Privacy Notice

Last update: 04.12.2024

Intro

Legendary Software (“we”) takes care of your personal data and does everything possible to protect it. This Privacy Notice (“Privacy Notice”) applies to our website (“Website”) and desktop application (“App”).

The Privacy Notice is written to help you understand what your personal data is collected, stored, and used, and what happens to it when you use the Website and the App.

In the Privacy Notice, we answer the following questions:

Who are we?

We are a little group of enthusiasts, who want to change our world for the better.

We are the controller of your personal data processed through the Website and App. This means that we determine the purposes and means of personal data processing.

Name	LEGENDARY SOFTWARE LIMITED
File number	16035718
Address	2nd Floor College House, 17 King Edward's Road, Ruislip, London, United Kingdom, HA4 7AE
Email	support@ls.app – for general inquiries
Email	privacy@ls.app – for privacy inquiries

What data do we collect and why?

When you visit the Website and App, you become our user (“User”).

We divide the Users into categories so you can easily find details about the processing of your personal data. Pay attention that you can fall into several categories depending on your actions.

Type of User	Description
Customer	The User who buys subscriptions and uses the App
Chat Requester	The User who reaches us through online chat on the App

Sources of data

We receive your data when you visit the Website and App and interact with it, depending on your actions on the Website and App.

We may also (although we do not necessarily do so) receive data from third parties. It depends on your settings and the features you use.

To process your personal data, we rely on the following lawful bases:

performance of the contract – for the processing of personal data necessary for the negotiating on, conclusion, and performance of a contract (mainly, the End User License Agreement) with you;
legitimate interest – for the processing necessary for the development of our services, taking into consideration your interests, rights, and expectations;
legal obligation – for the processing as required by applicable laws (for example, to comply with tax or KYC/AML regulations) or if requested by a law enforcement agency, court, supervisory authority, or another state-authorized public body;
consent – for additional specific purposes.

Customers’ data

When you download and use the App, we collect some data automatically. Most of the technical data we collect are anonymous, but some data may be associated with your IP address and device ID. However, we do not record or track your login activities based on IP addresses.

Please note! Even if the App collects some technical data, we do not have access to it. The data is stored on your device only.

Data	Reasons for processing	Lawful basis
Email	To create an account	Performance of the contract
Session creation data (provider name, description, tag, language, geolocation, time zone, cookies, local storage, browser history, passwords, device and browser information)	Сreation of secure use of Internet networks due to the use of App
Provider’s creation (provider name, tag, proxy connection information, cookies, local storage, browser history, passwords, and fingerprint management)
Mass creation (access to files on the device, cookies, email)
Adding extensions and bookmarks (connecting new extensions, importing bookmarks from the browser)
Team creation (email, position of your team members, access settings)	To connect your team to the account
Data storage
	We store the data for 180 days after the subscription expires or until you delete your account

Chat Requesters’ Data

When you request a support chat with us in the App.

Data	Reasons for processing	Lawful basis
Messages	Provide you with customer support	Performance of the contract
Audio messages	Provide you with customer support	Performance of the contract
Attached files	Provide you with customer support	Performance of the contract
Data storage	We store the data for 30 days after the last communication

Data received from third parties

We may receive some personal data from third parties. The amount of data collected, the purposes, and the lawful basis for processing are determined by the respective privacy documents of these third parties.

Category of data	Third party	Privacy documents
Payment ID and confirmation status	NOWPayments Ltd	Privacy Policy

Do we share data with third parties?

We can share your personal data with third parties without any harm to you and in full compliance with applicable law. In addition, we have implemented organizational and technical measures to ensure the security of personal data during data transfer to third parties.

Third parties	Description
Payment services	We use payment services to process your payments and other transactions.
Data storage services	We use various cloud services that allow us to securely store data on remote servers.
State authorities, courts, law enforcement agencies, etc	We may be obliged to transfer some of your data to tax authorities, courts, law enforcement agencies, and other governmental bodies: to comply with a government request, court order, or applicable law; to prevent unlawful use of the Website / App; to protect against claims of third parties; to help prevent or investigate fraud.

Third parties

Description

Payment services

We use payment services to process your payments and other transactions.

Data storage services

We use various cloud services that allow us to securely store data on remote servers.

State authorities, courts, law enforcement agencies, etc

We may be obliged to transfer some of your data to tax authorities, courts, law enforcement agencies, and other governmental bodies:

to comply with a government request, court order, or applicable law;
to prevent unlawful use of the Website / App;
to protect against claims of third parties;
to help prevent or investigate fraud.

To get a detailed list of the third-party recipients of your personal data, contact us.

To share your data, we rely on the following lawful bases, depending on the case: compliance with the law, and performance of a contract.

Data protection

We apply a variety of security measures appropriate to the possible risks.

Organizational measures	Physical measures	Technical measures
Staff training Internal policies and instructions Non-disclosure agreements (NDA) Internal governance and IT and IT security management	Video monitoring Signaling Limited access to premises Round-the-clock security	Two-factor authentication Backups Pseudonymization Encryption of data Automatic deletion of data after the expiry of the storage period End-to-end encryption

What rights do I have regarding my data?

You, as subjects of personal data, have the right to interact with your data directly or through a request to us. This section describes these rights and how you can exercise them depending on your residency.

To exercise your rights, contact us.

