Privacy Policy

Welcome to Lessimp. You are not a data point—you are a Sovereign Individual. This Privacy Policy explains how Lessimp Inc ("Lessimp," "we," "us," or "our") collects, uses, discloses, and safeguards your personal information when you use our mobile application, website, and related services (collectively, the "Service"). We built Lessimp on a Safety-by-Design architecture that puts transparency and trust at the center of everything we do.

This policy is governed by Lessimp's Internal IT Pillars—specifically Pillar 4: Security and Pillar 6: Governance—which ensure that every data flow described here is auditable, traceable, and accountable. By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the Service.

1. Information We Collect

1.1 Information You Provide Directly

When you create an account, complete your profile, or use certain features of the Service, you may provide us with:

• Account Information: Name, email address, phone number, date of birth, password, and username.
• Profile Information: Photos, videos, gender, sexual orientation, interests, biographical details, occupation, education, and other information you choose to share on your profile.
• Identity Verification: Government-issued identification documents, selfies, and biometric identifiers (such as facial geometry) used for identity or age verification. See Section 2: The Identity Moat for details on how this data is processed.
• Payment Information: Billing address, credit or debit card numbers, digital wallet tokens (Google Pay, Apple Pay), and other payment details processed through our third-party payment processors (Stripe, Square, Apple In-App Purchase, and Google Play Billing). We do not store your full card numbers or wallet tokens on our servers.
• Communications: Messages, chat content, and communications you send through the Service, including video and voice calls.
• User Content: Photos, videos, and other content you upload or share through the Service.
• Feedback and Support: Information you provide when you contact us for support, submit feedback, or participate in surveys.
• Consent Preferences: Your choices regarding marketing communications, analytics, personalized advertising, and notification preferences. You can update these at any time through the Privacy & Data screen or Notification Preferences in your app settings.

1.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

• Device Information: Device type, operating system and version, unique device identifiers, browser type, and mobile network information.
• Log Data: IP address, access times, pages viewed, app crashes, and other system activity.
• Location Data: With your consent, we collect precise geolocation data from your device. We apply location obfuscation—randomizing your coordinates within a small radius—before storing or displaying your position to other users. See Section 4: Location & Physical Safety for details.
• Usage Data: Information about how you interact with the Service, including features used, actions taken, time spent, and preferences.
• Analytics Events: We log specific events via Google Analytics for Firebase including sign-up method, login method, purchases, booking details (provider ID, session rate, payment method), ambassador activity (referral codes, commission amounts), and content engagement. These events may contain user identifiers for attribution.
• Biometric Authentication: If you enable biometric login (fingerprint or face recognition) for WorkAuth or app security, authentication is processed entirely locally by your device operating system (Touch ID, Face ID, or Android BiometricPrompt). No biometric data (fingerprint templates, facial geometry) is transmitted to or stored by Lessimp.
• Emergency Dispatch Data: When you trigger the emergency panic button, your name, phone number, and precise real-time GPS coordinates are shared with Noonlight for dispatch to the nearest emergency services (PSAP/911). Location updates are sent every 10 seconds during an active alarm. This data is routed through our Cloud Functions proxy — the Noonlight API token never resides on your device.
• Admin Audit Logging: Actions taken by Lessimp administrators (content moderation decisions, account reviews, role assignments) are logged in audit records for accountability and compliance. These logs contain the admin’s ID, action taken, timestamp, and affected user ID. Audit logs are retained for 7 years per regulatory requirements.

1.3 Phone Number Verification

When you register with a phone number, we verify the type of phone number you provide using a third-party phone intelligence service:

• Carrier Type Detection: We use Twilio Lookup to determine whether your phone number is a mobile, VoIP/virtual, or landline number. Only your phone number is sent to Twilio — no other personal data is shared.
• Cached Results: The phone number type result (e.g., mobile, virtual, landline) and carrier name are cached server-side for up to 24 hours to avoid repeat lookups.
• Phone Line Type: Your phone line type is stored on your user profile to determine whether additional identity verification is required.
• VoIP Verification Requirement: Users who register with a VoIP or virtual phone number (such as Google Voice or TextNow) are required to complete identity verification (government ID and selfie via Stripe Identity) before accessing the full Service. This requirement helps prevent fraud and protect the community.

