LentoLento
Lento Bead Craft Studio
Privacy
Policy
How we honor and protect the data you bring into your creative space.
— Document Details —
Effective DateJune 4, 2025
Version1.0
ScopeGlobal — 18+
LanguageEnglish (controlling)
Contactservice@lento.casa
Sections
22
Topics covered
Data sold
0
To third parties
Age req.
18+
All users
Welcome to Lento — a peaceful studio for beadwork enthusiasts to design, string, and share handcrafted bracelets. Every combination of color, size, and material becomes a unique piece with its own quiet charm. This Privacy Policy ("Policy") describes how Lento ("we," "our," or "us") collects, uses, stores, shares, and protects your personal information when you use our mobile application and all related services (the "Service"). By using Lento, you agree to this Policy. If you do not agree, please discontinue use of the Service.
I
Information We Collect
1.1 — Account & Profile Information

When you create a Lento account, we collect the information you voluntarily provide: your display name, email address, date of birth (to verify you are 18 years of age or older), profile photo, country of residence, aesthetic preferences you set, and any personal bio you choose to write. If you register via Apple Sign-In or Google, we receive a limited profile dataset authorized by you and that provider.

1.2 — DIY Bracelet Creations

When you design a bracelet in Lento, we collect the design parameters you select — bead colors, sizes, materials, arrangement patterns, string length, decorative elements, and any titles or descriptions you assign to your creations. Your saved bracelet designs form your personal creative collection within the Service. See Section 3 for full details.

1.3 — Device & Technical Information

We automatically collect device model, operating system version, unique device identifiers, IP address, mobile carrier, app version, crash logs, and performance diagnostics to maintain service quality and diagnose technical issues.

1.4 — Usage & Behavioral Data

We record how you use the Service: bracelets created, community bracelets you view or interact with, features accessed, creators you follow, search queries, and session frequency and duration. This data informs product improvements and optional personalization.

1.5 — User-Generated Content

Bracelet designs you publish, images of your creations, comments, community posts, and other content you make public constitute User-Generated Content (UGC). See Section 4 for full details.

1.6 — Communications & Support Data

If you contact our support team, submit a report, or participate in surveys, we retain the content and metadata of those communications for resolution and service improvement purposes.

1.7 — Payment & Transaction Data

All payments are processed exclusively by Apple App Store or Google Play. We do not store your payment card details. We receive only anonymized transaction confirmation tokens and purchase entitlement data to activate in-app premium features such as expanded bead libraries or design tools.

II
How We Use Your Data
2.1 — Operating the Service

We use your information to authenticate your account, deliver the bracelet design experience, save and sync your creative collection across devices, operate community features, enforce content policies, process purchases, and provide all core Service functions.

2.2 — Design Experience & Randomization

Your design selections and history power the bracelet assembly experience, including the surprise-effect generation that produces unique creative outcomes with each assembly. Design pattern preferences and history are used solely to improve your in-app creative experience and are not shared with external partners.

2.3 — Community & Discovery

Where you choose to share bracelets publicly, your submitted content populates community feeds and enables discovery by other users. Public creation data may be aggregated to display trending design styles within the community.

2.4 — Personalization

Your creation history, viewing patterns, and preferences are used to personalize community recommendations, surface designs you may find inspiring, and adapt the platform experience. See Section 6 for details on personalization.

2.5 — Safety & Platform Integrity

We process behavioral signals and user reports to detect and prevent prohibited content, harassment, and policy violations within community features.

2.6 — Product Improvement

Aggregated and de-identified usage data is analyzed to improve design tools, community features, and overall platform performance.

2.7 — Marketing & Communications

With your consent where required by applicable law, we may send promotional communications about new bead collections, seasonal design themes, and platform features. You may withdraw consent at any time via in-app settings or the unsubscribe link in any email.

2.8 — Legal Compliance

We process personal data as necessary to comply with applicable laws, respond to valid legal process, enforce our Terms of Service, and protect the safety of our users and the public.

