Privacy Policy

We use the data we collect to:

• Provide, operate, and maintain the Service
• Process transactions and manage subscriptions
• Send technical communications, updates, and security alerts
• Respond to support requests
• Analyze usage patterns to improve the Service
• Comply with legal and regulatory obligations
• Prevent fraud and ensure platform security

We do not use your data for third-party advertising or marketing without your explicit consent.

We retain your data for as long as your account is active or as needed to provide the Service. After account termination:

• Personal and operational data is deleted or anonymized within 90 days
• Security logs and financial records may be retained for up to 5 years for legal and accounting purposes
• Anonymized data may be retained indefinitely for statistical purposes

We do not sell your personal data. We share information only in the following situations:

• Service providers: companies that assist us in operating the Service (cloud hosting, payment processing, email delivery), subject to confidentiality agreements
• Professional advisors: lawyers, accountants, or auditors, when necessary for business operations
• Public authorities: when required by law, court order, or to protect rights, property, or safety
• Corporate transactions: in the event of a merger, acquisition, or asset sale, with prior notice

We use cookies and similar technologies to operate and improve the Service. Cookies are small text files stored on your device that allow us to:

• Maintain your authenticated session
• Remember your preferences (such as language and theme)
• Analyze platform usage to identify improvements

You can configure your browser to refuse cookies or to alert you when cookies are being sent. However, some features of the Service may not function correctly without cookies.

We implement appropriate technical and organizational measures to protect your data against unauthorized access, loss, alteration, or improper disclosure, including:

• Encryption of data in transit (TLS/HTTPS) and at rest
• Passwords stored with cryptographic hash and salt
• Role-based access controls (RBAC)
• Security monitoring and audit logs
• Regular vulnerability assessments

No method of Internet transmission or electronic storage is 100% secure. In the event of a security incident affecting your data, we will notify you as required by applicable law.

Depending on your location, you may have certain rights regarding your personal data, including the right to:

• Access: know whether we process your data and obtain a copy
• Correction: request correction of incomplete, inaccurate, or outdated data
• Deletion: request erasure of data we process based on your consent
• Portability: receive your data in a structured, commonly used format
• Withdraw consent: revoke consent for processing based on that legal basis
• Object: object to processing carried out based on legitimate interest

To exercise any of these rights, contact us at legal@loribase.com. We will respond within 15 business days.

Your data may be processed on servers located outside your country of residence, including in countries with different data protection laws. We ensure that such transfers occur with appropriate safeguards, in compliance with applicable data protection regulations.

We may update this Privacy Policy periodically. Significant changes will be communicated at least 15 days in advance by email or by posting a notice in the Service. The "Last updated" date at the top of this page indicates when the current version took effect.

Your continued use of the Service after changes take effect constitutes acceptance of the new Policy.

Questions, requests, or complaints related to this Policy can be sent to:

Email: legal@loribase.com