Privacy Policy

1. Information We Collect

What Data We Gather

We collect information that you provide directly to us when you create an account, update your profile, upload content, make bookings, or communicate with vendors. This may include:

• Account Information: Name, email address, phone number, username, and password
• Profile Information: Profile photos, cover photos, business details, location, and service descriptions
• Media Files: Uploaded images, galleries, creative content stored on Amazon S3
• Transaction Data: Order history, booking details, payment information (processed by Stripe)
• Communications: Messages sent through our platform, customer support inquiries
• Usage Data: Log data, IP addresses, browser type, pages visited, and interaction patterns

2. How We Use Your Information

We use the information we collect to provide, maintain, and improve our services. Specifically, we use your data to:

• Create and manage your account
• Connect customers with local photographers and content creators
• Process bookings and facilitate transactions
• Enable communication between customers and vendors
• Send service-related notifications and updates
• Improve our platform through analytics and usage patterns
• Prevent fraud, abuse, and ensure platform security
• Comply with legal obligations and resolve disputes

3. Data Storage and Security

How We Protect Your Data

We implement industry-standard security measures to protect your personal information from unauthorized access, disclosure, alteration, or destruction. Your data is stored securely using:

• Encrypted Storage: All sensitive data is encrypted at rest and in transit
• Amazon S3: Media files (photos, galleries) are stored on secure AWS infrastructure
• Access Controls: Strict role-based access to protect your information
• Regular Audits: Ongoing security assessments and monitoring

While we take reasonable precautions to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but are committed to maintaining best practices.

4. Third-Party Services

Partners We Work With

We work with trusted third-party service providers to deliver our services. These partners may have access to certain information as necessary to perform their functions:

• Stripe: Payment processing and financial transactions. Stripe maintains its own privacy policy and data handling practices. Financial data (card numbers, bank accounts) is handled exclusively by Stripe and never stored on our servers.
• Amazon Web Services (AWS): Cloud infrastructure and file storage (S3) for uploaded media and content.
• Google Maps: Location services for vendor search and mapping features.
• Analytics Providers: Aggregated, anonymized usage data to improve our platform performance.

We require all third-party providers to maintain appropriate security measures and use your data only for the purposes we specify. We do not sell your personal information to third parties.

5. Your Data Rights

Control Over Your Information

You have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Correction: Update or correct inaccurate information in your account settings
• Deletion: Request deletion of your account and associated data (see Right to Erasure below)
• Portability: Receive your data in a structured, commonly used format
• Objection: Object to certain processing activities, such as marketing communications
• Withdrawal of Consent: Withdraw consent for data processing where consent is the legal basis

To exercise any of these rights, contact us at privacy@lenso.io. We will respond to your request within 30 days.

6. Right to Erasure (Account Deletion)

How Account Deletion Works

You have the right to request complete deletion of your account and associated personal data. When you request account deletion from your account settings:

7. Data Retention Periods

We retain different types of data for varying periods based on legal requirements and business needs:

8. Data Anonymization

When we anonymize data, we remove all personally identifiable information (PII) to ensure it cannot be linked back to you. Our anonymization process includes:

• Removing names, email addresses, phone numbers, and addresses
• Replacing user IDs with random, non-reversible identifiers
• Aggregating data into statistical summaries (e.g., "100 orders in January" instead of individual order details)
• Stripping location data to city or regional level only

Anonymized data is used for business analytics, platform improvement, and research purposes. It cannot be used to identify you or contact you.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to improve your experience on our platform. Cookies are small data files stored on your device that help us:

• Keep you logged in between sessions
• Remember your preferences and settings
• Analyze site traffic and usage patterns
• Personalize content and recommendations

You can control cookie settings through your browser preferences. Note that disabling cookies may affect certain features of our platform.

10. Children's Privacy

Lenso.io is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that a child has provided us with personal data, we will delete it immediately. If you believe a child has provided us with information, please contact us at privacy@lenso.io.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features. When we make significant changes, we will notify you via:

• Email notification to your registered email address
• Prominent notice on our website
• In-app notification when you next log in

We encourage you to review this Privacy Policy periodically. Your continued use of Lenso.io after changes are posted constitutes acceptance of the updated policy.