III
Your DIY Creations
3.1 — Your Creations Belong to You

Every bracelet you design in Lento is yours. Your creative collection — including saved designs, drafts, iterations, and any titles or descriptions you attach — belongs to you. We store your creations on our servers solely to deliver the design and viewing experience across devices. We do not sell, license, or transfer your personal designs to third parties for their independent commercial use.

3.2 — Design Data Storage

Bracelet design parameters (bead selections, arrangements, and settings) and generated design images are stored on our secure cloud infrastructure and associated with your account. You may organize your creations into collections, favorite them, or delete them at any time from your personal studio.

3.3 — Design Visibility Controls

Each bracelet design can be set to Private (visible only to you) or Public (visible in the community feed). You may change the visibility of any design at any time from its settings. Designs are Private by default; publishing to the community is always an explicit choice you make.

3.4 — Randomization Effects

Lento's design assembly may include randomized visual effects that produce a unique outcome each time you complete a creation. These effects are generated at the moment of assembly and are recorded as part of your saved design. No personal identifiers are used in the randomization process.

3.5 — Data Export

You may request an export of your creative collection at any time from your account settings or by emailing service@lento.casa. Exports include your design parameters and images in a portable format suitable for personal archiving.

IV
User-Generated Content
4.1 — Collection & Storage

Bracelet designs, images, titles, descriptions, comments, and community posts you publish publicly constitute User-Generated Content (UGC). UGC is stored on our secure cloud servers associated with your account. You retain full ownership of all original content you create.

4.2 — License Grant

By publishing UGC publicly on Lento, you grant us a non-exclusive, worldwide, royalty-free, sublicensable license to host, store, reproduce, display, and distribute your content within the Service and in connection with promoting Lento, subject to your visibility settings. This license persists for a commercially reasonable period following deletion. This license does not include the right to sell your designs to third parties for their independent commercial use.

4.3 — Content Moderation

Community-shared UGC is subject to automated screening and human review for compliance with our Community Guidelines. Content that violates our policies — including inappropriate imagery in bracelet titles or descriptions, offensive content, harassment, or copyright-infringing material — will be removed. Accounts responsible for violations may face suspension or termination.

4.4 — Content Deletion

You may delete any published design or UGC at any time. Deleted content is removed from public view within 48 hours, from production servers within 30 days, and from backup archives within 90 days.

V
Community Features
5.1 — Community Feed

Public bracelet designs appear in Lento's community feed for other users to discover, appreciate, and be inspired by. Public designs include your display name, the design image, any title or description you have written, and reactions or comments from other users.

5.2 — Reactions & Comments

Other users may react to or comment on your public designs. Comments are associated with the commenter's display name and are visible to all viewers of that design. You may moderate and delete comments on your own designs at any time.

5.3 — Following & Discovery

You may follow other creators whose style resonates with you. Follower relationships are visible in your profile activity unless you set your profile to private. You may unfollow other creators at any time.

5.4 — Design Inspiration

Where Lento allows viewing others' designs for inspiration, doing so does not grant you rights to reproduce or claim ownership of another creator's original work. Community designs are protected by these Terms and applicable intellectual property law.

VI
Personalization Engine
6.1 — How It Works

Lento uses your creation history, viewing patterns, aesthetic preferences, and engagement signals to surface community designs and creators we believe will inspire you. Personalization enhances discovery within the app.

6.2 — No External Advertising Use

Your creative preferences, design history, and behavioral signals are not used to build an advertising profile or shared with jewelry brands, bead retailers, or third-party advertising networks without your explicit consent.

6.3 — Opting Out

You may disable personalized recommendations at any time in Settings > Privacy > Personalization. Lento will then present a non-personalized, editorially curated community feed. Your core design tools are unaffected.

VII
Sharing & Disclosure
7.1 — Service Providers

We share personal information with trusted third-party service providers supporting our operations: cloud infrastructure providers, CDN services for image delivery, payment processors, analytics platforms, customer support tools, and content moderation systems. All providers are contractually bound to process your data only on our instructions and in compliance with applicable data protection law.

