Privacy Policy

Your data, protected in the EU

How we collect, use, and safeguard information across LORY.

Back

Overview

Last updated: 2026-01-17

What we collect

  • Account details (name, email, authentication identifiers).
  • Project content you create, upload, or generate within LORY (including media and metadata).
  • Usage and device information for security, performance, and troubleshooting.
  • Support interactions when you contact us.

Why we collect it

  • To provide and improve the app (core functionality, reliability, and UX).
  • To protect accounts and projects (fraud prevention and security monitoring).
  • To fulfill legal obligations and respond to lawful requests.
  • To communicate important product updates and service notices.

Legal bases (GDPR)

  • Performance of a contract when delivering core app features.
  • Legitimate interest for security, abuse prevention, and service quality.
  • Consent where required (e.g., certain cookies/analytics where applicable).

Data storage & residency

  • All data is stored inside the EU, and EU data protection laws apply to all processing.
  • Backups and disaster recovery copies remain within EU regions.

Media generation providers

  • Media generation uses vetted external providers. References or uploads you supply for generation are sent to their servers to fulfil the request.
  • Those providers may apply their own privacy and retention rules in addition to this policy; review their terms before using referenced media.

Retention

  • We keep data only as long as needed for the purposes above or as required by law.
  • You can request deletion of your account and associated data; legal holds may apply where necessary.

Sharing

  • We do not sell your data.
  • Trusted sub-processors may handle infrastructure, storage, email delivery, or analytics under strict data protection terms.
  • We may disclose information to comply with legal obligations or protect the rights, property, or safety of users and the service.

Security

  • Encryption in transit by default; access controls and auditing on sensitive systems.
  • Principle of least privilege for staff access; vendor access is limited and monitored.

Your rights

  • Access, rectify, or erase your personal data (subject to legal limits).
  • Restrict or object to processing in certain cases, and port data where technically feasible.
  • Withdraw consent where processing relies on it.
  • Lodge a complaint with your local EU supervisory authority.

Cookies & analytics

  • Essential cookies keep sessions secure and the app functional.
  • Analytics (when enabled) help improve performance and reliability; where required, we seek consent before use.

Contact