1.4 Information from Third Parties

We may receive information about you from third parties, including:

• Social Login Providers: If you sign in using Google, Apple, or Facebook, we receive your name, email address, and profile picture (as permitted by your settings with those services).
• Identity Verification Provider (Stripe Identity): If you opt in to identity verification, we receive a Trust Score and Adjudication Status from Stripe Identity. We do not receive or store your raw SSN or government ID images on our servers. See Section 2.
• AI Observability Provider (Fiddler): We receive observability data about our own AI agents' decision-making. This data is about our systems, not about you personally. See Section 3.
• Analytics Providers: We receive aggregated analytics data from Google Analytics for Firebase and Google Tag Manager.

1.5 Content Moderation

To maintain a safe community, we use automated tools including Google Cloud Vision API and Google Cloud Video Intelligence API to scan photos and videos uploaded to the Service. These tools analyze content for policy violations, explicit material, and safety concerns. This processing is automated and does not involve manual review unless a potential violation is detected. See our Terms of Service for our Enforcement Ladder policy.

1.6 Clarity Lab Wellness Data

If you use Clarity Lab (our self-service wellness feature within the Mancave), we collect the following data, stored in your user profile:

• Practice Completion Records: Which exercises you completed and when.
• Worry Tree Path Selections: Which branches you navigated in the decision tree. No free-text input is stored.
• Streak Data: Current streak, longest streak, and last practice date.
• Daily Reminder Preferences: Whether reminders are enabled and your preferred reminder time.
• Live Coach Sessions: If you use the Live Coach feature, your voice audio is streamed in real time to Google Gemini (via Firebase AI SDK) for AI-powered coaching responses. Session metadata (duration, start/end time, and end reason) is stored in Firestore. Lessimp does not store or record your voice audio — audio is processed in real time by Google and discarded after the session ends. Google’s data handling is governed by the Google Cloud Terms of Service.

Hesitation Detection (timer-based prompts on booking screens) is processed entirely locally on your device. No hesitation timing data, browsing patterns, or screen dwell times are transmitted to our servers.

1.7 Lessimp Studio Upload Data

If you use Lessimp Studio (image upload tools for Profile Polisher, Guru Media Kit, or Digital Menu Creator), we collect and store:

• Uploaded Images: Photos are stored in Firebase Storage with compression tier metadata (standard, business_hires, or guru_hires).
• Upload Records: Each upload creates a Firestore record containing the asset category, compression tier, download URL, and upload timestamp.
• EXIF Data: Original EXIF metadata (including geolocation) from your photos is stripped and NOT preserved.
• Retention: Studio assets are retained as long as your account is active. Upon account deletion, all Studio assets are permanently deleted within the 90-day recovery window described in Section 9.

1.8 Advertising & Marketing

• Intent Scoring Signals: Profile completeness, session frequency, swipe and chat engagement, booking history, and subscription tier are used to classify your engagement level for marketing personalization.
• Ad Targeting: If personalized ads are enabled, hashed identifiers may be shared with Google Ads for audience matching. We do not sell your personal data to advertisers.
• Marketing Attribution: Anonymized conversion data (e.g., which ad channel led to your signup) is used to measure advertising effectiveness through Media Mix Models and multi-touch attribution.
• Cross-Channel Optimization: Aggregated performance metrics inform automated budget allocation across advertising channels. No individual user data is shared in this process.
• AI-Generated Content: When you use AI tools (e.g., Veo video reels) to create content, metadata about the generation is stored. Shared content may include an AI disclosure label.
• Opting Out: Disabling the “Personalized Ads” toggle stops your data from being used for ad targeting and excludes you from intent-based audience segments.

2. The Identity Moat (Stripe Identity Integration)

Lessimp offers optional identity verification powered by Stripe Identity. When you opt in:

• What Stripe Identity Receives: Your government-issued ID document and a selfie photograph are submitted directly to Stripe through their secure verification widget. Stripe compares your selfie against your ID document to confirm your identity.
• What Lessimp Receives: We receive only a Trust Score (a numerical confidence rating) and an Adjudication Status (verified, requires_input, or canceled). We do not store your raw SSN, driver's license number, or ID document images on our infrastructure.
• What the Trust Score Governs: Your Trust Score and Adjudication Status are stored in our Sovereign Air-Lock—an isolated, encrypted data store. These values determine your access to high-trust features such as Mancave coaching, Guru mentorship, and Ambassador programs.
• Verified Badge: Users who pass identity verification receive a verified badge on their profile. This badge indicates that the user passed an identity verification check. It does not constitute an endorsement of character, conduct, or suitability. Always exercise your own judgment when interacting with others.

