Privacy Policy

Last updated: July 20, 2025

Effective Date: July 20, 2025

Thank you for choosing Lucid Dreams S.R.L. (“Company”, “we”, “us”, or “our”). This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our Software-as-a-Service (SaaS) platform (the “Service”) through our website and/or mobile applications.

This Policy is designed to comply with all major international data protection regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA/CPRA), Romanian Law No. 190/2018, and other applicable legislation.

By using our Service, you acknowledge that you have read and understood this Policy.

Who We Are

Lucid Dreams S.R.L. Address: Nicolae Balcescu, N1, A, 15, Rosiori de Vede, 145100, TR, Romania Email: [email protected]

Personal Data We Collect

Personal Identification Information

  • Name, address, email address, phone number, food preferences
  • Company name, role/title

Account Information

  • Login credentials (passwords are encrypted)
  • Subscription plan info, account preferences

Usage Data

  • Log files, IP address, browser type/version
  • Device info, time spent on pages, click paths

Payment Information

  • Processed securely via third-party processors (e.g., Stripe, PayPal)
  • We do not store full payment card data

Support & Communication Data

  • Inquiries, email exchanges, chat logs

Location Data

  • Where applicable, geolocation based on IP address (used solely for localization, compliance, or language display) We never knowingly collect data from children under 13 (COPPA) or 16 (GDPR) unless proper parental consent is provided.

How We Use Your Information

  • Provide, maintain, and secure the Service
  • Process payments and manage subscriptions
  • Respond to support requests and communicate with you
  • Customize your user experience
  • Send functionality updates, security alerts, or promotional material (with your consent)
  • Comply with legal obligations and prevent fraud or abuse

Lawful Basis for Processing

  • Consent – when you voluntarily provide it (e.g. contact forms, email marketing)
  • Contractual necessity – to fulfill contractual obligations
  • Legal obligation – for compliance with tax, financial, or legal obligations
  • Legitimate interest – improving service performance and preventing fraudulent activity, provided this does not outweigh your rights

Cookies and Similar Technologies

  • User authentication
  • Session management
  • Analytics (Google Analytics, etc.)
  • Personalization You may opt out or adjust cookie preferences via our Cookie Banner or browser settings. Learn more in our Cookie Policy.

Disclosure of Personal Data

  • Authorized employees and subcontractors
  • Third-party processors (e.g., hosting, cloud services, payment gateways, analytics)
  • Legal authorities when required by law or to protect our rights We do not sell your personal data. Under CCPA, you have the right to opt out of “sale” or “sharing” as defined under California law.

International Data Transfers

  • We are a global company; your data may be processed in countries outside your own
  • Where required by GDPR and similar laws, international transfers are safeguarded using:
  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Data Processing Agreements (DPAs) with our vendors

Data Retention

  • Personal data is retained only as long as necessary to fulfill the purposes outlined above or to comply with legal requirements
  • Upon request or termination of your account, we will delete or anonymize your data unless legal retention is required

Your Privacy Rights

  • Right to access and obtain a copy of your data
  • Right to rectify inaccurate or incomplete information
  • Right to request deletion (‘right to be forgotten’)
  • Right to restrict or object to processing
  • Right to data portability
  • Right to withdraw consent at any time
  • Right not to be subject to automated decisions
  • Right to lodge a complaint with a supervisory authority To exercise any of these rights, please contact us at [email protected]. We respond within the timeframes required by law (typically 30 days). EU users may also contact the Romanian Data Protection Authority (ANSPDCP): https://www.dataprotection.ro

Data Security

  • Encryption (at rest and in transit via HTTPS/SSL)
  • Role-based access control
  • Secure server infrastructure (ISO 27001/SOC 2 certified providers)
  • Regular audits and vulnerability assessments Despite our best efforts, no system is 100% secure. If a data breach occurs, you will be notified as required by applicable law.

Data Processing for Children

We do not knowingly collect data from children under 13 (US/COPPA) or 16 (EU/GDPR) without parental consent. If we learn that we process child data without consent, we will delete it immediately.

Third-Party Services

This policy does not extend to external websites or services linked within our platform. You are encouraged to read their privacy policies.

Changes to This Privacy Policy

We may update this Policy periodically. If material changes are made, we’ll notify you via email or platform notice at least 30 days in advance.

Continuing to use our services after changes are introduced constitutes agreement to the updated Privacy Policy.

Contact Us

  • Lucid Dreams S.R.L.
  • Address: Nicolae Balcescu, N1, A, 15, Rosiori de Vede, 145100, TR, Romania
  • Email: [email protected]

By using our Service, you consent to our data practices as detailed in this Privacy Policy.

Review Cookie Settings

We use cookies to improve your experience. You can choose to accept or deny cookie use. - Learn more