Privacy Policy

Last updated: 22/04/2025

1. Controller

Lea Labs (“we”, “our”, “us”) controls the personal data you provide when you use lealabs.io and interact with Lea.

2. Data We Collect

No payment data is collected yet. When billing launches, we will rely on a third-party processor that handles card details on our behalf.

3. Legal Bases (GDPR)

• Contract – providing the Service you request.
• Legitimate interest – security, analytics, product improvement.
• Consent – optional newsletters and beta-feedback recordings.

4. Retention

• Account data: kept until you delete your account or 24 months of inactivity, then removed or anonymised within 30 days.
• Email newsletter list: retained until you unsubscribe.

5. Sharing

We share data only with:

• Render.com for hosting;
• Cloud vendors that store/process logs (subject to EU SCCs or equivalent safeguards);
• Authorities when legally required.

We do not sell personal data.

6. Your Rights

Depending on your jurisdiction you may request to access, correct, delete, port, or restrict processing of your data. Email defdefdev@gmail.com to exercise any right.

7. Security

All traffic is encrypted (HTTPS/TLS). Access to production systems is protected by MFA. We review logs and conduct code audits regularly. No system is perfect; please report vulnerabilities to the address above.

8. Children

We do not knowingly collect data from children under 13. If you believe such data has been provided, contact us and we will delete it promptly.

9. Cookies

We use essential cookies for login and a minimal, privacy-friendly analytics script that sets no tracking cookies. Blocking cookies may impair site functionality.

10. Changes

If we make material updates, we’ll post them here and notify registered users by email.