You may request removal of your verification data at any time through the Privacy & Data screen in your app settings or by emailing privacy@lessimp.com.

3. Agentic Transparency (Fiddler Integration)

Lessimp uses Autonomous AI Agents to power matches, content recommendations, and safety moderation. To ensure these agents act fairly and without bias, we use Fiddler AI for Agentic Observability:

• Step-Level Tracing: Every decision made by our AI agents—whether suggesting a match or flagging content—is logged at the step level. This means we record not just the outcome, but the reasoning chain that led to it.
• The Glass Box Model: Unlike "black box" AI systems, our Glass Box approach means you can ask "Why am I seeing this?" for any AI-driven recommendation. Fiddler's observability layer provides the explainability infrastructure that makes this possible.
• Bias Detection: Fiddler continuously monitors our AI agents for drift, bias, and anomalous behavior. If a model begins producing unfair outcomes across demographic groups, the system alerts our engineering team and the model is retrained or corrected.
• What Fiddler Sees: Fiddler processes model telemetry—the internal reasoning of our AI agents. It does not receive your personal profile data, messages, photos, or financial information. Observability data is about how our agents behave, not about who you are.

Transparency Report

We publish the results of our AI fairness monitoring in our quarterly Transparency Report. This report includes aggregate statistics on AI decision accuracy, bias audit results, enforcement actions taken, appeal outcomes, and data request volumes. The report is available at lessimp.com and is updated every calendar quarter.

4. Location & Physical Safety

Lessimp uses location data and the Google Places API to keep you safe during real-world interactions:

• Safe Venue Suggestions: When Caveman or Admirer users schedule in-person meetups, our system uses anonymized foot-traffic data from Google Places to suggest venues that are well-lit, appropriately crowded, and in safe neighborhoods. We prioritize your physical safety over ad-driven foot-traffic incentives.
• Location Obfuscation: We never share your precise GPS coordinates with other users. Your location is randomized within a configurable radius before display. You control the precision level through your app settings.
• Anonymized Analytics: Aggregate, de-identified location patterns (such as popular date neighborhoods) may be used to improve venue recommendations. No individual movement data is sold or shared with advertisers.

4.2 Emergency Dispatch

When you trigger an emergency alarm via the in-app panic button, your precise GPS coordinates (latitude/longitude) are transmitted to Noonlight and dispatched to the nearest PSAP (911 center). Location updates are sent approximately every 10 seconds during an active alarm. A server-side proxy (Cloud Functions) holds the Noonlight API token — it is never stored on or transmitted to your device.

You may disable location sharing entirely through your device settings. This may limit features such as nearby user discovery and venue suggestions.

5. Multi-Channel & Social Sync

5.1 Ambassador Social Sharing

If you participate in the Ambassador Program and opt in to social sharing, your public milestones may be programmatically shared to your connected social channels:

• The Social Air-Lock: All outbound social data passes through our Social Air-Lock—a controlled gateway that ensures only content you've explicitly approved leaves the Lessimp ecosystem.
• What May Be Shared: Aspire Academy achievement badges, Ambassador tier promotions, and success story highlights—only if you opt in for each channel individually.
• Supported Channels: Facebook, Instagram, X (Twitter), TikTok, YouTube, and LinkedIn. Each channel requires a separate opt-in authorization.
• How It Works: Social content is generated from achievement data within our Fastlane logistics engine and posted to your authorized channels via their respective APIs. You can revoke channel access at any time through your Ambassador dashboard.
• What Is Never Shared: Your private messages, match history, location data, financial activity, identity verification status, or any profile data beyond what you explicitly authorize.

5.2 Content Publishing (Meta Business Suite)

If you publish content to Instagram or Facebook through Lessimp, we access your social media profile via Meta's Graph API. Photos, captions, and hashtags are posted on your behalf only with your explicit authorization. Your Meta access token is stored encrypted in Firestore. You can revoke publishing access at any time through your app settings. Published content remains on Meta's platforms subject to their terms of service.

