Privacy Notice

Last updated: May 2026

1. Who we are

LockIn is operated by Zigmas Reisas (the "Seller", "we", "us"). We act as the data controller for personal data we collect through the LockIn website and application. You can contact us at support@lockin.app.

2. Personal data we collect

• Account data: email address, authentication credentials.
• Profile data: display name, referral code (if any).
• Product data: device names, chosen lock durations, setup progress and confirmations.
• Usage and device data: IP address, browser type, log data, and basic telemetry used for security and product improvement.
• Support data: messages you send to us.
• Payment-related data: handled by our payment processor (see Section 5). We receive limited information such as transaction status and subscription state.

3. Purposes and legal bases

• Providing the service (contract performance): account creation, lock setups, subscription access.
• Security and fraud prevention (legitimate interests): protecting accounts and the service.
• Customer support (contract / legitimate interests): responding to your requests.
• Product improvement (legitimate interests): aggregated usage analysis.
• Legal compliance (legal obligation): tax, accounting, and regulatory requirements.

4. Cookies

We use essential cookies and local storage to keep you signed in and to remember setup progress. We may use limited analytics cookies to understand product usage. You can control cookies through your browser settings.

5. Who we share data with

• Paddle.com Market Limited ("Paddle") — our Merchant of Record. Paddle handles all payments, subscription management, billing, tax compliance, invoicing, refunds, and related customer service inquiries. See Paddle's privacy policy at paddle.com/legal/privacy.
• Hosting and infrastructure providers that store data and run the service on our behalf.
• Authentication and database services used to operate the product.
• Professional advisers (legal, accounting) where required.
• Authorities where required by law.

6. International transfers

Some of our service providers may process data outside your country. Where required, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

7. Data retention

We keep account and product data for as long as your account is active. If you delete your account, we delete or anonymise personal data within 90 days, except where we must retain it for legal, tax, or accounting obligations (typically up to 7 years for billing records held by Paddle).

8. Your rights

Subject to applicable law, you have the right to access, correct, delete, restrict, or port your personal data, to object to certain processing, and to withdraw consent. EU/UK users may also lodge a complaint with their local supervisory authority. To exercise these rights, email support@lockin.app. We aim to respond within 30 days.

9. Security

We use appropriate technical and organisational measures including encryption in transit, access controls, and least-privilege database policies. No system is perfectly secure, but we work to protect your data against unauthorised access, loss, or misuse.

10. Changes to this notice

We may update this Privacy Notice from time to time. Material changes will be communicated through the service or by email.

11. Contact

Zigmas Reisas — support@lockin.app.