app logoLix.so

Privacy Policy

Lix.so Privacy Policy

Last Updated: October 20, 2025

1. Introduction

Welcome to Lix.so. We place great importance on protecting your personal data and privacy. This Privacy Policy explains how we collect, use, store, and protect your information when you use our platform.

By using Lix.so, you accept the practices described in this policy.

2. Data Controller

Lix.so Email: privacy@lix.so Website: https://lix.so

3. Data Collected

3.1 Identification and Account Data

When you create an account, we collect:

  • First and last name
  • Email address
  • Password (encrypted)
  • Organization name
  • Profile picture (optional)
  • Language preferences

3.2 Facebook/Meta Connection Data

To use our Facebook Ads integration services, we collect:

  • Facebook Business account ID
  • Facebook API access token
  • Ad Account ID
  • Facebook Page ID
  • Permissions granted to our application

3.3 Advertising Campaign Data

As part of using the service, we store:

  • Ad creatives (images, videos, texts)
  • Campaign parameters (audiences, budgets, objectives)
  • Saved campaign templates
  • Created campaign metadata

3.4 Technical and Navigation Data

We automatically collect:

  • IP address
  • Browser type and version
  • Operating system
  • Pages visited and actions performed
  • Visit dates and times
  • Performance and error data
  • Cookies and session identifiers

3.5 Payment Data

For payment processing, we collect:

  • Credit card information (processed by Stripe)
  • Billing history
  • Billing address
  • VAT information if applicable

Important: Credit card data is never stored on our servers. It is processed directly by our secure payment provider Stripe.

3.6 Communications

We keep:

  • Emails exchanged with our customer support
  • Messages sent via our contact form
  • Submitted feedback and suggestions

4. Processing Purposes

4.1 Service Provision

Your data is used to:

  • Create and manage your account
  • Authenticate you during login
  • Allow you to create and manage Facebook Ads campaigns
  • Store your templates and ad creatives
  • Provide customer support

4.2 Service Improvement

We use your data to:

  • Analyze service usage and improve user experience
  • Fix bugs and technical issues
  • Develop new features
  • Optimize performance

4.3 Communication

Your data allows us to:

  • Send important service notifications
  • Respond to your support requests
  • Inform you of updates to our Terms or Privacy Policy
  • Send newsletters (with your explicit consent)

4.4 Security and Compliance

We process your data to:

  • Prevent fraud and abuse
  • Ensure platform security
  • Comply with legal obligations
  • Resolve disputes

4.5 Billing and Accounting

Your payment data is used to:

  • Process subscription payments
  • Generate invoices
  • Manage refunds if applicable
  • Comply with tax and accounting obligations

5. Legal Basis for Processing (GDPR)

In accordance with the General Data Protection Regulation (GDPR), we process your data on the following legal bases:

  • Contract execution: Processing necessary to provide the service
  • Consent: For newsletters and marketing communications
  • Legitimate interest: For service improvement and security
  • Legal obligation: For billing and accounting

6. Data Sharing with Third Parties

6.1 Service Providers

We share your data with third-party providers only to provide the service:

Hosting

  • Vercel (application hosting)
  • Location: United States / Europe

Database

  • PostgreSQL (data hosting)
  • Location: Europe

Payment

  • Stripe (payment processing)
  • Location: United States with GDPR compliance

Third-Party APIs

  • Meta/Facebook (for Facebook Ads API integration)
  • Location: United States

Analytics (if applicable)

  • GDPR-compliant analytics tools
  • Anonymized data

6.2 Legal Obligations

We may disclose your data if required by:

  • A legal or regulatory obligation
  • A court order
  • A request from competent authorities

6.3 International Transfers

Some of our providers are located outside the European Union. We ensure these transfers comply with GDPR through:

  • European Commission standard contractual clauses
  • Privacy Shield certification (or equivalent)
  • Appropriate safeguards

6.4 No Sale of Data

We never sell your personal data to third parties.

7. Retention Period

We retain your personal data for as long as necessary for the purposes described:

| Data Type | Retention Period | |-----------|------------------| | Account data | Subscription duration + 3 years | | Campaign data | Subscription duration + 1 year | | Billing data | 10 years (legal obligation) | | Technical logs | 12 months | | Cookies | Variable depending on type (see section 9) |

After expiration, your data is securely deleted or anonymized.

