Lydira

← /legal

Privacy Policy

The plain-English version of how we handle your data. For the legal-grade DPA that Enterprise buyers sign, see /legal/dpa.

effective · 2026-06-14

What we collect

Three categories of data, and nothing we don't need to deliver the service:

  • Account data — the name, email, and password you give us at sign-up, plus any agency details you enter during onboarding.
  • Operational data — everything you put into Lydira to run your agency: customers, trips, communications, commission records. This is your data — we only hold and handle it on your behalf, we don't own it.
  • Usage data — logs of what features you use, how often, and which AI calls you make. Anonymised wherever possible and used only to operate + improve the service.

Why we collect it

To deliver Lydira to you. We don't sell your data, we don't share it with ad networks, and we don't use it to train third-party AI models. Full stop.

Where it lives

Your data stays in one region. If we host your account, it's the region you pick at signup (US, EU, or Singapore). If you run Lydira on your own servers, your data lives wherever you host it. The outside companies that help us deliver the service are listed at /legal/subprocessors.

AI + your data

When you use an AI feature, the prompt (including any customer data it references) is sent to OpenAI, our AI provider. OpenAI's own data-handling terms apply; we publish a direct link on the sub-processor page. You can opt out of AI features entirely from Settings → AI.

Analytics on lydira.com

The public marketing site runs Plausible — a privacy-respecting analytics tool that's cookieless, does not identify individual visitors, and reports every metric at the page level. No personal identifiers leave your browser. All we measure are page views, clicks on links that lead off the site, and how many visitors move from the pricing page through to signing up and getting started. The app itself (app.lydira.com) has no tracker at all.

Your rights

Whatever the applicable law — GDPR, UK GDPR, KVKK, CCPA, PDPL — you can:

  • Access your data (Settings → Data & Privacy → Export)
  • Correct it (you're already editing it — that's the whole product)
  • Delete it (Settings → Data & Privacy → Delete account)
  • Port it (export your data in standard, machine-readable formats — JSON or CSV, plus a downloadable archive of your files)
  • Object or restrict processing (email privacy@lydira.com)

Contact

Questions, complaints, or requests — privacy@lydira.com. We aim to respond within 72 hours on business days. If we can't resolve your concern you have the right to lodge a complaint with your local Supervisory Authority.

Changes

Material changes are announced ≥ 30 days ahead via in-app banner + email to the Account Owner. Minor clarifications are noted at the top of this page.

This is an early draft. Full privacy policy review by external counsel is in progress; the final wording may change as that review completes.