LYDLY.AI

Privacy Policy

Last updated: December 26, 2024

1. Introduction

Lydly, UAB ("Company", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use the Lydly.ai platform and services (the "Service").

We comply with the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using our Service, you consent to the data practices described in this policy.

2. Data Controller

Company Name: Lydly, UAB

Legal Address: J. Savickio g. 4-7, Vilnius, LT-01108, Lithuania

Registration Number: 307000415

VAT Number: LT100018357115

Data Protection Contact: [email protected]

3. Information We Collect

3.1 Information You Provide

  • Account Information: Name, email address, password, and company details when you register
  • Payment Information: Billing address and payment details (processed securely by Paddle)
  • Profile Information: Any additional information you choose to provide in your profile
  • Communications: Information you provide when contacting our support team
  • Campaign Data: Influencer lists, outreach messages, and campaign settings you create

3.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, search queries, and actions taken
  • Device Information: Browser type, operating system, device identifiers
  • Log Data: IP address, access times, referring URLs
  • Cookies: Session cookies, preference cookies, and analytics cookies

3.3 Information from Third Parties

  • Social Media Platforms: Publicly available influencer data from social media APIs
  • Payment Processor: Transaction confirmations and billing status from Paddle
  • Analytics Providers: Aggregated usage statistics and performance metrics

4. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

  • Contract Performance: To provide and maintain the Service you subscribed to
  • Legitimate Interests: To improve our Service, prevent fraud, and ensure security
  • Consent: For marketing communications and optional cookies (you may withdraw consent anytime)
  • Legal Obligation: To comply with applicable laws, regulations, and legal requests

5. How We Use Your Information

We use the collected information for the following purposes:

  • To provide, operate, and maintain the Service
  • To process transactions and manage your subscription
  • To communicate with you about your account and provide customer support
  • To send service-related notifications and updates
  • To personalize and improve your experience
  • To analyze usage patterns and optimize the Service
  • To detect, prevent, and address technical issues and security threats
  • To comply with legal obligations
  • To send marketing communications (with your consent)

6. Data Sharing and Disclosure

We may share your information in the following circumstances:

6.1 Service Providers

We share data with trusted third-party service providers who assist us in operating the Service:

  • Paddle: Payment processing and billing (Merchant of Record)
  • Cloud Infrastructure: Data hosting and storage
  • Analytics: Usage analysis and performance monitoring
  • Communication Tools: Email delivery and customer support

6.2 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

6.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of any such change.

7. International Data Transfers

Your information may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, such as:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions by the European Commission
  • Binding Corporate Rules for intra-group transfers

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:

  • Account Data: Retained while your account is active and for 30 days after deletion request
  • Transaction Records: Retained for 7 years for tax and legal compliance
  • Usage Logs: Retained for up to 12 months for analytics and security purposes
  • Marketing Preferences: Retained until you withdraw consent

9. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of Access: Request a copy of the personal data we hold about you
  • Right to Rectification: Request correction of inaccurate or incomplete data
  • Right to Erasure: Request deletion of your personal data ("right to be forgotten")
  • Right to Restrict Processing: Request limitation of how we use your data
  • Right to Data Portability: Receive your data in a structured, machine-readable format
  • Right to Object: Object to processing based on legitimate interests or for marketing
  • Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days. You also have the right to lodge a complaint with your local data protection authority.

10. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience:

  • Essential Cookies: Required for the Service to function (cannot be disabled)
  • Functional Cookies: Remember your preferences and settings
  • Analytics Cookies: Help us understand how you use the Service
  • Marketing Cookies: Used to deliver relevant advertisements (with consent)

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication mechanisms
  • Employee training on data protection practices
  • Incident response procedures for data breaches

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

12. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately at [email protected].

13. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and updating the "Last updated" date. For significant changes, we may also send you an email notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Inquiries: [email protected]

General Support: [email protected]

Company: Lydly, UAB

Address: J. Savickio g. 4-7, Vilnius, LT-01108, Lithuania

Supervisory Authority: You have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania (vdai.lrv.lt) or your local data protection authority.