Privacy Policy

Dernière mise à jour : December 7, 2025

1. Company Information

This Privacy Policy is issued by MEGAMOUNT, a French single-member limited liability company (EURL) with share capital of €1,000, registered under SIRET number 944 778 984 00012, R.C.S 944 778 984 Paris and VAT number FR68944778984.

Registered office: 30 BOULEVARD DE SEBASTOPOL, 75004 PARIS, France
Managing director: Adam Fontaine
Contact: info@index10.com

2. About the Service

Index 10 is an AI-powered platform that generates complete web applications, SaaS products and websites. Users describe their product in natural language, configure options and deploy production-ready projects.

3. Data We Collect

We collect the following categories of personal data:

  • Identity data: Name, surname, email address, encrypted password
  • Usage data: Visited pages, features used, session duration, generation history
  • Technical data: IP address, browser type, operating system, device identifiers
  • Creation data: Generated code, prompt history, project configurations
  • Billing data: Payment information processed securely by Stripe
  • Communication data: Support tickets, feedback, incident reports

4. Purposes and Legal Bases

Your data is processed for the following purposes:

  • Contract performance: Delivering the platform, generating applications and managing your workspace
  • Legitimate interest: Improving features, monitoring performance, securing the infrastructure
  • Legal obligation: Accounting, tax compliance, anti-fraud requirements
  • Consent: Optional marketing communications and non-essential cookies

5. Data Recipients

We may share data with trusted partners strictly necessary to operate the service:

  • Technical infrastructure: Vercel for hosting, Supabase for managed databases
  • Payments: Stripe for secure payment processing
  • AI providers: OpenAI, Anthropic (prompts pseudonymised, no personal data)
  • Analytics: Aggregated usage statistics for product improvements
  • Support tools: Ticketing and communication providers with restricted access

6. International Transfers

Some providers are located outside the European Economic Area. Transfers are protected by:

  • Standard contractual clauses issued by the European Commission
  • Industry-recognised certifications such as SOC 2 Type II and ISO 27001
  • Encryption, access controls and data minimisation measures

7. Retention Periods

  • Account data: Stored while the account is active then deleted within 30 days
  • Billing data: Retained for 10 years to meet statutory obligations
  • Technical logs: Kept up to 12 months
  • Marketing consents: Stored for 3 years or until you opt-out
  • Support history: Retained for 24 months after resolution

8. Your GDPR Rights

You can exercise the following rights regarding your personal data:

  • Access: Request a copy of the data we hold
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Ask for deletion when legally possible
  • Restriction: Limit processing in specific circumstances
  • Portability: Receive your data in a structured format
  • Objection: Object to processing based on legitimate interest
  • Withdraw consent: Revoke consent at any time

To submit a request, email info@index10.com.

9. Data Security

We apply strict security controls to protect your information:

  • Transport encryption using TLS 1.3
  • Data-at-rest encryption with AES-256
  • Multi-factor authentication for administrative access
  • Role-based access control and least-privilege policies
  • Regular penetration tests and vulnerability management
  • Business continuity and disaster recovery plans

10. Cookies

We use essential cookies (mandatory) and optional cookies (analytics, marketing). Manage your preferences at any time in our Cookie Policy.

11. Questions and Complaints

Controller: MEGAMOUNT
Email: info@index10.com
Address: 30 BOULEVARD DE SEBASTOPOL, 75004 PARIS, France

If you believe your rights have been infringed, you may lodge a complaint with the CNIL (France) or your local supervisory authority.

12. Policy Updates

We may update this policy. Material changes will be announced via email or in-app notification at least 30 days before they take effect.

13. Use of AI

Our platform leverages AI models to generate code and project structures. Prompts may be used to improve the service but are anonymised and never stored with personally identifiable data.

14. Intellectual Property

You retain full ownership of the applications and code generated through Index 10. MEGAMOUNT retains ownership of the Index 10 platform and reusable components.

Legal NoticePrivacy PolicyTerms of ServiceCookie PolicyResponsible useSecurityReport misuse

© 2025 MEGAMOUNT. All rights reserved.