.svg)
Lid Vizion Platform Privacy Policy
Effective Date: January 01, 2025
1. Introduction
1.1 Purpose and Scope
This Privacy Policy describes how Lid Vizion ("the Company") collects, uses, stores, shares, and protects information. This policy applies to all information collected through the Company's websites, mobile applications, application programming interfaces (APIs), and any other products or services provided (collectively, the "Services"). By accessing or using the Services, Users and Customers consent to the data practices described in this Privacy Policy. This document is intended to provide clear, transparent information about these practices to help users make informed decisions.
1.2 Who We Are
Lid Vizion is a service provided by Lid Vizion, LLC, with its registered address at 11767 South Dixie Hwy, Suite 426, Pinecrest, FL, 33156. This entity is responsible for the processing of personal information as described in this policy.
1.3 Key Definitions
1.4 Our Role as a Data Controller and Data Processor
A fundamental aspect of the Lid Vizion platform is its dual role in data protection, a distinction critical for defining legal responsibilities under regulations like the General Data Protection Regulation (GDPR).
Lid Vizion as a Data Controller: The Company acts as a Data Controller for the Personal Data of its direct Customers. This includes information collected during account registration, for billing purposes, and through direct interactions with the Company's websites and support channels. Lid Vizion determines the purposes and means of processing this specific set of data.
Lid Vizion as a Data Processor: For all User-Generated Content (UGC) and any data that Customers and their End-Users upload to, process through, or store within the Services, the Company acts as a Data Processor. In this capacity, the Customer is the Data Controller. The Customer retains full control over their data and is responsible for ensuring that the processing of that data complies with all applicable laws, including obtaining necessary consents from End-Users. Lid Vizion processes this data only on the documented instructions of the Customer, as outlined in the Terms of Service and any applicable Data Processing Addendum (DPA). This structure places the primary legal responsibility for the lawfulness of End-User data on the Customer, which is a standard and necessary framework for a Backend-as-a-Service (BaaS) provider.
2. The Information We Collect and Its Sources
To provide and improve the Services, Lid Vizion collects information from various sources in a transparent manner. The collection methods are detailed below, reflecting a commitment to specificity as required by modern data privacy regulations.
2.1 Information Provided Directly by Users and Customers
Account and Profile Information: When a Customer registers for an account, Lid Vizion collects Personal Data such as full name, email address, phone number, a secure password, company name, and job title. This information is essential for creating, securing, and managing the Customer account.
Payment and Transactional Information: To process payments for paid plans, the Company collects billing information, which may include a billing address and payment card details. To ensure maximum security, sensitive payment card information is transmitted directly to a secure, third-party payment processor. Lid Vizion does not store full payment card numbers but may retain partial, non-sensitive information like transaction history and the last four digits of a card for verification and billing management.
User-Generated Content (UGC): The platform is designed to host and process data uploaded by Customers. This UGC is defined broadly and includes, but is not limited to, source code, files, documents, images, database schemas, application data, API keys, and environment variables. The Customer is the controller of this data, and Lid Vizion processes it solely to provide the Services.
Communications: When a User or Customer contacts Lid Vizion for technical support, provides feedback, participates in a survey, or communicates with the Company in any other way, a record of that communication is collected. This includes the content of the messages and any associated metadata, which is used to resolve issues and improve the Services.
2.2 Information Collected Automatically
Usage and Log Data: As a User or Customer interacts with the Services, the Company's servers automatically record information. This log data includes Internet Protocol (IP) addresses, browser type and settings, operating system, referring and exit URLs, pages viewed, access dates and times, and system activity logs. This data is critical for monitoring the health of the Services, ensuring security, preventing abuse, and analyzing usage patterns to improve the platform.
Device Information: Information about the device used to access the Services is collected, such as the device model, unique device identifiers, and language settings. This helps in optimizing the user experience for different devices and for troubleshooting purposes.
Location Information: The Company derives general geographic location information (e.g., city and country) from IP addresses. This information is used for analytics, service customization (such as displaying content in a local language), and security purposes (such as identifying suspicious login attempts). Precise geolocation data is not collected without explicit consent.
Cookies and Similar Tracking Technologies: Lid Vizion uses cookies, web beacons, and other tracking technologies to collect usage data, remember user preferences, and support marketing initiatives. These technologies help in understanding how users interact with the Services and in personalizing their experience. For more detailed information, Users are directed to review the separate Cookie Policy.
2.3 Information Received from Third-Party Sources
Authentication Services: If a Customer chooses to register or log in using a third-party service (e.g., Google, GitHub, or another Single Sign-On provider), Lid Vizion receives information from that service as permitted by the Customer's privacy settings on that platform. This typically includes name, email address, and profile picture, which is used to streamline the account creation process.
