GDPR · CCPA · Global Compliance

Privacy Manifesto

We build tools, not data empires. This document explains exactly what we collect, why we collect it, and the rights you hold over your information.

Last Updated: March 2026 Current Policy

We Collect

  • + Email address (account access)
  • + IP address (security & abuse prevention)
  • + Payment data (via Stripe / Maya — we never see raw card numbers)
  • + Usage logs (feature interactions, error traces)

We Never Collect

  • Browsing history or third-party site data
  • Personal files or documents
  • Keystrokes or screen recordings
  • Biometric or sensitive personal data

01. Why We Collect Data

Data collection is limited to what is strictly necessary to operate the platform. Your email authenticates your account. Your IP address protects us both from abuse and unauthorized access. Usage logs help us identify bugs and improve performance. Nothing is sold, rented, or traded to third parties — ever.

02. Data Storage & Security

All sensitive fields are encrypted at rest using AES-256. Data is stored on servers located in the region closest to your account. We enforce TLS 1.3 for all data in transit.

Encryption at Rest AES-256
Encryption in Transit TLS 1.3
Payment Processing Stripe / Maya (PCI-DSS)
Data Retention Active account + 90 days post-deletion

03. Cookies & Tracking

We use only essential cookies — session management and CSRF protection. We do not use advertising cookies, third-party trackers, or analytics platforms that profile you across the web. Any analytics we run are aggregated, server-side, and stripped of personally identifiable information.

04. Third-Party Services

We work with a minimal set of third parties, each bound by their own strict privacy standards:

Stripe

Payment processing. We never receive your raw card data.

Maya

Regional payment gateway. PCI-DSS Level 1 certified.

Cloudflare

DDoS protection & CDN. No behavioral profiling.

05. Your Rights

Under applicable global data protection laws — including GDPR and CCPA — you hold the following rights over your personal data:

Right to be Informed

Know what data we hold and why.

Right to Access

Request a copy of your personal data.

Right to Correction

Fix inaccurate or incomplete records.

Right to Erasure

Delete your account and all associated data.

Right to Object

Opt out of specific data processing activities.

Right to Portability

Receive your data in a machine-readable format.

06. Children's Privacy

Jrlicos Labs services are intended for users aged 18 and above. We do not knowingly collect personal data from minors. If you believe a minor has provided us with personal information, contact us immediately and we will delete it.

07. Policy Changes

If this policy changes in a material way, we will notify registered users via email at least 14 days before the new policy takes effect. Continued use of our services after that date constitutes acceptance.

Exercise Your Rights

To access, correct, or delete your data — or to ask any privacy-related question — reach out directly. We respond within 72 hours.

privacy@jrlicos.com Response SLA: 72 hrs