Fiomio attaches great importance to protecting your privacy. This policy explains what data we collect, why, and what your rights are, in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act.
Data controller
The data controller is the publisher of the site (see legal notice), reachable at hello@fiomio.io.
Data we collect
- Email address, when you join the waitlist or subscribe to the newsletter.
- City and approximate location, auto-detected from your IP and editable, or chosen by you, so we can tailor the newsletter to your local climate and season. Stored alongside your email only if you subscribe.
- Anonymous diagnostic data, your answers (skin type, concerns, chosen actives, city, season) and the actives we recommend are stored in anonymized form, without your email and without your IP address, to improve the quality of our recommendation engine.
- Anonymous feedback, whether a recommendation felt right, stored without any identifier.
- Cookieless audience measurement, aggregate visit statistics that use no cookies and do not identify you.
Purposes and legal basis
- Sending you early access and the seasonal newsletter, legal basis: your consent (given when you sign up).
- Improving our recommendation engine from anonymized diagnostic and feedback data, legitimate interest.
- Producing aggregated, anonymized market insights and reports that may be shared or sold to skincare brands, legitimate interest. These contain no individual data and never identify you.
Recipients and processors
Your personal data is never sold. We rely on the following processors, bound to protect it under the GDPR:
- Brevo, storing contacts and sending emails.
- Vercel, hosting and cookieless analytics.
- Supabase, storing the anonymized diagnostic data.
- Open-Meteo, weather and city lookup (no personal data that could identify you is sent).
Brands only ever receive aggregated, anonymized insights, never your personal data.
Retention period
Your email and city are kept until you unsubscribe, then deleted within a reasonable time. Anonymized diagnostic data, being non-identifying, may be kept to improve the service. You can unsubscribe at any time via the link in every email.
Your rights
You have the following rights over your personal data at any time:
- right of access, rectification and erasure;
- right to portability and to restriction of processing;
- right to object and to withdraw your consent.
To exercise them, write to hello@fiomio.io. You may also lodge a complaint with the CNIL (cnil.fr). Note that anonymized data cannot be linked back to you and therefore cannot be individually retrieved.
Cookies
The site uses no advertising cookies and no third-party profiling trackers. Our audience measurement is cookieless. Only elements strictly necessary for the site to function may be used.
Contact
For any question about your data: hello@fiomio.io.