Payment Processors: The Company's payment partners may provide information such as transaction confirmations and fraud detection alerts to help manage billing and prevent fraudulent activity.
Analytics and Marketing Partners: Lid Vizion may receive aggregated or de-identified demographic and usage data from third-party partners. This information helps the Company understand its user base, measure the effectiveness of marketing campaigns, and improve its outreach efforts.
3. How We Use Your Information
The information collected is used for specific, legitimate business purposes, adhering to the principle of "purpose limitation" which is a core tenet of modern data protection law. Each use is directly related to providing and improving the Lid Vizion platform.
3.1 To Provide, Maintain, and Improve Our Services: Account information is used to authenticate users and grant access to the platform. Payment information is used to process transactions for subscribed services. UGC is stored, processed, and delivered as directed by the Customer to power their applications. Usage and log data are analyzed to troubleshoot technical issues, monitor performance, and inform the development of new features and improvements.
3.2 For Security, Fraud Prevention, and Compliance: Log data, IP addresses, and account information are actively used to monitor for and protect against malicious, fraudulent, or illegal activity. This data is essential for enforcing the Company's Terms of Service and protecting the security and integrity of the platform and its users. This security function is a primary justification for the extensive logging and monitoring conducted by the platform.
3.3 To Communicate with You: Contact information is used to send essential transactional and service-related communications. These include billing reminders, security alerts, account notifications, and important updates about the Services. This information is also used to respond to support requests and inquiries.
3.4 For Marketing and Promotional Purposes: With appropriate consent or where permitted by law, contact information and data about service usage may be used to send marketing communications about new products, features, events, or other information that may be of interest. All marketing communications include a clear and easy-to-use mechanism to opt-out of future messages.
3.5 To Fulfill Legal and Contractual Obligations: Personal Data is processed as necessary to comply with applicable laws, regulations, legal processes, or governmental requests. This includes retaining financial records for tax purposes or responding to a court order or subpoena. Data is also processed to fulfill the Company's contractual obligations to its Customers as outlined in the Terms of Service and any applicable Data Processing Addendum.
4. Our Legal Bases for Processing Information (For EEA, UK, and Swiss Users)
For individuals in the European Economic Area (EEA), the United Kingdom (UK), and Switzerland, Lid Vizion processes Personal Data only when there is a valid legal basis under applicable data protection laws, including the GDPR. The specific legal basis depends on the context of the processing activity.
4.1 Performance of a Contract: Much of the data processing is necessary for the performance of the contract established between the Customer and Lid Vizion through the Terms of Service. This includes processing account information to provide access to the Services and processing UGC as directed by the Customer.
4.2 Legitimate Interests: Certain data is processed based on the Company's legitimate interests, provided these interests are not overridden by the data protection rights of the individual. These interests include improving and optimizing the Services, monitoring for security threats, preventing fraud, and conducting marketing activities for existing customers.
4.3 Consent: For specific processing activities, Lid Vizion relies on the explicit consent of the individual. This typically applies to sending marketing communications to prospective users or placing non-essential cookies on a device. Consent can be withdrawn at any time without affecting the lawfulness of processing based on consent before its withdrawal.
4.4 Compliance with a Legal Obligation: The Company may be required to process Personal Data to comply with a legal or regulatory obligation, such as retaining records for tax authorities or responding to a lawful request from law enforcement.
To enhance transparency, the following table summarizes the main processing activities and their corresponding legal bases under the GDPR.
Table 1: Summary of Data Processing Activities and Legal Bases
Category of Personal Data
Purpose of Processing
Legal Basis (under GDPR)
Account & Profile Information
Service provision, user authentication, communication
Performance of a Contract
Payment & Transactional Data
Billing and financial record-keeping
Performance of a Contract; Legal Obligation
User-Generated Content
Storing and delivering application data as directed by the Customer
Performance of a Contract (with the Customer)
Usage & Log Data
Service improvement, security monitoring, analytics
Legitimate Interests
Marketing & Communications Data
Communicating offers and platform updates
Consent (for new prospects) / Legitimate Interests (for existing customers)
5. How We Share and Disclose Information
Lid Vizion does not sell Personal Data. Information is shared only in the limited circumstances described below, with a commitment to safeguarding user privacy.