7.2 — No Sale of Personal Data

We do not sell your personal information, your bracelet designs, or your creative history to any third party, including jewelry brands, bead manufacturers, craft retailers, or data brokers.

7.3 — Business Transfers

In the event of a merger, acquisition, or asset sale, your data may transfer to the acquiring entity. We will notify you in advance before your data becomes subject to a materially different privacy policy, giving you the opportunity to request account deletion.

7.4 — Legal Disclosure

We may disclose your information to law enforcement or government authorities when required by applicable law, valid legal process, or where necessary to protect the safety of any person. Where legally permitted, we will notify affected users prior to such disclosure.

7.5 — Publicly Visible Content

Your display name, profile photo, and publicly shared bracelet designs are visible to all Lento users. You may set your profile or individual designs to private in your account settings at any time.

VIII
Third-Party Services & SDKs
8.1 — Analytics SDKs

Mobile analytics SDKs measure app performance and feature engagement, configured with privacy-preserving settings including anonymized event collection and suppression of advertising identifiers absent your consent.

8.2 — Cloud Storage & CDN

Design images and user photos are stored on cloud infrastructure and delivered via CDN providers to ensure fast, reliable loading. These providers process delivery metadata as technical intermediaries under data processing agreements.

8.3 — Authentication Providers

Apple Sign-In and Google authentication are governed by their own terms and privacy policies. Our use of data from these services is limited to account creation and basic profile population.

8.4 — Content Safety Tools

Third-party AI-assisted content safety tools are used to screen UGC for prohibited content. These tools process only data necessary for safety review under strict confidentiality obligations.

IX
Data Retention
9.1 — Active Account Data

We retain your personal information and creative collection for as long as your account is active. Accounts with no login activity for 24 consecutive months will receive a dormancy notice; following the notice period, inactive data may be anonymized or deleted.

9.2 — Creative Collection Data

Your bracelet designs and creative collection are retained for the life of your account. You may delete individual creations or your entire collection at any time. Deleted design data is removed from production servers within 30 days and from backup archives within 90 days.

9.3 — Transaction Records

Financial transaction records are retained for a minimum of seven years to comply with applicable accounting, tax, and consumer protection obligations.

9.4 — Safety & Moderation Records

Records of content moderation actions, user reports, and enforcement decisions are retained for up to 36 months after account closure.

9.5 — Anonymized Analytics

Aggregate, irreversibly anonymized usage data may be retained indefinitely for product research and development.

X
Data Security
10.1 — Technical Safeguards

We implement TLS 1.2+ encryption for all data in transit, AES-256 encryption for sensitive data at rest, strict role-based access controls, and automated anomaly detection to flag unusual access patterns for review.

10.2 — Organizational Safeguards

Data access is restricted on a need-to-know basis, requires multi-factor authentication, and is comprehensively audit-logged. All personnel with data access receive regular data protection training and sign confidentiality agreements.

10.3 — Vulnerability Management

We conduct regular security assessments and third-party penetration testing. Report security vulnerabilities responsibly to service@lento.casa.

10.4 — Breach Notification

In the event of a personal data breach posing risk to your rights and freedoms, we will notify relevant supervisory authorities within 72 hours where required by law and inform affected users without undue delay.

XI
Tracking Technologies
11.1 — In-App Technologies

Lento uses session tokens, local storage, and analytics SDKs (not traditional browser cookies) to maintain your authenticated session, remember preferences, and sync your creative collection across devices.

11.2 — Advertising Identifiers

On iOS, we request ATT consent before accessing your IDFA. On Android, we respect your opt-out via device advertising settings. Advertising identifiers are used only to measure our own user acquisition campaigns and are not shared for third-party behavioral advertising.

11.3 — Web Properties

Our website may use standard browser cookies for session management and analytics, manageable via your browser settings.

