Confidentiality policy

1. Role of Meky and Perimeter

‍In the context of the use of our services, Meky SARL acts under two distinct hats:

• As Data Controller: For professional data of restaurant owners (account creation, billing).
• As a Subcontractor: For technical data (IP addresses) of end consumers who scan QR codes in our customers' establishments.

2. Data collected during the consultation of digital menus

‍When an end consumer consults a digital menu via the Meky Application, we automatically collect technical connection data (User Agent), including IP address, browser type and operating system. This data is strictly used to ensure the proper technical functioning of the display (in particular for Augmented Reality) and the security of our servers. These connection logs are only kept for a limited period of 90 days before being automatically deleted.

3. Payment processing

‍Meky uses the secure payment service provider Stripe for the processing of financial transactions. Meky does not collect, process or store your bank card data on its own servers at any time. This information is transmitted in an encrypted and direct manner to Stripe, which acts in accordance with PCI-DSS standards.

4. Artificial intelligence and the use of photographs

‍In accordance with the guidelines of the Federal Data Protection and Transparency Officer (PFPDT) relating to Artificial Intelligence, we are fully transparent about our algorithmic treatments.

• Third-party AI sublimation: Meky uses external programming interfaces (APIs) for text extraction (OCR) and modeling.
• Improvement of our algorithms: The raw photographs of the dishes uploaded by the restaurateurs are kept by Meky on its servers and are used to train, refine, and continuously improve our own 3D modeling and visual improvement algorithms. By using our services, the restaurant accepts this processing purpose.

5. Hosting and data transfer abroad

‍The data managed by Meky is hosted on secure servers located in Germany (European Union), a territory recognized by Switzerland as offering an adequate level of data protection.

Some specific features (such as optical character recognition - OCR) require data to be transferred to our partners' servers, located in the United States. This transfer is legally supervised and secure, in particular by the application of the new Swiss-United States data confidentiality framework (Swiss-U.S. Data Privacy Framework) and the conclusion of Standard Contractual Clauses, guaranteeing a level of protection equivalent to Swiss law.

6. Data security

‍Meky implements technical and organizational measures (such as password encryption and server infrastructure protection) to protect personal data against unauthorized access, alteration, or destruction.

‍