m3llo

Legal

Privacy Policy

Last updated: 2026-07-03

m3llo is operated by Mollo Tech AB ("we", "us", "our"). This policy explains what personal data we collect when you use the m3llo app and the m3llo.app website, why we collect it, and your rights under the General Data Protection Regulation (GDPR).

Short version: we collect what the service needs to work, we keep it in Europe wherever we can, we do not sell it, and there is no advertising anywhere in m3llo.

1. Data controller

Mollo Tech AB
Box 1266, 433 41 Göteborg, Sweden
privacy@m3llo.app

2. What we collect

3. Voice and streaming

Live voice and game streams are transmitted in real time and are not recorded or stored by us. Where possible, connections are made directly between crew members (peer-to-peer). For larger crews, media is relayed through our infrastructure in Europe without being stored.

4. Clips

Any member of a voice session can capture a clip: the last 30 seconds of the session's mixed audio. By joining a voice channel in a crew, you should be aware that crewmates can capture clips of the conversation. Clips are:

If you do not want to appear in clips, leave the voice session or ask your crew to not capture clips. Contact us if a clip containing your voice needs to be removed and the crew cannot resolve it.

5. Game data and third-party game services

The crew feed can show how your play sessions went. For most games this data is read locally on your machine, from official integrations the games themselves provide (for example Counter-Strike 2's Game State Integration), and only session summaries — game, duration, wins and losses, basic match stats — are shared with your crew.

For League of Legends and Teamfight Tactics you can optionally link your Riot ID. If you do, we store your Riot ID and the player identifier (PUUID) Riot assigns to it, and our backend fetches your own recent match results from the Riot Games API after your play sessions (match outcome, your score line, champion played) to enrich your session summaries. We never request data about players who have not linked their account, the results are visible only to your crews, and you can unlink your Riot account at any time, which deletes the stored link and stops all Riot API requests for your account.

m3llo isn't endorsed by Riot Games and doesn't reflect the views or opinions of Riot Games or anyone officially involved in producing or managing Riot Games properties. Riot Games and all associated properties are trademarks or registered trademarks of Riot Games, Inc.

6. Why we process your data

Purpose Legal basis
Providing your account, crews, chat, voice, streaming, clips, and the crew feed Performance of contract
Service security, abuse prevention, and operations Legitimate interest
Anonymous website and app usage statistics Legitimate interest
Service notifications you opt in to Consent

7. Processors we use

All processors are bound by data processing agreements. Where a processor's parent company is outside the EU, transfers are protected by EU Standard Contractual Clauses.

8. Data retention

Data Retention
Account data Until you delete your account
Clips 7 days (free tier), longer on paid plans
Chat messages and crew activity While the crew exists, subject to plan limits
Riot account link (Riot ID, PUUID) Until you unlink it or delete your account
Server logs Short-term, for operations and security only

9. Your rights

Under GDPR you have the right to:

To exercise any of these rights, email privacy@m3llo.app. You also have the right to lodge a complaint with the Swedish Authority for Privacy Protection (IMY) or your local supervisory authority.

10. Security

Data is encrypted in transit. Voice and streaming use DTLS-encrypted WebRTC connections. Access to production systems is restricted, and we review our security posture regularly. The client and backend source code is open at GitHub, so you can verify how your data is handled.

11. Self-hosted instances

m3llo is open source and can be self-hosted. This policy covers only the hosted service at m3llo.app. If you use a self-hosted instance, the person or organization running that instance is the data controller for it, not us.

12. Children

m3llo is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you believe a child has created an account, contact us and we will remove it.

13. Changes

We may update this policy. Material changes will be announced in the app or by email, and the date at the top of this page always reflects the current version.

14. Contact

Mollo Tech AB
Box 1266, 433 41 Göteborg, Sweden
privacy@m3llo.app