Lavish Made — Privacy Policy

1. What We Collect

We collect only what's needed to operate the platform:

• Account Info: Username, email, password.
• Content: Posts, comments, Deep Dives, photo uploads, audio files, video uploads.
• Connections: Subscribers, saved content, playlists.
• Technical Info: Browser/device data, IP address.
• Optional Integrations: Spotify, YouTube, Vimeo (via links or embeds).

You can embed videos from platforms like YouTube or Vimeo, or upload video files directly. Uploaded photos and videos are stored securely using Amazon S3 and processed through Mux for video streaming.

Audio Transcription: If you choose to transcribe audio content, your audio files are processed by our transcription service and deleted immediately after processing. We never automatically transcribe your audio—this feature is only available when you explicitly request it.

2. How We Use Your Info

• To manage accounts and deliver core features.
• To block bots and spam (via email confirmation).
• To enable payments (via Stripe) on behalf of publishers.
• To process member support tips and subscriptions (via Stripe).
• To track basic site activity (via Fathom Analytics).

We do not sell your data or track you across the web.

3. Cookies & Analytics

We use:

• Essential cookies to keep you logged in.
• Fathom Analytics, which is privacy-focused and doesn't use personal data.

4. Third-Party Services

• Stripe: Handles all payments, subscriptions, and member support tips. We do not store payment information on our servers—all payment data is processed securely through Stripe.
• Amazon S3: Stores photo and video uploads.
• Mux: Processes and streams uploaded video content.
• Lemonfox AI: Provides voice transcription services with zero data retention—audio files and transcripts are deleted immediately after processing.
• Email Confirmation: Prevents bot accounts.
• Fathom Analytics: Basic anonymous analytics.
• Spotify, YouTube, Vimeo: Embeds or connected accounts, if users choose to link them.

Each provider has its own privacy policy.

5. Voice Transcription Services

We offer optional voice transcription services through Lemonfox AI:

• Zero Retention: Audio files and transcripts are deleted immediately after processing.
• Manual Only: Transcription only occurs when you explicitly click "View Transcription"—we never automatically transcribe your audio.
• Secure Processing: All data is encrypted in transit using HTTPS/TLS before immediate deletion.
• No Training Data: Your audio is never used for model training or improvement.
• No Third-Party Sharing: Processed data is not disclosed to any third parties.
• GDPR Compliant: Lemonfox AI offers Data Processing Agreements for GDPR compliance.

This service is completely optional and only processes audio when you specifically request it.

6. Browser Extension

The LavishMade Deep Dives browser extension allows you to save content from the web to your Deep Dives collection. Here's what data the extension collects and how it's used:

Data Collection:

• Authentication Tokens: Access and refresh tokens are stored locally in your browser using Chrome's secure local storage (chrome.storage.local) to maintain your login session.
• Login Credentials: Your email and password are transmitted to our servers for authentication when you log in. Passwords are never stored locally and are sent securely via HTTPS.
• Page URLs: When you save a page, the extension accesses the current page URL to save it to your Deep Dive.
• Page Metadata: The extension fetches metadata from URLs you save, including title, author information, and preview images. This metadata is sent to our servers along with the URL.

How We Use This Data:

• Authentication tokens are used only to verify your identity when making requests to our servers.
• URLs and metadata are saved to your Deep Dives collection on our servers, accessible only to you.
• All data transmission occurs over secure HTTPS connections.

Data Storage and Security:

• Authentication tokens are stored locally in your browser only—they never leave your device except to authenticate API requests.
• No browsing history or web page content is stored locally by the extension.
• All data sent to our servers is handled according to this privacy policy and stored securely.
• The extension only accesses the current active tab when you explicitly click the extension icon and choose to save a page.

The extension requests these browser permissions to function: activeTab (to access the current page URL), storage (to store authentication tokens locally), tabs (to detect the active tab), and host_permissions (to fetch metadata from URLs). We do not share any extension data with third parties.

7. Security

Passwords are hashed, data is encrypted, and we actively monitor for security issues.

8. Deletion & Control

• You can delete your account at any time.
• Your content will be removed from public view and regularly purged from backups.
• You can disconnect any linked services.

9. Updates

We'll update this policy if anything changes and post the update here.