Privacy Policy

Introduction

Welcome to LiveBlock! This Privacy Policy explains how LiveBlock, owned by Develtio Sp. z o.o., collects, uses, discloses, and protects your personal data when you use our application and related services (“LiveBlock” or “the Service”). We are committed to processing personal data in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

In this Policy, “we”, “us” and “our” refer to Develtio Sp. z o.o. as the operator of LiveBlock. “You” and “your” refer to you as a user of our Service. Personal Data means any information that relates to an identified or identifiable natural person (as defined under GDPR).

Please read this Privacy Policy carefully to understand our practices regarding your information. By using LiveBlock, you acknowledge that you have read and understood this Policy. If you do not agree with our practices, please do not use the Service. We may update this Policy from time to time (see the “Changes to This Policy” section below).

‍

1. Data Controller and Contact Information

For the purposes of GDPR and other applicable laws, the data controller of your personal data is Develtio Sp. z o.o., a company registered in Poland.

• Company Name: Develtio Sp. z o.o, registered in the entrepreneurs' register kept by the District Court for the capital city of Warsaw in Warsaw, XII Economic Department of the National Court Register under the KRS number: 0000684368, REGON: 367647421, NIP: 9512440445, hereinafter referred to as "Develtio".
  

• Registered Address: based in Warsaw, Poland, at ul. Franciszka Klimczaka 17/80 (02-797 Warsaw)
• Contact Email: info@develtio.com

If you have any questions about this Privacy Policy or wish to exercise your rights, you can contact us by email at info@develtio.com. We take privacy inquiries seriously and will respond as soon as possible, and no later than any timeframe required by law.

‍

‍

2. Personal Data We Collect

We collect several types of information from and about users of LiveBlock, including:

2.1. Information You Provide Directly

• Account Information: When you register for a LiveBlock account or connect LiveBlock to a third-party account (e.g. your Twitch, YouTube, or other streaming service account), we collect information such as your username, email address, display name, and password. We may also ask for your full name and contact details if needed for business accounts or verification purposes.
• Profile and Content: You may be able to create a user profile that includes information like a profile photo, bio, or links to your social media. Any information you choose to add to your profile is stored by us. Additionally, if LiveBlock allows you to input or upload content (for example, stream overlays, chat messages, or other interactive content), we will process that content as needed to provide the service.
• Payment Information: If you make purchases through LiveBlock (such as subscribing to premium features or buying digital goods), we will collect data needed to process the payment. This may include your payment card details or account information for payment platforms (e.g. PayPal). Note: LiveBlock uses accredited third-party payment processors (see Data Sharing below), so we do not store your full credit card numbers on our servers. However, we may retain transaction identifiers and summary details (e.g. the last four digits of your card, card type, expiration, and billing address) as provided by the payment processor for record-keeping. In some cases, we might ask for additional verification info for fraud prevention or compliance (for example, if required for large transactions, we may request identity confirmation documents – we will explicitly ask and explain why, if such data is needed).
• Communications with Us: If you contact LiveBlock support or otherwise communicate with us (such as via email or through an in-app feedback form), we will collect the information you choose to give us. This could include your contact information, the contents of your message, and any attachments. For example, if you email support, we will collect your email address and the details of your query or issue.

2.2. Information We Collect Automatically
When you use LiveBlock (or browse our website), we automatically collect certain technical information about your device and usage of the Service. This information helps us operate and secure our platform and provide a better user experience. Such data may include:

• Device and Connection Information: We collect data about the device you use to access LiveBlock, such as your device’s model, operating system and version, unique device identifiers, browser type, and browser version. We also log the Internet Protocol (IP address) used by your device, which can indicate general location (country, city, or region).
• Usage Logs: We record usage data like the dates and times you log in, features or pages you access, clicks and interactions with the interface, and other actions within the app. For example, we may log that you started a particular LiveBlock session, the settings you applied, or the length of time you used a feature. We also keep logs of server events (e.g. login attempts, error or crash reports, streaming events) to troubleshoot problems and improve stability.
• Cookies and Tracking Data: We use cookies and similar tracking technologies (such as web beacons, pixels, and mobile identifiers) to automatically collect information about your interactions with our Service. For instance, when you visit our web dashboard, our system will set cookies in your browser that help us recognize you, remember your preferences, and understand how you navigate our site. We may collect information on what pages you visited, links clicked, and other browsing behavior on LiveBlock’s site. (See Cookies & Similar Technologies in Section 7 for more details on how we use cookies and how you can control them.)

