Legal
Privacy Policy
Last updated : March 30, 2026
Who we are
mysaas.lol is operated by Amorem SAS, a simplified joint-stock company incorporated in France, with its registered office at 50 Rue Saint André des Arts, 75006 Paris.
Amorem SAS acts as the data controller under Regulation (EU) 2016/679 (GDPR) for all personal data collected through the mysaas.lol platform.
Data we collect
We collect different categories of data depending on how you use the platform.
Anonymous submissions
Uploaded images or animated media, optional title, optional caption, optional display name, optional source URL, selected tags, publication timestamps, and the network metadata required to operate rate limiting and abuse prevention.
Engagement and moderation signals
Likes, reports, share events, page views, and the pseudonymous visitor keys associated with those actions in order to limit abuse and measure usage.
Admin account and authentication
Email address, display name, avatar, temporary magic link tokens, OAuth identifiers, IP address, and browser user-agent when you access the moderation interface.
Technical analytics
Referral source, UTM parameters, IP address, browser user-agent, device category, and coarse location data used for first-party analytics and anti-abuse controls.
Legal basis and purposes
Performance of a contract (Art. 6(1)(b) GDPR)
Operating admin authentication, storing submitted media, publishing public meme pages, processing reports, and providing the moderation interface.
Legitimate interest (Art. 6(1)(f) GDPR)
Detecting abuse, enforcing rate limits, measuring audience, improving the product, and protecting the service against spam, bots, and malicious uploads.
Sharing with third parties
We do not sell or rent your data. We rely on technical processors to operate the platform and its infrastructure.
UseSend
Transactional email provider
Email address used only for admin authentication emails and magic links.
Cloudflare R2
Media storage
Uploaded meme files and generated public asset URLs when external object storage is enabled.
Google (OAuth)
Optional admin authentication
Google email address and user identifier if you choose this sign-in method.
GitHub (OAuth)
Optional admin authentication
GitHub email address and user identifier if you choose this sign-in method.
Your data may also be disclosed where required by law, to protect our legal rights, or to prevent fraud and security incidents.
Retention period
Public memes, their metadata, and associated moderation records are retained for as long as they remain published or reasonably required for abuse prevention and legal compliance.
Authentication tokens expire automatically after a short delay. Session and abuse-prevention records are retained for a limited period appropriate to security, troubleshooting, and platform integrity.
Your GDPR rights
Under the GDPR, you have the following rights regarding your personal data.
To exercise these rights, contact us at legal@mysaas.lol. You also have the right to lodge a complaint with the French data protection authority, the CNIL (cnil.fr).
Security
We implement appropriate technical measures to protect the service and your data, including HTTPS, short-lived authentication tokens, restricted infrastructure access, media validation, and abuse controls around uploads, likes, and reports. No password is stored when magic-link authentication is used.
Changes
We may update this policy at any time. The latest update date appears at the top of this page. If we make a material change, we may notify administrators by email or post an in-product notice. Continued use of the platform after notice constitutes acceptance of the updated policy.
Contact
For any question about this policy or to exercise your rights: