Privacy Policy
Last updated [EFFECTIVE DATE]
This Privacy Policy explains how Mohmmed Aqeeb Pathan (“LovedBy”, “we”, “us”) collects, uses, and shares personal information in connection with the LovedBy service at lovedby.app(the “Service”). It should be read together with our Terms of Service.
1.Who We Are & Our Role
LovedBy is operated by Mohmmed Aqeeb Pathan. For privacy law purposes:
- We are the controller of personal data about our account holders (Owners) — for example their name and email.
- For personal data inside testimonials that Owners collect from their own customers, the Owner is the controller and we act as a processor on their behalf. If you submitted a testimonial and want to exercise your rights, please contact the Owner who collected it; we will assist them where we can.
2.Information We Collect
Account & authentication data.Because sign-in is passwordless, we collect your name, email address, profile image and basic profile information from Google when you sign in with Google, and whether your email is verified. To keep you signed in and secure we process session tokens, your session IP address and browser user-agent, OAuth tokens from Google, and short-lived email “magic link” verification tokens. We do not store passwords.
Project data. The projects you create — name, URL slug, logo, custom question, accent color, and your public wall display settings.
Testimonial data (submitted by testimonial givers). The author’s name, an optional email, optional role, optional company, an optional avatar image, an optional social-profile link, the testimonial message, a 1–5 star rating, and the submitter’s IP address (collected to help prevent spam and abuse).
Uploaded images. Logos and avatars are stored as files on a content-delivery network and are served from public URLs.
Technical & abuse-prevention data. Limited technical data needed to run the Service, including transient, automatically-expiring rate-limiting records derived from IP addresses, and diagnostic error reports (configured to exclude personal data, IP addresses, and request contents).
Payment data (future). We do not collect payments today. If we introduce paid plans, payments will be handled by a third-party payment processor and we will not store full card details.
3.Public Display of Testimonials
The Service exists to publish testimonials. Once an Owner approves a testimonial, its author name, role, company, avatar, message, and rating may be displayed publicly on the Owner’s website and on a public wall page, served through public CDN URLs, and indexed by search engines (including via structured data). Please do not submit information in a testimonial that you do not want to be public.
4.How We Use Information
We use personal information to:
- Provide, operate, secure, and maintain the Service (legal basis: performance of a contract / our legitimate interests);
- Authenticate sign-in and keep accounts secure (contract / legitimate interests);
- Send service and transactional emails such as magic-link sign-in messages (contract);
- Display approved testimonials as directed by the Owner (processing on the Owner's behalf);
- Prevent spam, fraud, and abuse, and enforce limits and our Terms (legitimate interests);
- Diagnose errors and improve reliability (legitimate interests);
- Comply with legal obligations.
Where the law requires consent (for example certain testimonial collection), the relevant Owner is responsible for obtaining it.
7.International Data Transfers
Our providers may process data in the United States and other countries whose data-protection laws may differ from yours. Where required, we rely on appropriate safeguards (such as standard contractual clauses) for international transfers.
8.Data Retention
We keep personal information while your account or the relevant content is active and as needed to provide the Service. When you delete a testimonial, project, or your account, we delete or anonymize the associated personal data within a reasonable period, except where we must retain it to comply with law, resolve disputes, or enforce our agreements. Transient data such as rate-limiting records expires automatically.
9.Security
We use reasonable technical and organizational measures to protect personal information, including encryption in transit and access controls. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
10.Your Rights
Depending on where you live, you may have rights to access, correct, delete, export, or restrict the use of your personal information, to object to certain processing, and to withdraw consent. Under the GDPR and similar laws you may also lodge a complaint with your local supervisory authority.
For California residents (CCPA/CPRA): we do not sell or share your personal information for cross-context behavioral advertising, and we will not discriminate against you for exercising your rights.
To exercise your rights, contact privacy@lovedby.app. We may need to verify your identity before responding.
11.If You Submitted a Testimonial
When you submit a testimonial, you do so for the Owner who invited you, and that Owner decides how it is used and displayed. For requests about a testimonial you submitted (including removal), please contact the relevant Owner. If you cannot reach them, contact us at privacy@lovedby.app and we will help facilitate your request.
12.Children
The Service is not intended for children, and we do not knowingly collect personal information from anyone under 18. If you believe a child has provided us personal information, contact us and we will delete it.
13.Changes to This Policy
We may update this Privacy Policy from time to time. We will update the “Last updated” date and, for material changes, provide additional notice where appropriate.
14.Contact Us
For privacy questions or requests, contact privacy@lovedby.app, or write to Mohmmed Aqeeb Pathan, support@lovedby.app.