United States residents

Your rights vary depending on the state of your residency, as indicated below.

Please note! Before processing certain types of requests to exercise your rights, it may be necessary to verify the identity of the requester. This verification helps ensure the security and privacy of personal data by confirming that the individual making the request is authorized to access or modify the data associated with their account.

Right	Description	Area
Right to access	You can request an explanation of the processing of your personal data.	California Colorado Connecticut Delaware Indiana Iowa Montana New Hampshire New Jersey Oregon Tennessee Texas Utah Virginia
Right to correct	You can change the data if it is inaccurate or incomplete.	California Colorado Connecticut Delaware Indiana Montana New Hampshire New Jersey Oregon Tennessee Texas Virginia
Right to delete	You can send us a request to delete your personal data from our systems.	California Colorado Connecticut Delaware Indiana Iowa Montana New Hampshire New Jersey Oregon Tennessee Texas Utah Virginia
Right to portability	You can request all the data you provided to us and request to transfer data to another controller.	California Colorado Connecticut Delaware Indiana Iowa Montana New Hampshire New Jersey Oregon Tennessee Texas Utah Virginia
Right to opt out of sales	The right to opt out of the sale of personal data to third parties.	California Colorado Connecticut Delaware Indiana Iowa Montana New Hampshire New Jersey Oregon Tennessee Texas Utah Virginia
Right to opt out of certain purposes	The right to opt out of processing for profiling/targeted advertising purposes.	Colorado Connecticut Delaware Indiana Montana New Hampshire New Jersey Oregon Tennessee Texas Utah Virginia
Right to opt out of the processing of sensitive data	The right to opt-out of processing of sensitive data.	California
Right to opt in for sensitive data processing	The right to opt in before processing sensitive data.	Colorado Connecticut Delaware Indiana Montana New Hampshire New Jersey Oregon Tennessee Texas Virginia
Right against automated decision-making	A prohibition against a business making decisions about a consumer based solely on an automated process without human input.	California Colorado Connecticut Delaware Indiana Iowa Montana New Hampshire New Jersey Oregon Tennessee Texas Virginia
Private right of action	The right to seek civil damages from a controller for violations of a statute.	California

We will answer your request within 30 to 60 days, depending on the state and legislative requirements. If your complaint is not satisfied, you can submit a complaint to the Federal Trade Commission.

Please note! Some states do not have privacy laws. The rights of residents of such states are governed by U.S. federal law. If your state is not on the list, please contact us.

Do not sell my personal information

California residents have the right under the California Consumer Privacy Act (“CCPA”) to opt out of the “sale” of their personal information by a company governed by the CCPA.

We do not sell your personal information to anyone nor use your data as a business model.

However, we support CCPA by allowing California residents to opt out of any future sale of their personal information. If you would like to record your preference that we will not sell your data in the future, please contact us.

Do-not-track requests

California residents visiting the Website / App may request that we do not automatically gather and track information about their online browsing movements across the Internet.

Such requests are typically made through web browser settings that control signals or other mechanisms that allow consumers to exercise choice regarding collecting personal data about an individual consumer’s online activities over time and across third-party websites or online services.

We currently do not have the ability to honor these requests. We may modify this Privacy Notice as our abilities change.

European Economic Area residents and United Kingdom residents

Right	Description
Right to access	You can request information on whether personal data are being processed, and, where that is the case, access to this personal data and the information required by law.
Right to rectification	You can change the data if it is inaccurate or incomplete.
Right to erasure	You can send us a request to delete your personal data from our systems. We will remove them unless otherwise provided by law.
Right to restrict the processing	You may partially or completely prohibit us from processing your personal data in cases provided by law.
Right to data portability	You can request all the data you provided to us and request to transfer data to another controller.
Right to object	You may object to the processing of your personal data that is collected on the basis of legitimate interest.
Right to withdraw consent	You can withdraw your consent at any time.
Right to file a complaint	If your request was not satisfied, you could file a complaint to the regulatory body.

We will answer your request within one month. If your request is not satisfied, you can submit a complaint to your local Data Protection Authority. You may find it here.

For UK residents: We will answer your request within one month. If your request is not satisfied, you can submit a complaint at the Information Commissioner’s Office via number 0303-123-1113 or go online at www.ico.org.uk/concerns.

Data transfer outside the UK

We may share personal data with recipients in other countries, including those outside the United Kingdom (UK), ensuring that your data is protected and processed in accordance with the UK General Data Protection Regulation (UK GDPR).

To transfer data outside the UK, we rely on:

Adequacy Regulations issued by the UK government for specific countries, or
Data Privacy Framework participation by the recipient, if applicable.

If the recipient does not participate in the Data Privacy Framework and their country is not deemed to provide an adequate level of protection for your personal data, we adopt International Data Transfer Agreements (IDTAs) or Addendums to EU Standard Contractual Clauses (SCCs), based on assessments of the data protection measures during transfer and storage.

How do we update the Privacy Notice?

This Privacy Notice is developed according to the Data Protection Act 2018, General Data Protection Regulation, other applicable privacy laws, and best privacy practices.

Existing laws and requirements for the processing of personal data are subject to change. In this case, we will publish a new version of the Privacy Notice on the Website and App.

If there are material changes to the Privacy Notice or the Website and App that affect your data privacy rights, we will notify you by displaying information on the Website and App and, if necessary, ask for your consent.