5.3 Channel Partner Program

Channel Partners connect to Lessimp via Meta Business Manager for two-way content publishing. We store your Business Manager ID, Page ID, and Instagram Business Account ID to facilitate content submission to Lessimp's official channels. Setup checklist progress, rate schedule tier, and milestone achievement data are stored in Firestore with owner-read, server-only write access. Content submitted for Lessimp's channels goes through an editorial approval workflow before publication. You retain creative credit for all submitted content.

Rate Schedule: Channel Partners are compensated per deliverable: Story $50, Post $100, Carousel $150, Reel $200. Premium-tier partners earn 1.5× the base rate. Custom rates may be negotiated and override the standard schedule. All rates are visible in your dashboard before content submission.

Milestones: Four milestone nodes are tracked at 3 months/$250, 6 months/$500, 9 months/$750, and 12 months/$1,000 in cumulative earnings. Milestone achievement unlocks tier upgrades and is recorded with a timestamp in your partner profile. Lifetime revenue and milestone history are visible in your dashboard at all times.

6. How We Use Your Information

We use the information we collect for the following purposes:

• Provide and Operate the Service: Create and manage your account, facilitate matches, enable messaging and video calls, and process transactions.
• Personalization: Customize your experience, recommend matches, and display relevant content. All personalization is governed by our Glass Box AI model with full Reasoning Trace logging.
• Safety and Security: Verify identity through the Identity Moat, conduct background checks (with your consent), detect and prevent fraud, abuse, and violations of our Terms of Service.
• Content Moderation: Scan user-uploaded photos and videos for prohibited content using Google Cloud Vision API and Video Intelligence API.
• Communication: Send you push notifications, in-app messages, and emails related to your account, matches, and the Service. You control notification preferences through the Notification Preferences screen in your app settings.
• Payment Processing: Process subscription payments, in-app purchases, and calculate applicable taxes.
• Analytics and Improvement: Analyze usage patterns, measure performance, and improve the Service. You can opt out of analytics through the Consent Management section in Privacy & Data settings.
• Advertising: Display relevant advertisements through Google AdMob. You can opt out of personalized advertising through the Consent Management section in your Privacy & Data settings or through your device settings.
• AI Fairness: Monitor our AI agents for bias and drift through Fiddler observability.
• Legal Compliance: Comply with applicable laws, regulations, and legal processes.

7. How We Share Your Information

We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising. We may share your information in the following circumstances:

• With Other Users: Your profile information, photos, and approximate (obfuscated) location are visible to other users of the Service as part of the matching and social features.
• Service Providers: We share information with third-party vendors who perform services on our behalf, subject to strict contractual data protection obligations. These include:
  • Payment processing (Stripe)
  • Cloud hosting (Google Cloud/Firebase)
  • Content moderation (Google Cloud Vision API, Video Intelligence API)
  • Identity verification (Stripe Identity—Trust Score and Adjudication Status only)
  • AI observability (Fiddler—model telemetry only, no personal data)
  • Phone number intelligence (Twilio—phone number only, carrier type detection)
  • Tax calculation (TaxJar)
  • Push notifications (Firebase Cloud Messaging)
  • Analytics (Google Analytics for Firebase)
• Social Channels (Opt-In Only): If you are an Ambassador and explicitly authorize social sharing, achievement data is posted to your connected channels through our Social Air-Lock. Channel Partners may also submit content to Lessimp's official Meta channels under the Channel Partner Program (Section 5.3). See Section 5.
• Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request, or to protect the rights, property, or safety of Lessimp, our users, or others.
• Business Transfers: In connection with a merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you before your information becomes subject to a different privacy policy.
• With Your Consent: We may share your information for other purposes with your explicit consent.

8. Third-Party Services

The Service integrates with the following third-party services, each of which has its own privacy policy governing the use of your information:

Authentication

• Google Sign-In
• Apple Sign-In
• Facebook Login

Payments and Transactions

• Stripe (cards, Google Pay, Apple Pay, Link)
• Stripe Connect (Coach & Ambassador payouts)
• Square (in-person POS terminals) — Business users who connect Square via OAuth grant read access to merchant profiles, payment processing, and terminal checkout status. OAuth tokens are stored server-only in encrypted Firestore collections; your Square credentials are never accessible to the client app.
• Apple In-App Purchases
• Google Play Billing
• TaxJar

Identity & Trust

• Stripe Identity (document & selfie identity verification)

Nutrition Data

• USDA FoodData Central — The Foods Around Me feature queries the USDA FoodData Central API to display nutritional information for menu items. Search queries (food name, brand) are sent to the USDA; no personal data or location is transmitted with nutrition lookups.

