Iniciar sesiónRegistrarse
Legal

Política de Privacidad

Cómo lovd recopila, usa y protege tus datos personales.
Este documento contiene texto legal vinculante que se mantiene en inglés para garantizar la precisión legal. A continuación se proporciona un resumen en español.

Resumen en Español

Introducción

lovd se compromete a proteger tu privacidad. Esta Política de Privacidad explica qué información recopilamos, cómo la usamos y tus derechos bajo el RGPD.

Información que Recopilamos

Información que Proporcionas:

  • Información de cuenta (nombre, correo electrónico, contraseña, foto de perfil)
  • Información de pago (procesada por Polar.sh)
  • Contenido (fotos, colecciones, comentarios)

Información Recopilada Automáticamente:

  • Datos de uso (páginas visitadas, funciones usadas)
  • Información del dispositivo (dirección IP, navegador, sistema operativo)
  • Cookies

Cómo Usamos Tu Información

  • Para proporcionar nuestros servicios
  • Para comunicarnos contigo
  • Para garantizar la seguridad de la plataforma
  • Para mejorar nuestros servicios

Compartir Información

No vendemos tus datos personales. Compartimos información solo con proveedores de servicios de confianza (Supabase, PostHog, Polar.sh, Cloudflare, Vercel, Resend).

Tus Derechos bajo el RGPD

  • Derecho de acceso
  • Derecho de rectificación
  • Derecho de supresión
  • Derecho a la portabilidad de datos
  • Derecho de oposición

Retencion de Datos

  • Informacion de cuenta: Hasta la eliminacion de la cuenta + 30 dias
  • Fotos y contenido: Hasta la eliminacion por ti + 30 dias
  • Registros de pago: 7 anos (requisito legal)
  • After cancellation: 90 days read-only access, then content securely stored until you resubscribe

Contacto

Para consultas de privacidad: privacy@lovd.app

Full Legal Text (English)

Last updated: 17 March 2026

1. Introduction

lovd ("we," "our," or "us") is committed to protecting your privacy and ensuring you understand how we handle your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR) and other applicable laws.

Data Controller: Lovd.app (KVK: 99510774) Amsterdam, Netherlands BTW-id: NL005390427B04 Email: privacy@lovd.app

2. Information We Collect

Information You Provide

Account Information:

  • Name
  • Email address
  • Password (stored securely hashed)
  • Profile picture (optional)

Payment Information:

  • Billing name and address
  • Payment details are processed by Polar.sh (our payment processor) and not stored by us

Content:

  • Photos and images you upload
  • Collection names and descriptions
  • Comments and interactions

Communications:

  • Support requests
  • Feedback you provide

Information Collected Automatically

Usage Data:

  • Pages visited and features used
  • Time spent on the platform
  • Actions taken (uploads, shares, etc.)

Device Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device type

Cookies and Similar Technologies:

  • Authentication cookies (essential)
  • Preference cookies (functional)
  • Analytics cookies (with consent)

See Section 8 for our full Cookie Policy.

Information from Third Parties

Authentication Providers: If you sign in via Google or other providers, we receive basic profile information you've authorized them to share.

3. How We Use Your Information

Legal Bases for Processing

Under GDPR, we process your data based on these legal grounds:

PurposeLegal Basis
Provide our servicesContract performance
Process paymentsContract performance
Send service communicationsContract performance
Ensure platform securityLegitimate interest
Prevent fraud and abuseLegitimate interest
Comply with legal obligationsLegal obligation
Improve our servicesLegitimate interest
Send marketing (with consent)Consent

Specific Uses

To Provide Our Services:

  • Store and display your photos
  • Enable sharing and collaboration
  • Process your subscription

To Communicate With You:

  • Service updates and changes
  • Security alerts
  • Support responses
  • Marketing (only with your consent)

To Ensure Safety and Security:

  • Detect and prevent fraud
  • Scan for prohibited content (including CSAM)
  • Enforce our Terms of Service
  • Protect our users and platform

To Improve Our Services:

  • Analyze usage patterns
  • Fix bugs and issues
  • Develop new features

4. How We Share Your Information

We do not sell your personal data. We share information only as described below:

Service Providers

We use trusted third parties to help operate our services:

ProviderPurposeLocationData Shared
SupabaseDatabase and storageEU (Frankfurt)Account data, photos
PostHogProduct analyticsEU availableUsage data, device info
Polar.shPayment processingEUBilling info, email
CloudflareCDN and securityGlobal (EU processing)IP address, content
VercelHostingEU availableUsage data
ResendEmail deliveryUS (EU transfers)Email address, name

All providers are bound by data processing agreements ensuring GDPR compliance.

Legal Requirements

We may disclose information when required by law, including:

  • Court orders or legal process
  • Government requests
  • To protect rights, safety, or property
  • To report illegal content to authorities

CSAM Reporting

We are legally required to report child sexual abuse material (CSAM) to relevant authorities, including the National Center for Missing & Exploited Children (NCMEC). This may include account information and content.

With Your Consent

We may share information with third parties when you explicitly consent, such as sharing photos with other users you invite.

