Privacy Policy

1.1 Account Information

When you create an account, we collect:

• Email address - Used for authentication and account communications
• Name - Your chosen name within the Service
• Profile information - Details such as bio, phone number, company name, and address

1.2 Subscription and Payment Information

When you subscribe to our Service:

• Subscription details - Plan type, status, billing cycle
• Payment processing - Handled entirely by Stripe. We do not store credit card numbers, CVVs, or full payment details. We only receive confirmation of successful payments and basic transaction references.

1.4 Usage and Analytics Data

We use Google Analytics 4 (via Google Tag Manager) to collect:

• Pages visited and features used
• Referring websites
• Browser type and operating system
• Approximate geographic location (country/region level)
• Interaction events (button clicks, feature usage)

1.5 Information We Do NOT Collect

We want to be clear about what we don't collect:

• Lightspeed product data - Product information is processed locally in your browser and never transmitted to our servers
• Lightspeed Personal Tokens - Stored locally in your browser only
• Label content - We do not see or store what you print
• Credit card details - Handled entirely by Stripe

We use your information for the following purposes:

• Provide the Service - Authenticate your account, manage subscriptions, and enable features
• Process payments - Work with Stripe to handle subscription billing
• Communicate with you - Send service-related emails, respond to support requests
• Improve our Service - Analyze usage patterns to enhance features and user experience
• Ensure security - Detect and prevent fraud, abuse, and security incidents
• Comply with legal obligations - Meet tax, accounting, and regulatory requirements

3.1 What Are Cookies

Cookies are small text files stored on your device that help us provide and improve our Service.

3.2 Types of Cookies We Use

3.3 Managing Cookies

You can manage your cookie preferences through our cookie consent banner when you first visit our site. You can also:

• Adjust settings in your browser to block or delete cookies
• Use browser extensions to control tracking
• Opt out of Google Analytics at tools.google.com/dlpage/gaoptout

Note: Blocking essential cookies may prevent you from using certain features of our Service.

4.1 Service Providers

We share information with trusted third parties who help us operate our Service:

• Stripe - Payment processing
• Amazon Web Services (AWS) - Cloud hosting and authentication (Cognito)
• Hostinger - Email hosting
• Google - Analytics and authentication

4.2 Advertising Partners

We may share limited data with advertising platforms to measure campaign effectiveness:

• Facebook/Meta
• LinkedIn
• Google Ads

This data is typically hashed or anonymized and used for conversion tracking and audience targeting. See Section 8 for your rights regarding this sharing.

4.3 Legal Requirements

We may disclose information if required by law, court order, or government request, or to protect our rights, safety, or property.

4.4 Business Transfers

If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

4.5 We Do Not Sell Your Personal Information

We do not sell your personal information to third parties for monetary compensation.

We implement appropriate technical and organisational measures to protect your information:

• Encryption in transit - All data transmitted to and from our servers uses TLS/HTTPS encryption
• Encryption at rest - Data stored in our databases is encrypted using AES-256
• Access controls - Strict access limitations to personal data
• Secure authentication - Industry-standard authentication via AWS Cognito (supporting email/password and Google Sign-In)
• Regular security reviews - Ongoing monitoring and security assessments

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

We retain your information for the following periods:

• Account data - Retained while your account is active, deleted within 30 days of account deletion request
• Billing records - Retained for 7 years for tax and legal compliance
• Analytics data - Retained in anonymized form indefinitely for service improvement
• Support communications - Retained for 2 years after resolution

Our servers are located in Australia (AWS ap-southeast-2 region). If you access our Service from outside Australia, your information may be transferred to, stored, and processed in Australia.

Some of our service providers (such as Stripe and Google) may process data in other countries, including the United States. These providers maintain appropriate safeguards for international data transfers.

By using our Service, you consent to the transfer of your information to Australia and other countries where our service providers operate.

8.1 Rights for All Users

Regardless of your location, you have the right to:

• Access - Request a copy of the personal information we hold about you
• Correction - Request correction of inaccurate or incomplete information
• Deletion - Request deletion of your personal information
• Withdraw consent - Withdraw consent for optional data processing (such as marketing)

8.2 Additional Rights for New Zealand Residents

Under the Privacy Act 2020, you also have the right to:

• Request information about how we collect, use, and disclose your data
• Complain to the Office of the Privacy Commissioner if you believe your privacy has been breached

Learn more: privacy.org.nz

8.3 Additional Rights for Australian Residents

Under the Privacy Act 1988 and Australian Privacy Principles, you also have the right to:

• Request access to your information held by our service providers
• Complain to the Office of the Australian Information Commissioner (OAIC)

Learn more: oaic.gov.au

8.4 Additional Rights for California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act:

• Right to Know - Request details about what personal information we collect and how it's used
• Right to Delete - Request deletion of your personal information
• Right to Opt-Out of Sharing - Opt out of having your information shared with advertising partners for targeted advertising
• Right to Non-Discrimination - We will not discriminate against you for exercising your privacy rights

Note on "Sharing": Under CCPA, sharing data with advertising platforms (like Facebook Pixel) for targeted advertising may be considered a "sale" even without monetary exchange. You can opt out of this sharing by adjusting your cookie preferences or contacting us.

8.5 How to Exercise Your Rights

To exercise any of these rights, please contact us at:

Email: support@labellight.com

We will respond to your request within 30 days. We may need to verify your identity before processing your request.

Our Service is intended for business users and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from children.

If you believe we have collected information from a child, please contact us immediately at support@labellight.com.

In the event of a data breach that is likely to result in serious harm to you, we will:

• Notify affected users as soon as practicable
• Notify the relevant privacy authorities as required by law (Privacy Commissioner in NZ, OAIC in Australia, relevant state authorities in the US)
• Take steps to contain and remediate the breach

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on this page with a new "Last updated" date
• Sending an email notification for significant changes

We encourage you to review this policy periodically.

If you have any questions about this Privacy Policy or our privacy practices, please contact us:

DK Developments
11 Darcy Place, Massey, Auckland, 0614
New Zealand
Email: support@labellight.com

For privacy-related complaints, you may also contact the relevant privacy authority in your jurisdiction:

• New Zealand: Office of the Privacy Commissioner - privacy.org.nz
• Australia: Office of the Australian Information Commissioner - oaic.gov.au
• California, USA: California Attorney General - oag.ca.gov/privacy