Privacy Policy
Last updated: January 2025
1. Introduction
Welcome to Lookmup ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform for connecting with service providers, scheduling appointments, and participating in video calls.
By using our service, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our service.
1.1 Data Controller
For the purposes of the General Data Protection Regulation (GDPR) and other applicable data protection laws, the data controller responsible for your personal information is:
Lookmup Platform
Email: support@lookmup.com
Data Protection Officer: support@lookmup.com
2. Information We Collect
2.1 Personal Information
We collect the following personal information:
- Account Information: Email address, password, name, age, language preference, country, city, timezone, and profile image
- Profile Information: Bio, product/service descriptions, pricing information, availability schedules, and professional credentials
- Contact Information: Email address and any additional contact details you provide
- Demographic Information: Age, language, country, and city for service matching and localization
- Referral Information: Referral codes, referral relationships, and referral earnings data
2.2 Financial Information
For payment processing, we collect:
- Payment Data: Payment method information, transaction history, and billing details through our secure payment processor (Stripe)
- Financial Transactions: Appointment payments, subscription fees, balance deposits, and referral earnings
- Stripe Connect Data: For service providers, we collect Stripe Connect account information for payment processing
2.3 Communication Data
We collect information related to your communications:
- Video Call Data: Video and audio streams during appointments (processed through Agora but not stored)
- Appointment Information: Scheduled times, duration, status, and communication between users
- Support Communications: Messages sent through our support system
- Reviews and Ratings: Feedback and ratings you provide for services
2.4 Technical Information
We automatically collect certain technical information:
- Device Information: Browser type, operating system, device identifiers, and IP address
- Usage Data: Pages visited, features used, time spent on the platform, and user interactions
- Cookies and Tracking: Session cookies, authentication tokens, and analytics data
- Network Information: Connection type and quality for video calls
3. How We Use Your Information
3.1 Service Provision
- Create and manage your user account and profile
- Facilitate connections between service providers and clients
- Process appointments, payments, and subscriptions
- Enable video calls and communication features
- Provide customer support and resolve issues
3.2 Platform Features
- Display user profiles in our directory for service discovery
- Match users based on location, language, and service preferences
- Process referral relationships and calculate earnings
- Manage trial subscriptions and paid plans
- Generate and track referral codes and earnings
3.3 Communication
- Send appointment confirmations and reminders
- Notify users about payment status and subscription changes
- Provide customer support and respond to inquiries
- Send promotional offers and platform updates (with consent)
3.4 Analytics and Improvement
- Analyze platform usage and user behavior
- Improve our services and user experience
- Detect and prevent fraud and abuse
- Conduct research and development
4. Legal Basis for Processing Your Data
Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:
4.1 Contract Performance
We process your data to fulfill our contractual obligations when you:
- Create an account and use our platform services
- Book appointments with service providers
- Make payments for services or subscriptions
- Participate in video calls and communications
- Use our referral system and receive earnings
4.2 Legitimate Interests
We process your data based on our legitimate interests to:
- Display your profile in our user directory for service discovery
- Match you with appropriate service providers based on your preferences
- Prevent fraud and ensure platform security
- Improve our services and user experience
- Send service-related communications (appointment reminders, payment confirmations)
- Process referral relationships and calculate earnings
4.3 Consent
We process your data based on your explicit consent for:
- Marketing communications and promotional offers
- Analytics and tracking cookies (beyond essential functionality)
- Processing of special categories of data (if applicable)
- International data transfers to countries without adequacy decisions
4.4 Legal Obligations
We process your data to comply with legal obligations, including:
- Financial record keeping and tax compliance
- Fraud prevention and anti-money laundering requirements
- Response to legal requests and court orders
- Data protection and privacy law compliance
Withdrawing Consent: You can withdraw your consent at any time by updating your privacy settings or contacting us. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal.
