Privacy Policy
Last updated: March 2026
Mazylon SAS is committed to protecting your personal data in full compliance with the General Data Protection Regulation (GDPR). This policy explains what data we collect, how we use it, and what rights you have.
1. Data Controller
Mazylon SAS ('we', 'our', 'Mel') is the data controller for personal data processed through the Mel platform. We are registered in France and are committed to full compliance with the General Data Protection Regulation (GDPR — Regulation EU 2016/679). Contact: contact@mazylon.com
2. Data We Collect
We collect the following categories of data: (a) Account data — name, professional email, company name, role; (b) Usage data — features accessed, campaign performance, session logs; (c) Prospect data — professional contact information of B2B prospects sourced via our platform (company name, professional email, LinkedIn profile, job title); (d) Payment data — processed securely via Stripe (we do not store card details); (e) Communication data — emails and messages sent through the platform.
3. How We Use Your Data
We use your data to: provide and improve the Service; process your subscription and billing; send transactional emails and platform notifications; analyze usage to optimize features; comply with legal obligations; and conduct anonymized aggregate analytics. We do not sell your personal data to any third party.
4. Legal Basis for Processing
We process your personal data on the following legal bases: (a) Contract performance — to deliver the Service you subscribed to; (b) Legitimate interest — to improve the platform, detect fraud, and ensure security; (c) Consent — for marketing communications and optional cookies; (d) Legal obligation — for tax records, fraud prevention, and regulatory compliance.
5. Data Sharing & Third Parties
We share data only with trusted sub-processors necessary to operate the Service, including: Stripe (payment processing), AWS cloud infrastructure, email delivery services, and CRM integration partners. All sub-processors are contractually bound to GDPR-compliant data processing terms. We do not transfer data outside the EU/EEA without appropriate safeguards.
6. Data Retention
We retain your account data for the duration of your subscription plus 12 months, unless a longer retention period is required by law. Campaign and prospect data are retained for the duration of your subscription. Payment records are retained for 10 years in compliance with French accounting law. You may request deletion of your data at any time.
7. Your Rights (GDPR)
Under GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure ('right to be forgotten'); restrict processing; data portability; and object to processing based on legitimate interest. To exercise any of these rights, please contact us at contact@mazylon.com. You also have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés).
8. Cookies & Tracking
We use strictly necessary cookies for authentication and session management, as well as optional analytics cookies (with your consent) to improve the user experience. You can manage your cookie preferences at any time through your browser settings or our cookie consent banner.
9. Data Security
We implement industry-standard security measures including TLS encryption in transit, AES-256 encryption at rest, role-based access controls, regular security audits, and vulnerability monitoring. In the event of a data breach, we will notify affected users and the CNIL within the legally required timeframes.
10. Contact & DPO
For any privacy-related inquiries, data subject requests, or to contact our Data Protection Officer, please write to: contact@mazylon.com — Mazylon SAS, Paris, France. We aim to respond to all requests within 30 days.