AI Observability

• Fiddler AI (agentic observability & bias monitoring)

Analytics and Advertising

• Google Play Services
• Google Analytics for Firebase
• Google AdMob
• Google Tag Manager (web only)

Location and Maps

• Google Maps
• Google Places API

Phone Number Intelligence

• Twilio Lookup (carrier type detection — determines whether a phone number is mobile, VoIP/virtual, or landline; only the phone number is sent to Twilio)

Safety and Content Moderation

• Google Cloud Vision API
• Google Cloud Video Intelligence API

Emergency Dispatch

• Noonlight (emergency alarm creation, real-time location sharing, PSAP coordination)

Advertising & Conversion Tracking

• Google Ads (GA4 Measurement Protocol conversion events, Google Ads gtag, 30-day conversion attribution windows)
• Microsoft Advertising (Universal Event Tracking for conversion attribution and remarketing, Microsoft Clarity for heatmaps and session recordings)
• GroundTruth (Digital Out-of-Home ads, programmatic direct mail, audio ads, foot traffic attribution)

GroundTruth receives aggregate, anonymized location data to measure advertising campaign effectiveness (foot traffic attribution, venue visit lift studies). No personally identifiable information is shared with GroundTruth without your marketing consent. You can disable marketing data sharing in Settings → Privacy & Data.

Social Media Publishing

• Meta Platforms (Facebook)
• Meta Platforms (Instagram) (Instagram/Facebook Graph API for content publishing)

Notifications

• Firebase Cloud Messaging

WorkAuth — Employment Authorization

• Immigration documents (EAD cards, passports, visas, I-94s) uploaded to the encrypted Document Vault.
• Sensitive identifiers: A-Number (Alien Registration Number), USCIS Number, category code, and card number. These are classified as Restricted data.
• Documents are encrypted at rest using AES-256 encryption with keys managed through Flutter Secure Storage. Decryption occurs only on your device.
• TPS (Temporary Protected Status) country designation, immigration status, and subscribed programs for policy alert matching.
• I-9 form data: employer information, document list selections (List A, B, C), and section completion status.
• Biometric authentication (fingerprint/face) is processed locally via your device OS — no biometric data is transmitted to or stored by Lessimp.
• Immigration data is NEVER sold or shared with third parties. Disclosure occurs only with valid legal process (warrant or subpoena).

9. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you the Service. If you delete your account, we initiate a 90-day recovery window. During this period, your data is soft-deleted and your account can be recovered by logging in. After 90 days, our automated Data Retention Service permanently purges your data, including:

• Account Data: Retained while active; permanently deleted 90 days after account deletion.
• Identity Verification Data: Trust Score and Adjudication Status are deleted when your account is purged. Raw verification data (ID documents and selfies) is held by Stripe under their own retention policy.
• Transaction Records: Retained for up to 7 years as required by tax and financial regulations.
• Communications: Chat messages are retained while both users maintain active accounts. Deleted upon account purge.
• Reasoning Traces: AI reasoning logs associated with your account are deleted upon account purge.
• Log Data: Retained for up to 12 months for analytics and security purposes, then automatically deleted.
• Consent Preferences: Retained while your account is active. Deleted upon account purge.
• Clarity Lab Data: Practice records, streak data, and Worry Tree paths are deleted upon account purge.
• Studio Assets: All uploaded images and associated Firestore records are permanently deleted upon account purge.
• WorkAuth Data: Encrypted documents, immigration profile, I-9 form data, and alert preferences are permanently deleted upon account purge. Federal I-9 retention requirements (3 years after hiring / 1 year after termination) may extend retention for employer-submitted forms.

10. Data Security

We implement industry-standard technical and organizational measures to protect your personal information, aligned with our Pillar 4: Security framework:

• Encryption in transit (TLS/SSL) and at rest for sensitive data.
• Secure cloud infrastructure (Google Cloud/Firebase) with SOC 2 compliance.
• The Sovereign Air-Lock—an isolated, encrypted data store for Trust Scores, Adjudication Statuses, and other high-sensitivity data.
• Role-based access controls with audit logging.
• Continuous AI monitoring through Fiddler for anomalous system behavior.