8. Data Security

We implement technical and organizational measures to protect your data:

8.1 Technical Measures

  • Data encryption in transit (HTTPS/TLS)
  • Encryption of sensitive data at rest
  • Encrypted passwords with bcrypt/argon2
  • Secure authentication (strong passwords, 2FA available)
  • Firewall and intrusion protection
  • Regular encrypted backups

8.2 Organizational Measures

  • Limited data access (principle of least privilege)
  • Staff training on data security
  • Strict security policy
  • Regular security audits
  • Incident response plan

8.3 In Case of Breach

In case of a data breach likely to pose a high risk to your rights and freedoms, we commit to:

  • Notify you within 72 hours
  • Inform the supervisory authority (CNIL in France)
  • Take all necessary corrective measures

9. Cookies and Similar Technologies

9.1 Types of Cookies Used

Essential Cookies (required)

  • Authentication and user session
  • Security and fraud prevention
  • Language preferences

Functional Cookies (optional)

  • Remembering your preferences
  • Improving user experience

Analytics Cookies (optional, with consent)

  • Site usage analysis
  • Anonymized statistics

Marketing Cookies (optional, with consent)

  • Advertising campaigns
  • Retargeting

9.2 Cookie Management

You can manage your cookie preferences:

  • Via our consent banner during your first visit
  • In your browser settings
  • Via your account settings on our site

Refusing essential cookies may affect service functionality.

10. Your Rights (GDPR)

Under GDPR, you have the following rights:

10.1 Right of Access

You can request access to your personal data we hold.

10.2 Right of Rectification

You can request correction of inaccurate or incomplete data.

10.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your data in certain circumstances.

10.4 Right to Restriction of Processing

You can request restriction of processing of your data.

10.5 Right to Data Portability

You can receive your data in a structured format and transfer it to another controller.

10.6 Right to Object

You can object to processing of your data for legitimate reasons.

10.7 Right to Withdraw Consent

You can withdraw your consent at any time (e.g., for newsletters).

10.8 Right to File a Complaint

You can file a complaint with CNIL (Commission Nationale de l'Informatique et des Libertés):

  • Website: https://www.cnil.fr
  • Address: 3 Place de Fontenoy, 75007 Paris, France

10.9 Exercising Your Rights

To exercise your rights, contact us:

  • Email: privacy@lix.so
  • Via your account: Settings > Privacy and Data

We will respond to your request within one month maximum.

11. Minors' Data

Lix.so is not intended for persons under 18 years of age. We do not knowingly collect personal data from minors.

If you are a parent and believe your child has provided us with personal data, contact us immediately so we can delete this data.

12. Links to Third-Party Sites

Our service may contain links to third-party sites (notably Facebook/Meta). We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

13. Privacy Policy Changes

We reserve the right to modify this Privacy Policy at any time. Important changes will be notified to you by:

  • Email to the address associated with your account
  • Notification on the site or application
  • Updating the "Last Updated" date at the top of this page

Your continued use of the service after notification constitutes your acceptance of the new policy.

14. Facebook/Meta Specific Data Protection

14.1 Facebook Data

When you connect your Facebook Business account:

  • We only access necessary data (Ad Accounts, Pages)
  • We never collect your personal Facebook data
  • You can revoke access at any time from your Facebook settings

14.2 Compliance with Meta Policies

We comply with Meta policies concerning:

  • Use of Facebook Marketing API
  • User data protection
  • Data use restrictions

14.3 Access Revocation

To revoke Lix.so's access to your Facebook account:

  1. Go to Facebook > Settings > Apps and Websites
  2. Find "Lix.so" and remove the application
  3. Or from your Lix.so settings > Integrations > Disconnect Facebook

15. Data Protection Officer (DPO)

For any questions regarding the protection of your personal data, you can contact our Data Protection Officer:

Email: dpo@lix.so

16. Contact

For any questions regarding this Privacy Policy or the processing of your personal data:

Lix.so Email: privacy@lix.so Support: support@lix.so Website: https://lix.so

By using Lix.so, you acknowledge having read and understood this Privacy Policy.

PrivacyTermsapp icon