5.1 With Third-Party Service Providers and Vendors: The Company engages trusted third-party service providers to perform functions and provide services. These include cloud hosting providers (e.g., AWS, Google Cloud), payment processors, analytics services, customer support tools, and email delivery services. These providers are contractually bound to protect the data they process on the Company's behalf and are prohibited from using it for any other purpose. The selection of these vendors is a critical compliance decision, as their security and data protection practices directly impact the overall security of the Lid Vizion platform.
5.2 During Business Transfers: In the event of a merger, acquisition, bankruptcy, reorganization, or sale of all or a portion of the Company's assets, user information may be transferred to the successor entity. The acquiring entity will be bound by the commitments made in this Privacy Policy.
5.3 To Comply with Legal Obligations and Protect Rights: Information may be disclosed if there is a good faith belief that it is reasonably necessary to: (a) comply with a law, regulation, legal process, or governmental request; (b) enforce the Terms of Service and other agreements, including investigation of potential violations; (c) detect, prevent, or otherwise address fraud, security, or technical issues; or (d) protect the rights, property, or safety of Lid Vizion, its users, or the public.
5.4 With Consent: Information may be shared with other third parties when explicit consent is given to do so.
6. Data Security
Protecting user data is a top priority for Lid Vizion. The platform is built with enterprise-grade security measures to safeguard information against unauthorized access, use, alteration, or destruction. These security measures are not just a legal requirement but a core feature of the service, designed to earn the trust of developers and businesses handling sensitive application data.
6.1 Our Commitment to Data Protection
Lid Vizion is committed to implementing and maintaining robust technical, administrative, and physical security controls to protect the confidentiality, integrity, and availability of all data processed by the Services.
6.2 Technical and Organizational Security Measures
Encryption: All data is encrypted in transit using industry-standard Transport Layer Security (TLS/SSL). Data is also encrypted at rest using strong cryptographic standards such as AES-256.
Access Controls: The Company implements strict access control policies, including role-based access control (RBAC) and the principle of least privilege. This ensures that internal personnel can only access data that is strictly necessary to perform their job functions.
Compliance and Certifications: The platform's infrastructure is compliant with leading industry standards, such as SOC 2 Type 2. For customers in the healthcare industry, Lid Vizion is able to execute a Business Associate Agreement (BAA) to support their HIPAA compliance needs.
Regular Testing: The Company conducts regular security assessments, including third-party penetration testing and vulnerability scanning, to identify and remediate potential security weaknesses.
Incident Response: A comprehensive incident response plan is in place to ensure that any security incidents are detected, contained, investigated, and remediated in a timely manner.
6.3 User Responsibility for Account Security
While Lid Vizion implements extensive security measures, users also play a critical role in protecting their own accounts. Users are responsible for maintaining the confidentiality of their passwords, API keys, and other access credentials. Any unauthorized use of an account or other security breach must be reported to the Company immediately. This shared responsibility model is essential for a secure cloud environment.
7. Data Retention
Lid Vizion retains Personal Data only for as long as necessary to fulfill the purposes for which it was collected, in accordance with the principle of data minimization.
7.1 Our Principles for Retaining Personal Information
Data is retained to provide the Services, comply with legal and contractual obligations, resolve disputes, and enforce agreements. The retention period for specific data is determined based on its nature and the purpose of its collection.
7.2 Criteria for Determining Retention Periods
Active Accounts: Account information and User-Generated Content are retained for as long as the Customer's account remains active.
After Account Deletion: Following the termination or deletion of a Customer's account, some data may be retained for a limited period for legitimate business purposes. For example, financial and transactional records are kept to comply with legal and tax requirements. Similar to practices at other platforms, a workspace may be placed in a suspended state for a grace period to allow for re-subscription before being scheduled for permanent deletion. After this period, the data is either permanently deleted or fully anonymized.
Backup Archives: Data may remain in the Company's secure backup archives for a limited period after deletion from production systems. This data is isolated and is not used for any operational purpose before being overwritten or deleted in accordance with the backup rotation schedule.
8. Your Data Protection Rights and Choices
Lid Vizion recognizes and respects the data protection rights of its users. The platform provides tools and processes to exercise these rights, which may vary depending on the user's location. The existence of these rights directly informs the technical development of the platform, requiring features that support data access, export, and deletion.
8.1 Your Rights and Choices
Access, Correction, and Deletion: Users have the right to request access to their Personal Data, to correct any inaccuracies, and to request the deletion of their data, subject to certain legal limitations.
Data Portability: Users have the right to receive a copy of their Personal Data in a structured, commonly used, and machine-readable format.
Opting Out of Marketing Communications: All marketing emails contain an "unsubscribe" link, allowing users to easily opt-out of future promotional communications.
Managing Cookies: Users can manage their cookie preferences through their browser settings or via the cookie consent tool provided on the Company's websites.
