Privacy Policy

1. Introduction

Laminir ("we," "our," or "us") provides retail intelligence and predictive analytics software. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you use our platform at laminir.com (the "Service").

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, do not use the Service.

2. Information We Collect

2.1 Information You Provide

We collect information you provide directly when you:

• Create an account (name, email address, company name, business size)
• Subscribe to a paid plan (billing information processed by Stripe)
• Upload business data (sales forecasts, actual performance data, GTM calendars)
• Use the platform (strategic anchors, decisions, assumptions)
• Contact us for support

2.2 Business Data

The Service is designed to analyze your retail operational data. This includes sales performance, margin data, marketing metrics, and strategic decisions. This data is provided by you and processed to generate intelligence reports.

2.3 Automatically Collected Information

When you access the Service, we automatically collect:

• Device information (browser type, operating system, IP address)
• Usage data (pages viewed, features used, time spent)
• Cookies and similar tracking technologies
• Log data (access times, error logs)

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process your business data and generate intelligence reports
• Process payments and prevent fraud
• Send you service updates, security alerts, and support messages
• Respond to your comments, questions, and customer service requests
• Monitor and analyze usage patterns and trends
• Comply with legal obligations

We do NOT sell your personal information or business data to third parties.

4. AI Processing and Data Usage

Laminir uses artificial intelligence to analyze your business data and generate predictive insights. Your data is processed by:

• Our proprietary algorithms running on secure infrastructure
• Third-party AI services (Anthropic Claude API) with data protection agreements

Important: Your business data is used solely to provide intelligence services to you. We do not use your data to train AI models that would benefit other customers. Each customer's data remains isolated and confidential.

5. How We Share Your Information

We may share your information only in the following circumstances:

5.1 Service Providers

We share information with third-party service providers who perform services on our behalf:

• Clerk: Authentication and user management
• Stripe: Payment processing (we do not store credit card information)
• Anthropic: AI-powered analysis with strict data protection terms
• Vercel: Hosting infrastructure
• Airtable: Data storage with encryption

5.2 Legal Requirements

We may disclose information if required by law or in response to valid requests by public authorities.

5.3 Business Transfers

If Laminir is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

6. Data Security

We implement appropriate technical and organizational measures to protect your information:

• Data encryption in transit (TLS/SSL) and at rest
• Secure authentication with industry-standard protocols
• Regular security audits and monitoring
• Access controls and employee training
• SOC 2 compliance standards

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as your account is active or as needed to provide services. Specifically:

• Account data: Retained while your account is active
• Business data: Retained for the duration of your subscription plus 30 days
• Backup data: Deleted within 90 days of account closure
• Legal/compliance data: Retained as required by law (typically 7 years for financial records)

Upon account deletion, we will delete or anonymize your personal information within 30 days, except where retention is required by law.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

8.1 Access and Portability

You can access and export your data through the platform or by contacting us.

8.2 Correction

You can update your account information at any time through your account settings.

8.3 Deletion

You can request deletion of your account and data by contacting privacy@laminir.com.

8.4 Opt-Out

You can opt out of marketing communications by following unsubscribe links in emails or adjusting your account settings.

8.5 Do Not Sell

We do not sell personal information. If you are a California resident, you have the right to opt-out of the sale of personal information, but this right does not apply as we do not engage in such sales.

9. Cookies and Tracking

We use cookies and similar technologies to:

• Keep you signed in
• Remember your preferences
• Understand how you use the Service
• Improve performance and security

You can control cookies through your browser settings. Note that disabling cookies may affect your ability to use certain features of the Service.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place through:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions for data transfers
• Service provider certifications and compliance

11. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through a prominent notice on the Service. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

14. Additional Rights by Jurisdiction

14.1 European Economic Area (EEA) Users

Under GDPR, you have additional rights including the right to lodge a complaint with a supervisory authority.

14.2 California Residents

Under CCPA, you have the right to request disclosure of information we collect and how we use it, and the right to request deletion.

14.3 Australian Users

Under the Australian Privacy Principles, you have the right to access and correct your personal information, and to complain about privacy breaches to the Office of the Australian Information Commissioner.