XII
Cross-Border Data Transfers
12.1 — Global Infrastructure

Lento serves a global community of beadwork enthusiasts and operates cloud infrastructure across multiple regions. Your personal data may be transferred to and processed in countries other than your country of residence, which may have different data protection standards.

12.2 — Transfer Safeguards

For transfers from the EEA, UK, or Switzerland to countries lacking an adequacy decision, we rely on EU Standard Contractual Clauses (SCCs) and, where applicable, the UK International Data Transfer Addendum (IDTA). Equivalent safeguards apply to other cross-border transfers.

12.3 — Data Localization

Where applicable national laws impose mandatory data localization requirements, we take reasonable steps to store and process the required data categories within the mandated territory.

XIII
Your Privacy Rights
13.1 — Access

Request a copy of personal data we hold, including your full creative collection metadata, via in-app settings or by emailing service@lento.casa with subject "Data Access Request."

13.2 — Rectification

Correct inaccurate personal information directly in account settings. For data that cannot be self-corrected, contact us and we will action the correction within 30 days.

13.3 — Erasure

Request deletion via Settings > Account > Delete Account or by emailing us. See Section 20 for full account deletion details.

13.4 — Portability

Request your creative collection and personal data in a structured, machine-readable format suitable for personal archiving or transfer to another platform.

13.5 — Objection & Restriction

Object to or request restriction of processing in certain circumstances. We pause relevant processing while assessing your objection.

13.6 — Consent Withdrawal

Withdraw consent for marketing or personalization at any time via in-app settings or by contacting us, without affecting prior lawful processing.

13.7 — How to Submit

Email service@lento.casa with "Privacy Rights Request" in the subject, your registered email, and a description of your request. We verify your identity and respond within applicable legal timeframes.

XIV
GDPR — EEA & UK Users
14.1 — Data Controller

For EEA and UK users, Lento acts as the data controller of your personal information under the GDPR and UK GDPR respectively.

14.2 — Legal Bases

We process your data under: (a) contractual necessity (to provide the Service); (b) legal obligation (regulatory compliance); (c) legitimate interests (safety, service improvement, fraud prevention), where not overridden by your rights; and (d) consent (for marketing and optional personalization).

14.3 — Supervisory Authority

You may lodge a complaint with your national data protection supervisory authority if you believe your data has not been handled lawfully. We encourage you to contact us first to attempt direct resolution.

XV
CCPA / CPRA — California
15.1 — California Rights

California residents have rights under the CCPA as amended by the CPRA, including the right to know, delete, correct, and opt out of the sale or sharing of personal information. Lento does not sell personal information and does not share it for cross-context behavioral advertising.

15.2 — Non-Discrimination

Exercising your California privacy rights will not result in denial of services, different pricing, or reduced quality of experience.

15.3 — Authorized Agents

California residents may designate an authorized agent by providing written proof of authorization. We verify both agent and resident identity before processing any request.

XVI
Brazil — LGPD
16.1 — Rights Under LGPD

Brazilian users have rights under the Lei Geral de Proteção de Dados (LGPD) including confirmation, access, correction, anonymization, deletion, portability, and withdrawal of consent.

16.2 — Legal Bases

We process Brazilian users' data based on contract performance, legal obligation, and consent where applicable.

16.3 — ANPD Complaints

Brazilian users may lodge complaints with the Autoridade Nacional de Proteção de Dados (ANPD) where they believe data processing violates the LGPD.

XVII
Children's Privacy & CSAE Policy
17.1 — Age Restriction

Lento is designed for users who are 18 years of age or older. We implement date-of-birth verification at registration and apply additional detection measures to accounts suspected of being operated by minors. Confirmed underage accounts are immediately and permanently terminated with all associated data deleted.

17.2 — Parental Notification

If you are a parent or guardian and believe a minor has created a Lento account, contact us immediately at service@lento.casa. We will investigate and, where confirmed, permanently delete the account and all associated data without delay.