5. Information Sharing and Disclosure
5.1 Service Providers
We share information with trusted third-party service providers:
- Stripe: For payment processing and financial transactions
- Agora: For video call infrastructure and real-time communication
- Supabase: For database hosting and authentication services
- Email Services: For sending notifications and communications
5.2 User-to-User Sharing
Your information may be shared with other users:
- Public Profiles: Your profile information is visible to other users in our directory
- Appointment Details: Appointment information is shared between service providers and clients
- Reviews and Ratings: Your reviews and ratings are publicly visible
5.3 Legal Requirements
We may disclose your information when required by law:
- To comply with legal obligations and court orders
- To protect our rights, property, and safety
- To investigate potential violations of our terms of service
- To prevent fraud and abuse
6. Data Security
We implement appropriate technical and organizational measures to protect your personal information:
- Encryption: All data is encrypted in transit and at rest using industry-standard protocols
- Access Controls: Strict access controls limit who can access your personal information
- Secure Infrastructure: Our platform is hosted on secure cloud infrastructure with regular security updates
- Payment Security: Financial data is processed through PCI DSS compliant payment processors
- Video Call Security: Video calls are encrypted end-to-end and not recorded or stored
7. Data Retention
We retain your information for as long as necessary to provide our services:
- Account Data: Retained while your account is active and for a reasonable period after deactivation
- Financial Records: Retained for legal and accounting purposes as required by law
- Communication Data: Retained for customer support and service improvement purposes
- Video Call Data: Not recorded or stored - only processed in real-time
- Analytics Data: Aggregated and anonymized data may be retained indefinitely
8. Your Rights and Choices
8.1 Access and Control
You have the right to:
- Access and review your personal information
- Update or correct inaccurate information
- Delete your account and associated data
- Opt out of marketing communications
8.2 Privacy Settings
You can control your privacy through:
- Profile visibility settings in your account
- Communication preferences and notification settings
- Cookie and tracking preferences in your browser
- Video call privacy controls during sessions
9. Cookie Consent and Control
We use cookies and similar technologies to enhance your experience on our platform. You have full control over your cookie preferences.
9.1 Types of Cookies We Use
- Essential Cookies: Required for basic platform functionality, including authentication, session management, and security features. These include:
- Supabase authentication cookies (xpto-app-auth) for user sessions
- Next.js session cookies for API route authentication
- Third-Party Service Cookies: Our third-party services may set their own cookies:
- Stripe cookies for payment processing and checkout sessions
- Agora cookies for video call session management
- Supabase cookies for authentication and database operations
9.2 Cookie Consent
Currently, our platform only uses essential cookies for authentication and session management. These cookies are necessary for the platform to function properly and cannot be disabled. We do not currently use analytics, marketing, or tracking cookies that would require explicit consent.
If we add non-essential cookies in the future, we will implement a cookie consent banner that allows you to:
- Accept all cookies (essential and optional)
- Accept only essential cookies
- Reject non-essential cookies
- Customize your cookie preferences
9.3 Managing Your Cookie Preferences
You can manage your cookie preferences at any time:
- Browser Settings: Most browsers allow you to control cookies through their settings. You can block, delete, or manage cookies for specific websites
- Platform Settings: Access your privacy settings in your account to manage cookie preferences
- Cookie Banner: Click the cookie settings link in our cookie banner to modify your preferences
- Contact Us: Email us at support@lookmup.com to update your cookie preferences
9.4 Impact of Cookie Choices
Your cookie choices may affect your experience:
- Essential Cookies: Cannot be disabled as they are necessary for platform functionality. Disabling these would prevent you from logging in or using the platform.
- Third-Party Service Cookies: Disabling cookies from Stripe, Agora, or Supabase may prevent those services from working properly.
Third-Party Cookies: Some third-party services (Stripe, Agora, Supabase) may set their own cookies. Please refer to their respective privacy policies for more information.
10. International Data Transfers
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during international transfers, including:
- Standard contractual clauses approved by relevant authorities
- Adequacy decisions for countries with equivalent data protection standards
- Other appropriate safeguards as required by applicable law
11. Children's Privacy
Our service is not intended for children under 13. Users aged 13β17 may only use the platform with parental or guardian consent. We do not knowingly collect personal data from children under 13 without such consent.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by:
- Posting the updated policy on our website
- Sending email notifications to registered users
- Displaying prominent notices on our platform
Your continued use of our service after any changes constitutes acceptance of the updated Privacy Policy.
13. Contact Us
If you have any questions about this Privacy Policy or our data practices, please contact us:
Email: support@lookmup.com
Support: Contact Support
14. Additional Information
14.1 Third-Party Services
Our platform integrates with third-party services that have their own privacy policies:
- Stripe: Stripe Privacy Policy
- Agora: Agora Privacy Policy
- Supabase: Supabase Privacy Policy
14.2 Cookie Policy
We use cookies and similar technologies to enhance your experience. For detailed information about our cookie usage, please see our Cookie Policy.
This Privacy Policy is effective as of the date listed above and applies to all users of the Lookmup platform.