5. International Data Transfers

Your data may be transferred outside the European Economic Area (EEA). When this happens, we ensure appropriate safeguards:

  • EU-US Data Privacy Framework: For US providers certified under the framework
  • Standard Contractual Clauses: EU-approved contract terms
  • Adequacy Decisions: Transfers to countries deemed adequate by the EU Commission

You can request information about specific safeguards by contacting us.

6. Data Retention

We retain your data only as long as necessary:

Data TypeRetention Period
Account informationUntil account deletion + 30 days
Photos and contentUntil deleted by you + 30 days (active); securely stored after 90-day read-only period expires (see Terms of Service)
Payment records7 years (legal requirement)
Support communications3 years
Server logs90 days
Analytics data26 months

After subscription cancellation:

  • Content remains accessible for 90 days (read-only)
  • After 90 days, content is securely stored but not accessible until you resubscribe
  • Stored content is preserved and restored if you resubscribe
  • Photos are never automatically deleted due to cancellation

After account deletion:

  • Content is deleted within 30 days
  • Backups are purged within 90 days
  • Some data may be retained longer if required by law

7. Your Rights Under GDPR

As an EU resident, you have the following rights:

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can correct inaccurate or incomplete personal data.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data. We will comply unless we have a legal obligation to retain it.

Right to Restrict Processing

You can ask us to limit how we use your data in certain circumstances.

Right to Data Portability

You can request your data in a structured, machine-readable format.

Right to Object

You can object to processing based on legitimate interests, including profiling and direct marketing.

Right to Withdraw Consent

Where processing is based on consent, you can withdraw it at any time.

Right to Lodge a Complaint

You can complain to your local data protection authority. In the Netherlands, this is the Autoriteit Persoonsgegevens (https://autoriteitpersoonsgegevens.nl).

How to Exercise Your Rights

Contact us at privacy@lovd.app with your request. We will respond within 30 days. We may ask for verification of your identity.

You can also manage some data directly:

  • Download your data: Account Settings > Data Export
  • Delete your account: Account Settings > Delete Account
  • Update your information: Account Settings > Profile

8. Cookie Policy

What Are Cookies?

Cookies are small files stored on your device that help websites function and provide information to site owners.

Cookies We Use

Essential Cookies (Always Active) Required for the website to function. Cannot be disabled.

  • Authentication: Keep you logged in
  • Security: Protect against attacks
  • Preferences: Remember your settings

Analytics Cookies (Optional) Help us understand how you use lovd.

  • Usage patterns
  • Feature popularity
  • Error tracking

Third-Party Cookies Some services we use may set their own cookies:

  • Cloudflare (security)
  • Analytics services (if enabled)

Managing Cookies

You can control cookies through:

  • Browser settings
  • Our cookie consent banner
  • Account privacy settings

Note: Disabling essential cookies may prevent you from using our services.

9. Children's Privacy

lovd is not intended for users under 18 years of age. We do not knowingly collect personal data from children under 18.

If we discover we have collected data from someone under 18, we will:

  • Immediately delete their account and data
  • Notify their parent/guardian if contact information is available

If you believe a child under 18 is using lovd, please contact us immediately at safety@lovd.app.

10. Security

We implement appropriate technical and organizational measures to protect your data:

Technical Measures:

  • Encryption in transit (TLS/HTTPS)
  • Encryption at rest
  • Secure password hashing
  • Regular security audits
  • Access controls and monitoring

Organizational Measures:

  • Staff training on data protection
  • Limited access on a need-to-know basis
  • Incident response procedures
  • Regular policy reviews

Despite our efforts, no system is 100% secure. If you discover a security vulnerability, please report it to security@lovd.app.

11. Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes:

  • We will update the "Last updated" date
  • We will notify you by email
  • We may display a notice in the app

Your continued use after changes take effect constitutes acceptance of the updated policy.

12. Contact Us

For privacy-related inquiries:

Email: privacy@lovd.app

General Support: support@lovd.app

Postal Address: lovd B.V. Amsterdam, Netherlands

Response Time: We aim to respond within 5 business days, and will address GDPR requests within 30 days as required by law.

13. Additional Information for Specific Regions

European Economic Area (EEA)

This entire policy is designed with GDPR compliance in mind. The legal bases for processing and your rights are detailed in Sections 3 and 7.

United Kingdom

Post-Brexit, we comply with the UK GDPR. Your rights are equivalent to those under EU GDPR.

California (CCPA)

While we primarily operate in the EU, California residents have similar rights under CCPA:

  • Right to know what data we collect
  • Right to delete your data
  • Right to opt-out of data sales (we do not sell data)
  • Right to non-discrimination

Contact us at privacy@lovd.app to exercise these rights.

Eliminación de Datos

Cómo solicitar la eliminación de tus datos y qué sucede cuando lo haces.

Términos de Servicio

Términos y condiciones para usar la plataforma de compartición de fotos de lovd.

Tus recuerdos merecen un hogar de verdad. Sin anuncios. Sin recopilación de datos. Sin entrenamiento de IA con tus fotos.

Gratis para siempre, sin tarjeta de crédito
Colecciones, notas y eventos ilimitados
Invita a quien quieras a ver o añadir recuerdos
Empieza a coleccionar. Es gratis