8.2 Specific Provisions for Different Jurisdictions
For Residents of the EEA, UK, and Switzerland (GDPR): In addition to the rights above, these residents have the right to request the restriction of processing of their Personal Data and the right to object to processing that is based on legitimate interests.
For Residents of California (CCPA/CPRA): California residents have specific rights, including the Right to Know what personal information is collected, used, and shared; the Right to Delete personal information; the Right to Correct inaccurate information; the Right to Opt-Out of the Sale or Sharing of Personal Information; and the Right to Limit the Use of Sensitive Personal Information. A link titled "Do Not Sell or Share My Personal Information" will be available on the website's homepage.
8.3 How to Exercise Your Rights
To exercise any of these rights, users may submit a request through a dedicated web form or by contacting the privacy team at privacy@lidvizion.com. The Company will respond to all requests in accordance with applicable data protection laws.
9. International Data Transfers
Lid Vizion operates globally, which means that Personal Data may be transferred to, and processed in, countries other than the user's country of residence.
9.1 Data Storage and Processing Locations
The Services are primarily hosted and operated in the United States. By using the Services, users acknowledge and consent to their Personal Data being transferred to and processed in the United States and other locations where the Company or its third-party service providers operate.
9.2 Safeguards for Cross-Border Transfers
For transfers of Personal Data from the EEA, UK, and Switzerland to countries not deemed to provide an adequate level of data protection, Lid Vizion employs legally recognized transfer mechanisms to ensure the data is protected. These include:
EU-U.S. Data Privacy Framework: The Company is certified under and adheres to the principles of the EU-U.S. Data Privacy Framework (DPF), the UK Extension to the DPF, and the Swiss-U.S. DPF. This framework provides a lawful basis for transferring personal data to the United States.
Standard Contractual Clauses (SCCs): In addition to or as an alternative to the DPF, Lid Vizion may use Standard Contractual Clauses approved by the European Commission and other relevant authorities. These clauses are incorporated into the Company's Data Processing Addendum and impose strong data protection obligations on the parties involved in the transfer.
This multi-layered approach provides legal resilience in the evolving landscape of international data transfer regulations.
10. User-Generated Content (UGC) Policy
The management of User-Generated Content has significant privacy and security implications. This policy clarifies the roles and responsibilities related to UGC.
10.1 Customer Responsibility
As stated in Section 1.4, the Customer is the Data Controller for all UGC they or their End-Users upload to the Services. The Customer is solely responsible for the legality, accuracy, and appropriateness of this content, including ensuring that they have obtained all necessary rights and consents from End-Users for its collection and processing.
10.2 Our Rights and Moderation
While Lid Vizion does not routinely screen UGC, the Company reserves the right to investigate and remove any content that violates its Acceptable Use Policy, the Terms of Service, or applicable law. This right is essential not only to maintain the integrity of the platform but also to ensure the Company's own compliance with the terms of its upstream infrastructure providers, such as cloud hosts and app stores. Failure to manage objectionable content could risk the de-platforming of the entire Lid Vizion service. For any publicly accessible content features, the platform will provide an in-app system for reporting abuse.
10.3 License Grant
By uploading UGC, the Customer grants Lid Vizion a limited, worldwide, non-exclusive license to host, copy, transmit, and display the content as necessary for the Company to provide and operate the Services. This license does not grant Lid Vizion ownership of the UGC.
11. Children's Privacy
11.1 Age Limitation
The Services are not intended for or directed at individuals under the age of 16. Use of the Services by anyone under 16 is prohibited.
11.2 No Knowing Collection
Lid Vizion does not knowingly collect Personal Data from children under the age of 16. If the Company becomes aware that it has inadvertently collected such information, it will take immediate steps to delete it from its systems.
12. Changes to This Privacy Policy
12.1 Process for Updates
Lid Vizion may update this Privacy Policy from time to time to reflect changes in its practices, technology, legal requirements, or other factors. The updated policy will be posted on the Company's website, and the "Last Updated" date at the top of the policy will be revised.
12.2 Notification of Material Changes
For any significant or material changes to this Privacy Policy, the Company will provide more prominent notice to its Customers, such as by sending an email notification or displaying a notice within the Services dashboard.
13. Contact Us
13.1 How to Reach Us
For any questions, concerns, or comments about this Privacy Policy or the Company's data practices, please contact the Lid Vizion privacy team via email at: privacy@lidvizion.com.
13.2 Data Protection Officer
If required by applicable law, Lid Vizion has appointed a Data Protection Officer (DPO) who can be reached at the contact information provided above.