2.3. Information from Third-Party Services
LiveBlock may allow you to connect or log in via third-party services (for example, logging in with your Twitch account or integrating your StreamElements/StreamLabs account for donations). If you choose to connect a third-party account, we will receive certain information from that service based on your permissions. For example:

• If you log in with Twitch: we might receive your Twitch user ID, username, email, profile image, and list of subscribers or chat participants (if relevant to LiveBlock’s functionality).
• If you integrate a donation/alert service: we might receive information on your recent stream events, donation amounts (but not the payer’s full details, unless provided), or other data needed for LiveBlock to display alerts/overlays.
• Any data that we receive from third-party services will be processed in accordance with this Privacy Policy and the scope of access you granted. We only request information from other services that is necessary to provide LiveBlock features (for example, we won’t ask for your contact list from Twitch, but we may need your basic profile and stream stats to function). You can always choose not to connect a third-party service; however, certain features might then be unavailable (e.g. if LiveBlock’s core function is to integrate with Twitch, you’ll need to connect your Twitch account for it to work properly).

2.4. Sensitive Personal Data
We do not intentionally collect any special categories of personal data about you through LiveBlock, such as data about race or ethnic origin, political opinions, religious beliefs, health, or biometric data. LiveBlock is not intended to process any sensitive personal information. We ask that you refrain from providing such data in any free-text fields or support requests. If ever a need arises to collect sensitive data (for example, health information for an event accessibility feature), we would only do so with your explicit consent and clear explanation, in line with GDPR Article 9.

‍

3. How We Use Your Personal Data

We process your personal data for specific purposes and on valid legal grounds. Under GDPR, we must have a lawful basis to use your information. This section explains the purposes for which we use data and the corresponding legal bases that justify each processing activity.

3.1. To Provide and Maintain Our Service

• Description: We use your information to create and maintain your account, enable core LiveBlock functionalities, and ensure the Service works as intended. This includes using your login credentials to authenticate you, using your account/profile data to personalize your experience, and processing commands or interactions you make through the app. It also covers maintaining Service performance and availability.
• Legal Basis: Performance of a Contract. When you sign up and agree to our Terms of Service, a contract is formed between you and us. We need to process your data to fulfill that contract by providing you with the LiveBlock services you requested (Art. 6(1)(b) GDPR). For EU users, this is the primary legal basis for most data uses directly related to delivering the service.

3.2. To Manage Your Account and User Relationship

• Description: This includes processing data to allow you to modify your profile or settings, managing subscription status or purchases, and providing customer support. For example, if you update your email or password, we use your data to carry out that update. If you contact us with a problem, we will use your account and contact information to respond and help resolve it.
• Legal Basis: Performance of a Contract (managing the services you signed up for) and Legitimate Interests. It is in our legitimate interest to ensure customer satisfaction and proper account management (Art. 6(1)(f) GDPR), which also benefits you as it provides a smooth user experience. Support communications may also be considered part of contract performance to assist you.

3.3. To Process Payments and Transactions

• Description: When you make a purchase or financial transaction via LiveBlock, we use your personal data to process the payment and provide you with the purchased product or feature. This involves sending your payment details to our payment processor, verifying payment success, and recording the transaction. We may also use purchase history to manage billing, invoices, or refunds and to prevent fraudulent transactions.
• Legal Basis: Performance of a Contract (processing payments is necessary to provide the paid service you requested) and Compliance with Legal Obligations. We have legal obligations to keep certain financial records for tax and accounting purposes (Art. 6(1)(c) GDPR). Additionally, anti-fraud and KYC (know-your-customer) regulations might require verifying your identity for payments, which is also a legal obligation.

