Privacy Policy

Your privacy is fundamental to our business. This policy explains how we collect, use, and protect your personal data in compliance with GDPR and CCPA.

Last updated: June 13, 2025 • Effective Date: June 13, 2025

Quick Overview

What We Collect

  • Account and profile information
  • Marketing content and campaign data
  • Usage analytics and performance metrics
  • Technical information (IP, browser, device)

Your Rights

  • Access your personal data
  • Correct inaccurate information
  • Delete your account and data
  • Export your data in portable format

1. Information We Collect

Account Information

When you create a Liflio account, we collect basic information necessary to provide our services:

  • Full name and email address
  • Company name and business type
  • Country and preferred language
  • Account credentials (encrypted passwords)

Marketing Content

To provide AI-powered marketing services, we process:

  • Uploaded flyers, images, and marketing materials
  • Product catalogs and inventory information
  • Brand assets, logos, and design preferences
  • Campaign settings and target audience data

Usage Analytics

We collect analytics to improve our services and provide insights:

  • Campaign performance metrics and conversion rates
  • Feature usage patterns and engagement data
  • Error logs and technical diagnostics
  • A/B testing results and optimization data

Technical Information

Automatically collected for security and functionality:

  • IP address and approximate location
  • Browser type, version, and language settings
  • Device information and operating system
  • Cookies and similar tracking technologies

2. How We Use Your Information

Service Provision

  • Generate AI-powered marketing content and campaigns
  • Process and optimize your marketing materials
  • Provide multi-channel publishing and distribution
  • Deliver analytics and performance insights
  • Manage your account and billing

Service Improvement

  • Enhance AI algorithms and content generation quality
  • Develop new features and capabilities
  • Conduct research and analytics to improve user experience
  • Test and optimize platform performance

Communication

  • Send important service updates and notifications
  • Provide customer support and technical assistance
  • Share relevant marketing insights and best practices (with consent)
  • Notify you of new features and product updates

Legal and Security

  • Comply with applicable laws and regulations
  • Prevent fraud, abuse, and security threats
  • Protect intellectual property rights
  • Respond to legal requests and enforce our terms

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

Contract Performance

Processing necessary to provide our marketing services, manage your account, and fulfill our contractual obligations.

Legitimate Interest

Improving our services, preventing fraud, and conducting business analytics where our interests don't override your privacy rights.

Consent

Marketing communications, non-essential cookies, and optional features that require explicit consent.

Legal Compliance

Meeting regulatory requirements, tax obligations, and responding to legitimate legal requests.

4. Data Sharing and Third Parties

We do not sell your personal data. We may share information in the following limited circumstances:

Service Providers

We work with trusted third-party providers who help us deliver our services:

  • Hosting and infrastructure (Scaleway, hosted in France)
  • CDN and DDoS protection (Cloudflare)
  • AI and machine learning services (OpenAI, Anthropic)
  • Payment processing services (Stripe)
  • Analytics and monitoring tools (PostHog)
  • Customer support platforms (Tawk.to)

All service providers are contractually bound to protect your data and use it only for specified purposes.

Social Media Platforms

When you choose to publish content to social media platforms (Facebook, Instagram, LinkedIn, TikTok), we share only the content and metadata necessary for publication according to your instructions.

Legal Requirements

We may disclose information when required by law, legal process, or to protect our rights, property, or safety, or that of our users or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction, subject to equivalent privacy protections.

5. International Data Transfers

Liflio operates globally with servers and service providers in multiple countries. When we transfer personal data outside the European Economic Area (EEA) or your country of residence, we implement appropriate safeguards:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection laws
  • Binding Corporate Rules for intra-group transfers
  • Your explicit consent for specific transfers when required

We regularly review and update our transfer mechanisms to ensure compliance with evolving international data protection requirements.

6. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal data:

GDPR Rights (EU/EEA/UK)

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Delete your personal data ("right to be forgotten")
  • Portability: Export your data in a machine-readable format
  • Restriction: Limit how we process your data
  • Objection: Object to processing based on legitimate interest
  • Withdraw Consent: Revoke consent for consent-based processing

CCPA Rights (California)

  • Know: Categories and specific pieces of personal information collected
  • Delete: Request deletion of personal information
  • Opt-Out: Opt out of the sale of personal information
  • Non-Discrimination: Equal service regardless of privacy choices

How to Exercise Your Rights

To exercise any of these rights, you can:

  • Email us at [email protected]
  • Use the privacy settings in your account dashboard
  • Contact our Data Protection Officer

We will respond to your request within 30 days (GDPR) or 45 days (CCPA) and may request verification of your identity to protect your privacy.

7. Data Security and Retention

Security Measures

We implement industry-standard security measures to protect your personal data:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Multi-factor authentication and access controls
  • Regular security audits and vulnerability assessments
  • Employee security training and background checks
  • Incident response and breach notification procedures

Data Retention

We retain personal data only as long as necessary for the purposes outlined in this policy:

  • Account data: Until account deletion + 30 days for recovery
  • Marketing content: 2 years after last campaign activity
  • Analytics data: 13 months (anonymized after 12 months)
  • Support tickets: 3 years for quality assurance
  • Financial records: 7 years for legal compliance

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience and analyze usage patterns:

Essential Cookies

Required for basic functionality, security, and user authentication. These cannot be disabled.

Analytics Cookies

Help us understand how you use our platform to improve performance and user experience.

Preference Cookies

Remember your settings, language preferences, and customization choices.

You can manage cookie preferences through your browser settings or our cookie consent banner. Note that disabling certain cookies may limit platform functionality.

9. Children's Privacy

Liflio is designed for business use and is not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

10. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

General Privacy Inquiries

Email: [email protected]
Phone: 05 54 49 81 45
Response time: 48-72 hours

Data Protection Officer

Email: [email protected]
Address: 18 rue Eugene Leroy
33800 Bordeaux, France
SIRET: 930 697 339 00016

EU Representative: If you are in the European Union and have concerns about our data practices, you also have the right to lodge a complaint with your local supervisory authority.

11. Policy Updates

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal requirements. We will:

  • Post the updated policy on our website with a new effective date
  • Notify you by email for material changes that affect your rights
  • Provide clear notice through our platform interface
  • Maintain a version history for your reference

Your continued use of Liflio after policy updates constitutes acceptance of the revised terms, unless additional consent is required by law.