However, no method of transmission over the internet or method of electronic storage is 100% secure. We cannot guarantee absolute security, and you use the Service at your own risk.

11. Your Privacy Rights (Sovereign Global Standard)

Every Lessimp user, regardless of jurisdiction, has the following rights:

• Access: Request a copy of the personal information we hold about you. Use the "Download My Data" feature in the app's Privacy & Data screen for an instant export.
• Correction: Request correction of inaccurate or incomplete personal information.
• Deletion: Request deletion of your personal information. You can delete your account through app settings; data is permanently purged after the 90-day recovery window.
• Portability: Request a copy of your data in a structured, machine-readable format (JSON) via the in-app data export.
• Opt-Out of Sale: We do not sell your personal information. Ever. You may still submit a formal "Opt Out of Sale of Data" request through the Privacy & Data screen.
• Object to Processing: You may object to specific types of data processing through the Privacy & Data screen.
• Restrict Processing: You may request that we restrict the processing of your data under certain circumstances.
• Withdrawal of Consent: Where we rely on your consent to process information, you may withdraw consent at any time through the Consent Management section in your Privacy & Data settings. Withdrawing consent does not affect the lawfulness of prior processing.
• Lodge a Complaint: You have the right to lodge a complaint with your local data protection authority. EU residents can find their local authority at edpb.europa.eu.
• AI Explainability: You may request an explanation of any AI-driven decision that affects your experience, including match recommendations and content moderation actions.
• Non-Discrimination: We will not discriminate against you for exercising any of these rights.

To exercise any of these rights, use the Privacy & Data screen in your app settings or contact us at privacy@lessimp.com. We will respond to your request within 30 days.

12. Children's Privacy

The Service is not intended for anyone under the age of 18. We enforce age verification at sign-up and do not knowingly collect personal information from anyone under 18 years of age. If we become aware that we have collected personal information from a person under 18, we will take steps to delete that information promptly. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us at privacy@lessimp.com.

13. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your experience. We use:

• Essential Cookies: Necessary for the website to function properly (e.g., authentication, security).
• Analytics Cookies: Help us understand how visitors interact with our website (Google Analytics, Google Tag Manager). Requires your consent.
• Advertising Cookies: Used to deliver relevant advertisements (Google AdMob). Requires your consent.
• Google Ads gtag: The Google Ads gtag (gtag.js) is loaded from googletagmanager.com when you grant marketing cookie consent. It is used for conversion attribution and audience building for advertising campaigns. This tag is not loaded unless marketing consent is granted.
• Microsoft Advertising UET: The Microsoft Universal Event Tracking tag (bat.bing.com/bat.js) is loaded when you grant marketing cookie consent. It is used for conversion tracking and remarketing for Microsoft Advertising (Bing Ads) campaigns. This tag is not loaded on the main site unless marketing consent is granted. On static informational pages (legal, privacy, terms), the UET tag loads for basic page-view analytics only.

You can manage your cookie preferences through the consent banner displayed on our website or through your browser settings. Our mobile app does not use cookies but may use similar device identifiers for analytics and advertising purposes, subject to your consent preferences.

13.1 Cross-Platform Consent

Consent preferences are managed independently per platform. On the web, the cookie consent banner controls “Analytics & Functional” and “Marketing & Personalized Ads” categories (stored in your browser’s local storage). On mobile, consent is managed through the Privacy & Data settings screen, which stores your preferences (analytics, personalized ads, marketing opt-out) in your Firestore user profile. Changing your preferences on one platform does not automatically update the other. To ensure consistent opt-out across both platforms, please update your preferences in both the web consent banner and the mobile Privacy & Data settings screen.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on this page with a revised "Last Updated" date and, where required by law, provide you with additional notice (such as an in-app notification or email). Your continued use of the Service after any changes constitutes your acceptance of the updated Privacy Policy.

15. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

• Privacy Inquiries: privacy@lessimp.com
• Legal: legal@lessimp.com
• General Support: support@lessimp.com
• Mailing Address: Lessimp Inc, United States

This Privacy Policy is effective as of March 6, 2026, and is governed by Lessimp's Sovereign Global Standard. It supersedes all prior versions.