17.3 — Child Sexual Abuse and Exploitation (CSAE)
Zero tolerance — absolute and without exception. Lento enforces an unconditional zero-tolerance policy toward any content, conduct, or activity that constitutes, facilitates, promotes, or glorifies Child Sexual Abuse and Exploitation (CSAE) in any form. Prohibited conduct includes without limitation: child sexual abuse material (CSAM); grooming, solicitation, or exploitation of individuals under 18; and any content depicting, targeting, or endangering persons under 18.

We deploy automated CSAM hash-matching on all uploaded media, AI-assisted content analysis on community posts, and dedicated human safety reviewers. Upon confirmed detection or credible report: all associated content is immediately and permanently removed; the responsible account is permanently terminated and all associated identifiers are blocked; a mandatory report is filed with the NCMEC CyberTipline or the legally required equivalent national authority; and we cooperate fully with all resulting law enforcement investigations. CSAE-related terminations carry no right of appeal.

To report: use the in-app Report function on any content or user profile, or email service@lento.casa immediately with subject "CSAE Report."
XVIII
In-App Purchases
18.1 — Payment Processing

All in-app purchases are processed exclusively through Apple App Store or Google Play. Lento does not store your payment card details. We receive only anonymized transaction confirmation tokens and entitlement data to activate premium features.

18.2 — Premium Features

If Lento offers premium features (such as expanded bead libraries, exclusive materials, advanced design tools, or additional storage): access is non-transferable between accounts; non-refundable except as required by applicable law or app store policy; and may be forfeited upon account termination for cause.

18.3 — Transaction Records

Transaction records are retained for a minimum of seven years to satisfy applicable accounting, tax, and consumer protection requirements.

XIX
Notifications & Communications
19.1 — Types

Lento may send push notifications for: reactions or comments on your designs, new content from creators you follow, platform announcements, seasonal design themes, and account security alerts.

19.2 — Preferences

Control notification types in Settings > Notifications or via your device OS settings. Disabling all notifications may cause you to miss important security alerts.

19.3 — Email

Transactional emails (account confirmations, purchase receipts, security alerts) are essential for Service operation. Marketing emails are optional and may be unsubscribed from at any time.

XX
Account Deletion & Data Erasure
20.1 — How to Delete

Delete your account at any time via Settings > Account > Delete Account, or by emailing service@lento.casa with subject "Account Deletion Request."

20.2 — What Is Deleted

Your profile, creative collection, published designs, community posts, comments, and all associated data are removed from public view within 48 hours and from production servers within 30 days. Backup archives are purged within 90 days of the next scheduled rotation.

20.3 — Export Before Deletion
We encourage you to export your creative collection before deleting your account, as deletion is permanent and your designs cannot be recovered once the deletion period has elapsed. You can export your data from Settings > Data > Export Collection.
20.4 — Retained Data

Certain data is retained where required by law: transaction records (up to 7 years); safety and moderation records (up to 3 years); data subject to a legal hold. All retained data is isolated and processed only for the specific legal purpose requiring its retention.

XXI
Policy Updates
21.1 — Notification

Material changes are communicated at least 14 days before taking effect via in-app notice, push notification, and/or email to your registered address. Non-material corrections may be made without advance notice.

21.2 — Continued Use

Continued use of Lento after any revised Policy's effective date constitutes acceptance. If you do not agree, delete your account before the changes take effect.

21.3 — Version Archive

Prior versions are available upon request at service@lento.casa.

XXII
Contact Us
22.1 — Privacy Inquiries

For questions, data rights requests, or privacy concerns:

We acknowledge inquiries within 5 business days and respond within 30 days.

22.2 — CSAE & Child Safety Reports

Use the in-app Report function on any content or user profile, or email service@lento.casa immediately with subject "CSAE Report." These are our highest-priority safety matter, actioned without delay.

© 2025 Lento. All rights reserved. Privacy Policy · Version 1.0 · June 4, 2025