Privacy policy

At Lyyli, we are committed to protecting your privacy and ensuring compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. This policy explains how we collect, use, and protect your information.

1. Information we collect

We collect information that you provide directly to us, including:

• Contact information (name, email address, phone number)
• Company information and role details
• Communication preferences and team size
• Messages and content you choose to share with our AI communication assistant

2. How we use your information

We use the information we collect to:

• Provide and improve our AI communication services
• Respond to your inquiries and provide customer support
• Send you service updates and important notifications
• Analyze usage patterns to enhance our platform security and performance

3. GDPR compliance

As a service provider to professional organizations, we ensure full compliance with the General Data Protection Regulation (GDPR):

• Lawful basis: We process personal data based on legitimate interests for service provision and contract performance
• Data minimization: We collect only the minimum data necessary for our stated purposes
• Right to access: You can request access to your personal data at any time
• Right to rectification: You can request correction of inaccurate personal data
• Right to erasure: You can request deletion of your personal data
• Data portability: You can request your data in a structured, machine-readable format

4. Enterprise-grade security

We implement comprehensive security measures to protect your information:

• Encryption: All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption
• Access controls: Role-based access controls ensure only authorized personnel can access your data
• Audit trails: Complete logging of all data access and processing activities
• Regular audits: Our security practices are regularly reviewed by third-party security firms
• Data centers: We use ISO 27001 certified data centers with physical security controls

5. Data retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected:

• Account information: Retained while your account is active and for 30 days after account closure
• Communication data: Retained according to your organization's data retention policies
• Audit logs: Retained for 7 years to meet compliance requirements

6. Data transfers

When personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection through:

• Standard contractual clauses approved by the European Commission
• Adequacy decisions for countries with equivalent data protection laws
• Additional safeguards including encryption and access controls

7. Your rights

You have the following rights regarding your personal data:

• Request access to your personal data
• Request correction of inaccurate data
• Request deletion of your data
• Request restriction of processing
• Object to processing based on legitimate interests
• Data portability for data you have provided

To exercise these rights, contact us at privacy@lyyli.ai. We will respond within 30 days.

8. Contact information

For questions about this privacy policy or our data practices, contact: