Privacy Policy

1. Introduction

LMNTL ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

2. Information We Collect

2.1 Newsletter Subscription

When you subscribe to our newsletter, we collect:

• Email address
• Subscription date and time
• Consent timestamp
• Source of subscription (e.g., homepage, product page)
• Hashed IP address (for security and anti-abuse purposes)

2.2 Automatically Collected Information

When you visit our website, we may automatically collect:

• Browser type and version
• Operating system
• Pages visited and time spent
• Referring website
• IP address (hashed for privacy)

3. How We Use Your Information

We use the information we collect to:

• Send you newsletters and updates about our products and services
• Improve our website and user experience
• Prevent fraud and abuse
• Comply with legal obligations
• Respond to your inquiries and support requests

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA) and UK, we process your personal data based on the following legal grounds:

• Consent: Newsletter subscriptions and optional marketing communications (you may withdraw consent at any time)
• Contract Performance: Processing necessary to provide the Services you have requested
• Legitimate Interests: Security monitoring, fraud prevention, and service improvement, where these interests are not overridden by your rights
• Legal Obligation: Processing required to comply with applicable laws and regulations

5. Data Retention

We retain your information as follows:

• Active Subscriptions: Until you unsubscribe
• Unconfirmed Subscriptions: Automatically deleted after 7 days
• Security Logs: Retained for 90 days for fraud prevention

6. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal data we hold about you
• Rectification: Request correction of inaccurate or incomplete data
• Erasure: Request deletion of your personal data (subject to legal retention requirements)
• Restriction: Request that we limit how we use your data in certain circumstances
• Data Portability: Receive your data in a structured, machine-readable format
• Object: Object to processing based on legitimate interests or for direct marketing
• Withdraw Consent: Withdraw previously given consent at any time
• Lodge a Complaint: File a complaint with your local data protection authority

To exercise these rights, contact us at privacy@lmntl.ai. We will respond within 30 days (or sooner if required by applicable law).

7. Security

We implement industry-standard security measures to protect your information:

• HTTPS encryption for all data transmission
• Hashing of personally identifiable information
• CSRF protection against unauthorized requests
• Rate limiting to prevent abuse
• Regular security audits and updates

Breach Notification: In the event of a data breach affecting your personal information, we will notify you and applicable regulatory authorities as required by law, typically within 72 hours of becoming aware of the breach.

8. Third-Party Services

We use the following third-party services:

• Amazon Web Services (AWS): Hosting and data storage
• Amazon SES: Email delivery
• Google reCAPTCHA: Bot detection (optional, if configured)
• Intuit QuickBooks: Accounting integration (for Minute7 integration)
• Payment Processors: Secure payment processing for billing

These services have their own privacy policies, which we encourage you to review.

9. Cookies

We use minimal cookies for:

• Session management (CSRF protection)
• Rate limiting (preventing abuse)

You can control cookies through your browser settings.

10. Children's Privacy

Our services are not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13.

11. International Data Transfers

Your information may be transferred to and processed in the United States. For transfers from the EEA or UK, we rely on Standard Contractual Clauses approved by the European Commission to ensure adequate protection of your data. You may request a copy of these safeguards by contacting privacy@lmntl.ai.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date.

13. California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

Right to Know

You may request information about the categories and specific pieces of personal information we have collected, the sources of collection, our business purposes for collecting the information, and the categories of third parties with whom we share it.

Right to Delete

You may request deletion of your personal information, subject to certain exceptions required by law.

Right to Opt-Out of Sale/Sharing

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. If this changes, we will update this policy and provide an opt-out mechanism.

Right to Non-Discrimination

We will not discriminate against you for exercising your CCPA rights. You will not receive different pricing or quality of services based on exercising these rights.

To exercise your California privacy rights, contact us at privacy@lmntl.ai. We will verify your identity before processing your request.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

15. Compliance

This Privacy Policy is designed to address the requirements of:

• General Data Protection Regulation (GDPR)
• California Consumer Privacy Act (CCPA)
• California Privacy Rights Act (CPRA)
• CAN-SPAM Act