Privacy Policy

Effective Date: October 15, 2024

This Privacy Policy explains how Lean App Studio ("we," "our," or "us") collects, uses, shares, and protects your personal data when you use our apps (the "Services"). We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring the privacy and security of your personal data.

By accessing or utilizing the Services, you acknowledge and agree to be legally bound by the terms of this Privacy Policy. If you do not consent to the terms of this Privacy Policy, you are not permitted to access, use, or otherwise engage with the Services.

Key components of our privacy practices, as outlined in this Privacy Policy, include the following explanations:

• The types of data we collect and the purposes for which it is collected;
• The manner in which we utilize the collected data;
• The circumstances under which data is shared; and
• Your rights concerning your personal data.

Data controller

Lean App Studio is the data controller responsible for the processing of your personal data. If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at [email protected].

Personal data we might collect

We process your personal data for the following purpose: When you register your account with us, you may be asked for your email address, your password which we stored in hashed form. In addition, we might store your location and your IP address for reinforcing security and make sure you are not a bot. When you contact us (customer support, bug request, inquiry, ...), we may collect your full name, email address, location or any other information that you decide to provide to us. When you pay for our services, we might collect information regarding your transactions and invoices (full name, billing address, VAT number, etc)

Legal Basis for Processing

We process your personal data based on the following legal grounds: Contractual Necessity: To fulfill our contractual obligations to you (e.g., account creation, processing payments). Legal Obligations: To comply with applicable laws, including tax and financial regulations. Legitimate Interests: To improve our app and user experience.

How we share you data

We may share your personal data with the following third-party service providers to facilitate our Service:

• Firebase: Used for authentication, database management, and analytics. Firebase's privacy policy can be found here.
• Stripe: Used for payment processing. Stripe's privacy policy can be found here.

These third parties act as data processors on our behalf and are required to comply with applicable data protection laws, including GDPR.

International Data Transfers

Our Service, including Firebase and Stripe, may involve the transfer of your personal data outside the European Economic Area (EEA). We will ensure that any such transfers comply with applicable data protection laws, including the GDPR, by implementing appropriate safeguards, such as standard contractual clauses.

Data Security

We take appropriate technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. Our Service uses industry-standard encryption to safeguard your data.

How long we retain your data

We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal obligations. If you delete your account or request the deletion of your data, we will ensure that your personal data is erased from our systems in accordance with GDPR.

In general, if you have not used our services for a period of one year, we will send you notifications regarding your inactivity. If no action is taken in response to these notifications, we will proceed to delete your account and associated data thereafter.

Your Rights Under GDPR

Under the GDPR, you have the following rights regarding your personal data:

Right to Object: You have the right to object to the processing of your data based on legitimate interests.

Right of Access: You have the right to request access to the personal data we hold about you.

Right to Rectification: You have the right to request correction of inaccurate or incomplete data.

Right to Erasure: You have the right to request the deletion of your personal data in certain circumstances.

Right to Restrict Processing: You can ask us to suspend the processing of your personal data under specific conditions.

Right to Data Portability: You have the right to request that we provide your personal data in a structured, commonly used format.

Changes to this Privacy Policy

We reserve the right to update this Privacy Policy at any time. Any changes will be posted on this page with an updated effective date. We encourage you to review this Privacy Policy periodically for any updates.

Contact us

If you have any questions or concerns about this Privacy Policy or your personal data, please contact us at [email protected].