Privacy Policy

Lamasio Privacy Policy & Data Protection Agreement

Lamasio Group & Associated Services

Effective Date: 12 Jun 2024

Last Updated: February 21, 2026

At Lamasio, we take data privacy very seriously. This policy governs all our digital properties, including but not limited to:

• Main Domain: lamasio.com

• Enterprise Solutions: crm.lamasio.com (LAMA ERP - CRM, ERP, HRM)

• Web Utilities: tools.lamasio.com (Online Web Tools)

• QR Solutions: qr.lamasio.com (QR Code Generation)

• Commercial Services: store.lamasio.com & support.lamasio.com

  
  

  1. Legal Basis for Data Processing

  To comply with global standards (GDPR & CCPA), we process your data under the following legal bases:

  • Contractual Necessity: To provide the services you signed up for (especially LAMA ERP).

  • Legal Obligation: For tax, invoicing, and anti-fraud compliance.

  • Legitimate Interests: To improve our tools, ensure security, and provide relevant advertising.

  • Consent: Where you explicitly agree (e.g., newsletters).

    
    

    2. Detailed Data Collection by Service

    
    

    A. LAMA ERP (crm.lamasio.com) - Professional Tier

    For our CRM, ERP, and HRM systems, Lamasio acts as a Data Processor. We collect:

  • Organizational Data: Business name, tax ID, and address.

  • Employee Data: Names, roles, and contact info (as input by the administrator).

  • Operational Data: Sales records, customer lists, and financial logs.

  • Security Logs: Audit trails of every login and change made within the system to ensure accountability.

    
    

    B. Web Tools & QR Generator (tools.lamasio.com / qr.lamasio.com)

    Input Data: We process the content you upload (Code, Images, Text, etc.).

    Processing Policy: Files uploaded to our "Web Tools" are processed in-memory. Unless a "Cloud Save" feature is activated by the user, files are automatically purged from our temporary cache within 24 hours.

    
    

    C. General Personal Data

    Contact Info: Email, Phone Number, Full Name.

    Technical Data: IP Address, Browser Fingerprinting, Device Type, and Geolocation (at a city level) to optimize server performance.

    
    

    3. Financial Transactions & Payment Processing

    We offer multiple secure ways to pay for our premium services:

    Third-Party Gateways: We use PayPal and other encrypted processors. We do not store your credit card numbers on our servers.

    Bank Transfers (Direct Deposit): For enterprise clients (LAMA ERP), we accept direct bank transfers.

    • Data Collected: For bank transfers, we collect and retain your official Business Billing Info to comply with international tax laws and to issue VAT-compliant invoices.

    • Verification: We may require a "Proof of Transfer" document which is stored in a secure, encrypted environment.

      
      

    4. Advertising and Tracking (USA & EU Markets)

    • To maintain our free tools, we partner with premium ad networks (e.g., Ezoic, Google AdSense, Adsterra).

    • Cookies: We use "First-Party" and "Third-Party" cookies to serve personalized ads.

    • Opt-Out: Users can manage their preferences via the "Cookie Consent" banner or through browser settings.

    • Data Selling: We do not sell your personal information to third parties. Ad networks use anonymous usage data only.

      
      

    5. Data Retention & Deletion

    Account Data: Retained as long as your account is active.

    • ERP Data: If a subscription expires, data is kept for 90 days as a grace period before permanent deletion, unless the user requests immediate erasure.

    • Financial Records: Retained for 7 years to comply with international accounting and tax audits.

      
      

    6. Data Disclosure & Third-Party Sharing

    Any registration data provided to Lamasio is handled securely and will never be sold or shared with any third-party for marketing purposes. We only disclose information under the following strictly defined circumstances:

    • Government & Legal Requests: We reserve the right to disclose personal information if required by law or in response to valid requests by public authorities (e.g., a court or a government agency).

    • Payment Processing: To complete your transactions, payment gateways may require access to your basic info (such as name and email).

    • Banking & Wire Transfers: For direct bank transfers, necessary financial data (including IBAN, Account Holder Name, Swift Code, and Bank Name) will be shared with our financial institutions to facilitate, verify, and receive international or local payments.

    7. International Data Rights (GDPR & CCPA)

    Depending on your location (USA/EU), you have the following rights regarding your data:

    • Right to Access: Request a copy of all data we hold about you.

    • Right to be Forgotten: Request total deletion of your personal data from our servers.

    • Right to Rectification: Request correction of any inaccurate or incomplete information.

    • Data Portability: Request an export of your ERP/CRM data in a machine-readable format (CSV/JSON).

    8. High-Level Security Measures

    Lamasio employs enterprise-grade security protocols:

    • End-to-End Encryption: All data transmitted to crm.lamasio.com and other subdomains is encrypted via SSL/TLS.

    • Server Segregation: ERP data is stored on isolated databases to prevent cross-contamination between clients.

    • Daily Backups: Encrypted automated backups are performed every 24 hours to ensure zero data loss.

    9. Updates to this Policy

    Lamasio reserves the right to modify this policy at any time without prior notice. Significant changes (especially those affecting LAMA ERP users) will be communicated via your registered email address.

    10. Contact Our Data Protection Officer (DPO)

    For any privacy concerns or to exercise your data rights:

    • Email: info@lamasio.com

    • Support Portal: support.lamasio.com