Privacy Policy

The data controller responsible for your personal data is LvlPulse ("we", "us", "our"). For questions or requests regarding your data, contact our Data Protection Officer at contacto@nillapp.com.

We collect the following categories of personal data:

• Account data: name, email address, hashed password, and optional profile avatar.
• Order & transaction data: purchased products, order dates, amounts, payment confirmation references (PayPal order ID), and country of purchase for VAT purposes.
• Technical data: IP address, browser type, device type, referring URL and session information — collected automatically when you use the Service.
• Communication data: messages you send us via the contact form or email.

We do not store payment card numbers. All payment processing is handled directly by PayPal under their own privacy policy.

We process your personal data on the following legal bases:

• Contract performance: to process your orders, deliver activation keys and manage your account.
• Legal obligation: to retain records as required by applicable tax and accounting laws (including EU VAT regulations).
• Legitimate interests: to detect fraud, maintain site security and improve our services.
• Consent: for optional marketing communications (you can withdraw consent at any time).

Your data is used to:

• Create and manage your account.
• Process payments and deliver digital products.
• Calculate and apply EU VAT where required.
• Send transactional emails (order confirmations, password resets).
• Respond to support enquiries.
• Detect and prevent fraudulent activity.
• Comply with legal and regulatory obligations.

We do not sell or rent your personal data. We share data only in the following limited circumstances:

• PayPal: payment processing. PayPal's privacy policy applies to data they handle.
• Amazon Web Services (AWS S3): secure storage of product images.
• Email provider (SMTP): for transactional email delivery.
• Law enforcement: when required by law or to protect our legal rights.

We retain your personal data for as long as your account is active or as needed to fulfil the purposes described in this policy. Specifically:

• Account data: retained until you delete your account, plus 30 days.
• Order and transaction data: retained for 7 years to comply with tax law.
• Technical/log data: retained for up to 90 days for security purposes.

If you are located in the European Economic Area (EEA), you have the following rights:

• Right of access: request a copy of your personal data.
• Right to rectification: correct inaccurate data.
• Right to erasure: request deletion of your data ("right to be forgotten") where there is no overriding legal basis to retain it.
• Right to restriction: request we limit processing of your data.
• Right to portability: receive your data in a structured, machine-readable format.
• Right to object: object to processing based on legitimate interests.
• Right to withdraw consent: for any processing based on consent, at any time.

To exercise any of these rights, contact us at contacto@nillapp.com. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Some of our service providers (including AWS) may process data outside the EEA. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission.

We implement industry-standard security measures including HTTPS, bcrypt password hashing, secure HTTP-only cookies and role-based access controls. Despite these measures, no transmission over the internet is 100% secure. If you believe your account has been compromised, contact us immediately.

We use cookies to authenticate your session and remember your preferences. For full details, please read our Cookie Policy.

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on the site or via email. The "Last updated" date at the top of this page indicates when the latest revision was made.