1. Introduction
LFGO Group FZCO (u.i.) ("LFGO", "we", "us", or "our"), registered in Dubai Silicon Oasis, United Arab Emirates, operates the LFGO.ai platform. This Privacy Policy explains how we collect, use, store, and protect your personal information when you use our Service. We are committed to protecting your privacy and handling your data responsibly.
2. Information We Collect
2.1 Information You Provide
- Account Information: Name, email address, and password when you create an account
- Billing Information: Payment method details processed securely through our third-party payment provider (Stripe). We do not store your full credit card details
- CRM Data: Lead information, company details, deal values, notes, contact information, and other business data you enter into the platform
- Uploaded Files: Company logos, documents, or other files you upload to the Service
- Communications: Information you provide when contacting our support team
2.2 Information Collected Automatically
- Usage Data: Pages viewed, features used, actions taken within the platform
- Device Information: Browser type, operating system, device type, and screen resolution
- Log Data: IP address, access times, referring URLs, and error logs
- Cookies: Session cookies for authentication and preference cookies for theme settings
3. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Process your subscription and payments
- Authenticate your identity and secure your account
- Send transactional emails (account confirmation, password resets, billing receipts)
- Provide customer support and respond to your requests
- Analyze usage patterns to improve the Service
- Detect and prevent fraud, abuse, or security incidents
- Comply with legal obligations
We do not use your CRM data (leads, deals, contacts) for any purpose other than providing the Service to you. We do not sell your data to third parties.
4. Data Storage & Security
Your data is stored on secure cloud infrastructure. We implement industry-standard security measures including:
- Encryption of data in transit (TLS/SSL) and at rest
- Secure authentication via Supabase Auth with support for email/password and social login
- Row-level security policies to isolate user data at the database level
- Regular security audits and monitoring
- Access controls limiting employee access to user data on a need-to-know basis
While we take reasonable measures to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
5. Third-Party Services
We use the following third-party services to operate the platform:
- Supabase: Database hosting, authentication, and backend services
- Vercel: Application hosting and deployment
- Stripe: Payment processing (subject to Stripe's Privacy Policy)
- Vercel Blob: File storage for uploaded images and documents
These providers process data on our behalf under data processing agreements and are contractually obligated to protect your information.
6. Cookies & Local Storage
We use minimal cookies and browser storage:
- Authentication Cookies: Required to keep you signed in (essential, cannot be disabled)
- Theme Preference: Stored in localStorage to remember your light/dark mode choice
- Local Cache: Leads and inbox data are cached in localStorage for performance (1-hour TTL)
We do not use third-party tracking cookies, advertising cookies, or analytics cookies that track you across websites.
7. Data Retention
- Active Accounts: We retain your data for as long as your account is active
- Cancelled Accounts: Your data will be deleted within 30 days of account termination
- Billing Records: We retain billing records for up to 7 years as required by UAE tax and accounting regulations
- Backups: Data may persist in encrypted backups for up to 90 days after deletion
8. Your Rights
Depending on your jurisdiction, you may have the following rights:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data (subject to legal retention requirements)
- Export: Request your data in a structured, machine-readable format
- Restriction: Request that we limit the processing of your data under certain circumstances
- Objection: Object to the processing of your data for specific purposes
To exercise any of these rights, please contact us at privacy@lfgo.ai. We will respond to your request within 30 days.
9. International Data Transfers
Our infrastructure is hosted on servers that may be located outside the UAE. By using the Service, you consent to the transfer of your data to these locations. We ensure that any international data transfers are governed by appropriate safeguards, including data processing agreements with our service providers.
10. Children's Privacy
The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected data from a child under 18, we will take steps to delete such information promptly.
11. Changes to This Policy
We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email or through a notice within the Service prior to the changes taking effect. Your continued use of the Service after the updated policy becomes effective constitutes your acceptance of the changes.
12. Contact
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us: