Ndevopykuaa Política

Tavo — Ndevopykuaa Política

Nyamotenondé: 21 August 2025
Máva ñane rehe: Tavo hína LUX GLOBAL LTD (LUX GLOBAL, ñande, ñayhengái, ore) peẽ.
Kyr'ỹi ofishina: 27 Old Gloucester St, Holborn, London, WC1N 3AX, United Kingdom.
Rogaxy: [email protected] (product/support) · [email protected] (privacy/legal)

Tavo hína peteî oguerekóva añemomba'eguasu, ojehechauka porãva one create, oneñe'ẽ, ha ojehapypa hína gueteri tapicha rehota ha'eveita ichagua oñemomba'éva oĩha (the “Service”).

1) Data Controller

Uk/EU rupi ore rembiapo tavaguasu, LUX GLOBAL LTD ha'e data controller ja'e porã ne Personal Data rehe. Ñande niko ndaiporâi Data Protection Officer. Ñande rombadasi va'erê umi detalle rehe, ha ikatúta rehecha heñói opa pytyvõ (UK: Information Commissioner’s Office).

2) Mávapa jaikuaáiva data

2.1 Data oñemohendáva

  • Account data: imeeli, password (hashed), display name, language ha notification preferences.
  • Content data: post drafts, scheduled posts, captions, images/video ne enakarýi, per-platform tweaks, ha publishing metadata (e.g., selected channels and scheduled times).
  • Support & feedback: ne mesá, bugs reports, survey responses.
  • Billing data: payment method, billing address, transaction details (processed by our payment provider; we do not store full card numbers).

2.2 Data ñande rehe ijehegui térã automaticamente

  • Usage & device data:_pages/features used, time stamps, app version, IP address, device/browser info, referral source, session diagnostics, basic telemetry and error logs.
  • Performance & delivery data: publish results, success/failure codes returned by platforms, rate-limit signals, ha status of queued/scheduled posts.

2.3 Platform ha AI integrations

  • Connected platforms: OAuth tokens/credentials ha account identifiers for the social platforms you connect (one account per platform).
  • AI assistance: text prompts you enter and the AI-generated suggestions and rewrites returned (captions, hooks, hashtags, variations).

We do not knowingly collect special categories of data (e.g., health, religion) or data about criminal convictions.

3) Mba'épa jaikuaa data (ha legal bases)

  • Provide the Service (Contract): authenticate you; save drafts and schedules; connect to platforms you authorize; publish or queue posts on your instruction; show delivery status and basic performance.
  • AI assistance (Contract/Legitimate interests): generate ideas/rewrites from your prompts; improve suggestion quality; filter abuse/spam. You must review and approve AI outputs.
  • Account & billing (Contract/Legal obligation): manage subscriptions (weekly/monthly/quarterly/annual), process payments and taxes, send transactional emails.
  • Product improvement & safety (Legitimate interests): debug, prevent abuse, measure feature usage, and improve reliability.
  • Communications (Consent/Legitimate interests): send service announcements and tips; you can opt out of non-essential emails.
  • Legal & compliance (Legal obligation): comply with law, enforce our Terms, ha protect our rights.

4) AI features — important information

Tavo provides unlimited AI assistance for drafting and refining posts. AI outputs may be inaccurate or unsuitable for your context. You are responsible for reviewing and editing content before publishing, and for complying with platform rules and applicable law. We may use third-party AI providers under data-processing terms; prompts and outputs can be processed by those providers to deliver the feature. We do not use your content to publicly train models outside the scope of providing and improving the Service.

5) Platform connections & third-party services

5.1 Social platforms

When you connect a platform (e.g., Instagram, TikTok, YouTube, Pinterest, X/Twitter), you authorize us to act on your behalf to publish content and retrieve basic account metadata necessary for delivery and status. Platform APIs, outages, or policy changes may affect scheduling or delivery. You must comply with each platform’s terms.

5.2 Service providers (processors)

We use vendors for hosting, storage, content delivery, analytics, logging/monitoring, email, payment processing, and AI inference. These providers only process your data on our instructions and under appropriate contracts. A current list of categories is available on request.

6) Cookies and similar technologies

We use: - Essential cookies to keep you signed in and secure the Service.
- Analytics (lightweight, privacy-aware where possible) to understand feature usage.
- Preference cookies (e.g., language).

You can control cookies in your browser. Where required, we obtain consent for non-essential cookies.

7) Data sharing

We share data only with: - Service providers (see §5.2), bound by confidentiality and data-processing terms.
- Social platforms you choose to connect, as needed to publish and show status.
- Authorities when required by law or to protect rights, safety, and security.
We do not sell your Personal Data.

8) International transfers

Your data may be processed outside the UK/EU. Where we transfer data internationally, we rely on adequacy decisions, Standard Contractual Clauses (SCCs) and/or the UK IDTA, plus additional safeguards where appropriate.

9) Security

We implement technical and organizational measures appropriate to the risk, including TLS in transit, access controls, and restricted access to production systems. Access tokens for connected platforms are stored using industry-standard protections. No system is 100% secure; please protect your account with a strong, unique password.

10) Data retention

We keep data only as long as necessary for the purposes in this policy: - Account & subscription data: for your subscription and up to 24 months after closure (longer where required by law).
- Content (drafts/scheduled/published metadata): while you maintain an account and up to 24 months after closure for logs and troubleshooting.
- Telemetry & logs: typically up to 180 days.
- Backups: typically 30–35 days rolling.
- Billing records: as required by law (usually 6–7 years).

We may retain anonymized or aggregated data that does not identify you.

11) Your rights (UK/EU and similar regimes)

You may have the right to access, rectify, erase, restrict, object, and port your Personal Data, and to withdraw consent where processing is based on consent. To exercise these rights, contact us at [email protected] or [email protected]. You can also complain to a supervisory authority (UK: ICO). We will respond as required by law.

12) Children

Tavo is intended for users 18+. We do not knowingly collect data from children. If you believe a minor has provided Personal Data, contact us to delete it.

13) Do Not Track & automated decisions

Browsers’ “Do Not Track” (DNT) signals are not currently recognized by our Service. We do not engage in automated decision-making that produces legal or similarly significant effects about you.

14) Changes to this policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you (e.g., by email or in-app). The “Effective date” above shows when this version took effect.

15) Contact

Questions or requests about this Privacy Policy: - Email: [email protected] or [email protected]
- Post: LUX GLOBAL LTD (trading as Tavo), 27 Old Gloucester St, Holborn, London, WC1N 3AX, United Kingdom

Last updated: 21 August 2025