Privacy Policy of Lekktura
Effective Date: May 20, 2025
1. General Provisions
1.1. This Privacy Policy describes how Lekktura, LLC (“Company,” “we,” “us”) collects, stores, uses, and discloses personal data of users (“you,” “your”) of the Lekktura web service (“Service”).
1.2. By accessing or using the Service, you acknowledge that you have read this Privacy Policy and consent to the processing of your data in accordance with its terms.
2. Data We Collect
2.1. Registration Data: email address, securely hashed password, first and last name, unique account ID.
2.2. Teacher Data: information about your classes and subjects, plus student lists (names, grades, attendance records, behavior notes).
2.3. Technical Data: IP address, browser and device details, access and activity logs for security and troubleshooting.
2.4. Payment Data: only tokenized Stripe customer IDs when you subscribe—no full card details are stored.
2.5. Email Data: addresses, subjects, and message content when you use our notification features.
3. How We Use Your Data
3.1. To provide and maintain core Service functionality (class and grade management, reports).
3.2. For account management and user authentication.
3.3. To process payments and issue invoices via Stripe.
3.4. To send notifications and reminders by email (e.g., account activation).
3.5. To analyze Service usage and improve performance (aggregate statistics, error resolution).
4. Data Sharing
4.1. We may share your data with:
Stripe, Mailgun/Gmail API, and similar providers for payments and emails;
Hosting and analytics vendors (e.g., Datadog) for uptime and performance monitoring;
Law enforcement when required by legal process.
4.2. We never sell or rent personal data to advertisers.
5. Storage and Deletion
5.1. Your data and content remain on our servers as long as your account is active.
5.2. Data archiving schedules by plan:
Free: after 30 days
Starter: after 180 days
Pro: after 365 days
5.3. After the applicable period, data may be automatically deleted.
6. Data Security
6.1. We employ industry-standard protections: SSL/TLS encryption, password hashing, and strict access controls.
6.2. We conduct regular vulnerability assessments, penetration tests, and security audits (e.g., SOC 2) of our infrastructure.
6.3. We maintain a bug bounty program and 24/7 Web Application Firewall (WAF) monitoring.
7. Children's Data & Parental Consent
7.1. The Service is intended for school teachers; we do not knowingly collect data on children under 13 without parental consent.
7.2. Teachers are responsible for ensuring they have appropriate parental permission before entering any student data.
8. Your Rights
8.1. Access your personal data.
8.2. Request correction of inaccurate or incomplete information.
8.3. Request deletion of your data (the “right to be forgotten”), except where retention is legally required.
8.4. Object to processing on legal grounds.
9. Breach Notification
In the event of a data breach, we will notify affected users within 72 hours of discovery, describing the nature of the breach and the measures taken to mitigate harm.
10. Cookies & Tracking
We use cookies and similar technologies. You can manage your preferences via your browser settings or our Cookie Settings page.
11. Third-Party Links & Services
We are not responsible for the privacy practices of any third-party services or links embedded within our Service.
12. Changes to This Policy
We reserve the right to update this Privacy Policy. We will notify you of material changes via email and in the Service interface.