Privacy Policy

Last updated: 22/04/2025

1. Controller

Lea Labs (“we”, “our”, “us”) controls the personal data you provide when you use lealabs.io and interact with Lea.

2. Data We Collect

Category	Examples	Why We Collect
Account Data	Email, username, password	Create and secure your account
Technical Data	IP address, browser type, device IDs, cookies	Security, fraud prevention, usage analytics
Newsletter Data	Email (opt-in)	Send product updates

No payment data is collected yet. When billing launches, we will rely on a third-party processor that handles card details on our behalf.

3. Legal Bases (GDPR)

Contract – providing the Service you request.
Legitimate interest – security, analytics, product improvement.
Consent – optional newsletters and beta-feedback recordings.

4. Retention

Account data: kept until you delete your account or 24 months of inactivity, then removed or anonymised within 30 days.
Email newsletter list: retained until you unsubscribe.

5. Sharing

We share data only with:

Render.com for hosting;
Cloud vendors that store/process logs (subject to EU SCCs or equivalent safeguards);
Authorities when legally required.

We do not sell personal data.

6. Your Rights

Depending on your jurisdiction you may request to access, correct, delete, port, or restrict processing of your data. Email defdefdev@gmail.com to exercise any right.

7. Security

All traffic is encrypted (HTTPS/TLS). Access to production systems is protected by MFA. We review logs and conduct code audits regularly. No system is perfect; please report vulnerabilities to the address above.

8. Children

We do not knowingly collect data from children under 13. If you believe such data has been provided, contact us and we will delete it promptly.

9. Cookies

We use essential cookies for login and a minimal, privacy-friendly analytics script that sets no tracking cookies. Blocking cookies may impair site functionality.

10. Changes

If we make material updates, we’ll post them here and notify registered users by email.