ProofGallery
Iniciar sesión

Política de Privacidad

Privacy Policy

Effective as of [EFFECTIVE_DATE]

Lemus Digital LLC ("we," "us," or "our") operates the [PRODUCT_NAME] platform and related services (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your and your clients' personal information when you use the Service. Please read it carefully.

1. Data Controller

The data controller responsible for your personal data is:

Lemus Digital LLC
[STREET ADDRESS]
[CITY], [STATE] [ZIP CODE]
[COUNTRY]
Email: [EMAIL_LEGAL]

For privacy-related requests (access, deletion, portability, etc.), please use [EMAIL_LEGAL] or the contact details at the end of this policy.

2. Information We Collect

2.1 Information You Provide

  • Account and profile: Name, email address, password (stored in hashed form), preferred language, and organization name when you register or update your profile.
  • Billing: If you subscribe to a paid plan, we or our payment processor (e.g., Stripe) collect billing details such as name, address, and payment method information. We do not store full credit card numbers on our servers; payment data is processed by our payment provider in accordance with their privacy policy.
  • Content you upload: Photos, gallery names, client names, client email addresses (e.g., for sending gallery links or delivery notifications), session and package information, and any other data you or your team members enter into the Service. You are responsible for ensuring you have a lawful basis to process your clients' personal data and for complying with applicable data protection laws in your relationship with your clients.
  • Communications: When you contact support or send us feedback, we collect the content of your messages and contact details.

2.2 Information Collected Automatically

  • Usage and logs: We collect information about how you use the Service, such as actions performed (e.g., creating galleries, uploading images), IP address, browser type, device type, and approximate location (e.g., country or region) for security, fraud prevention, and improving the Service.
  • Cookies and similar technologies: We use cookies and similar technologies as described in our Cookie Policy (e.g., session and authentication cookies, preference cookies). You can manage your preferences as set out in that policy.

2.3 Information from Third Parties

  • Payment provider: When you subscribe, we may receive limited information from our payment provider (e.g., subscription status, customer identifier) to sync your plan and billing with the Service.
  • Authentication: If you use a third-party login in the future (e.g., Google), we may receive basic profile information (e.g., email, name) from that provider in accordance with your consent there.

We do not buy or sell your personal information to third parties for marketing purposes.

3. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Create and manage your account, host your galleries, send delivery and notification emails, process payments, and allow team collaboration.
  • Support and communication: Respond to your requests, send service-related emails (e.g., password reset, verification, subscription and billing notices), and, if you have opted in, send marketing or product updates (you can opt out at any time).
  • Security and compliance: Protect the Service from abuse and fraud, enforce our terms, and comply with legal obligations.
  • Improvement and analytics: Analyze usage in an aggregated or pseudonymized way to improve the Service, fix errors, and understand how features are used. Where we use analytics that involve personal data, we do so in accordance with this policy and, where required by law, with your consent.

4. Legal Basis for Processing (EEA/UK Users)

If you are in the European Economic Area or the United Kingdom, we process your personal data on the following bases:

  • Performance of a contract: To provide the Service and manage your subscription.
  • Legitimate interests: To operate, secure, and improve the Service, prevent fraud, and communicate about the Service, where not overridden by your rights.
  • Legal obligation: To comply with applicable law (e.g., tax, retention).
  • Consent: Where we rely on consent (e.g., optional marketing, non-essential cookies), you may withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

5. Sharing and Disclosure

We may share your information only in the following circumstances:

  • Service providers (processors): We use trusted third parties to operate the Service, such as cloud hosting (e.g., Google Cloud), payment processing (e.g., Stripe), and email delivery. These providers act on our instructions and are contractually required to protect your data and use it only for the purposes we specify. A list of key subprocessors and how to request a data processing agreement is available here (or upon request at [EMAIL_LEGAL]).
  • Legal and safety: We may disclose information if required by law, court order, or government request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, or to detect or prevent fraud.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

We do not sell your personal information.

6. International Transfers

Your information may be processed in the United States or other countries where we or our service providers operate. If you are in the EEA or UK, such transfers are carried out with appropriate safeguards (e.g., standard contractual clauses approved by the European Commission or equivalent) as required by applicable law. You may request more information about these safeguards by contacting [EMAIL_LEGAL].

7. Data Retention

  • Active accounts: We retain your data while your account is active and as needed to provide the Service and comply with our legal obligations.
  • After account closure: After you close your account, we may retain certain data for a limited period (e.g., 30 days) to allow you to export it. After that, we delete or anonymize your data in accordance with our retention schedule, except where we must retain it for legal, tax, or dispute resolution purposes (e.g., invoices for the period required by law).
  • Logs and security: We may retain access and security logs for a limited period (e.g., 12–24 months) for security and compliance.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data, subject to legal exceptions (e.g., retention for tax or legal claims).
  • Restriction: Request that we limit how we use your data in certain circumstances.
  • Portability: Request a copy of your data in a structured, machine-readable format where technically feasible.
  • Objection: Object to processing based on legitimate interests; we will consider your objection and stop processing unless we have compelling legitimate grounds.
  • Withdraw consent: Where we rely on consent, you may withdraw it at any time.
  • Complaint: You have the right to lodge a complaint with a supervisory authority (e.g., in the EEA, your local data protection authority; in the UK, the ICO).

To exercise any of these rights, contact us at [EMAIL_LEGAL]. We will respond within the time required by applicable law (e.g., one month under GDPR). We may need to verify your identity before processing your request.

If you are in California, you may have additional rights under the CCPA/CPRA (e.g., right to know, delete, correct, limit use of sensitive data, and non-discrimination). Contact us at [EMAIL_LEGAL] to exercise these rights.

9. Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including encryption in transit (e.g., TLS), access controls, and secure development practices. No method of transmission or storage is 100% secure; we cannot guarantee absolute security but we work to maintain a high level of protection.

10. Children

The Service is not intended for individuals under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us at [EMAIL_LEGAL] and we will delete it promptly.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Service and/or by email to the address associated with your account. The "Last updated" date at the bottom will reflect the effective date. We encourage you to review this policy periodically. Your continued use of the Service after the effective date constitutes acceptance of the updated policy, except where your consent is required by law.

12. Contact

For privacy-related questions, to exercise your rights, or to request a data processing agreement or list of subprocessors:

Lemus Digital LLC
[STREET ADDRESS]
[CITY], [STATE] [ZIP CODE]
[COUNTRY]
Email: [EMAIL_LEGAL]
Website: https://[DOMAIN]

Last updated: [EFFECTIVE_DATE]