3.4. To Communicate with You

• Description: We may use your contact information (email or in-app notifications) to send important updates about the Service. This includes sending service-related announcements: for example, confirmation of account creation, payment receipts, password reset emails, changes to terms or this privacy policy, or notifications about security issues. We might also send customer support messages when you have an open ticket, or feedback requests to improve our platform. If you have opted in, we may send marketing communications such as newsletters, new feature announcements, or special offers – but we will only do this with your consent or if permitted by applicable law (see Marketing below).
• Legal Basis: Legitimate Interests for essential communications. It’s in our legitimate interest to inform users about updates to the service, security alerts, or respond to inquiries (Art. 6(1)(f) GDPR), and these types of communications do not override your rights (they are typically expected as part of using the service). For marketing emails, our legal basis is Consent (Art. 6(1)(a) GDPR) – we will only send you promotional content if you have agreed to receive it (for example, by subscribing to a newsletter or not opting out when given the choice). You can withdraw that consent anytime (see Section 8 on Your Rights).

3.5. To Improve and Develop the Service

• Description: We analyze usage data and feedback to understand how LiveBlock is used and how we can make it better. This may involve analyzing which features are most popular, diagnosing technical problems from crash logs, or A/B testing new features. For instance, we might review aggregated usage patterns to decide where to introduce a new tool, or use error logs to fix bugs. We may also use analytics services (as described in Section 5) to get insights into user interactions. Additionally, if we collect any user feedback or surveys, we use those to guide product development.
• Legal Basis: Legitimate Interests. Improving our product and ensuring it remains secure and user-friendly is in our legitimate interest (Art. 6(1)(f) GDPR). We take care to use largely aggregated or pseudonymized data for this purpose where possible, so your privacy is respected. These improvements ultimately benefit users with a better experience.

3.6. To Ensure Security and Prevent Fraud

• Description: We use data (especially technical and usage data) to protect our users and LiveBlock. This includes monitoring login locations/IPs to detect suspicious logins, using cookies or device IDs to prevent unauthorized account access, and analyzing usage for patterns of misuse (such as spamming or attempts to bypass security measures). If we detect possible fraud or violations of our Terms of Service, we may use personal data to investigate and take appropriate action. We also keep server logs and may use automated tools to detect security incidents or breaches.
• Legal Basis: Legitimate Interests and Legal Obligation. It’s in our legitimate interest to maintain the security of our platform and users (Art. 6(1)(f) GDPR). In some cases, we also have a legal obligation to implement adequate security measures (GDPR Art. 32) and to prevent, detect, and report illegal activities (Art. 6(1)(c) GDPR, e.g., cooperating with law enforcement in fraud cases).

3.7. To Comply with Legal Requirements

• Description: We may process your personal data when necessary to comply with laws and regulations. 
• Legal Basis: Compliance with a Legal Obligation. We will process or disclose personal data where we have a legal duty to do so (Art. 6(1)(c) GDPR). This covers things like complying with a government request or regulatory requirement.

3.8. Marketing and Promotional Purposes (if applicable)

• Description: If you are a user who has given consent, we may use your contact details and in-app activity to send you tailored marketing about LiveBlock. This could include newsletters, offers, promotions, or suggestions for features you haven’t tried. We may also use cookies to track your interactions with our marketing emails (like if you opened an email) to gauge effectiveness. Note: We will not bombard you with ads, and we never sell your data to third parties for their own marketing. Any marketing we do is either directly from LiveBlock or via our trusted partners on our behalf.
• Legal Basis: Consent. We will only use your personal data for marketing if you have actively consented to it (Art. 6(1)(a) GDPR). For example, ticking a box to receive the newsletter or similar. You have the right to withdraw consent at any time, and each marketing email will provide an easy way to opt out (unsubscribe link).

If we need to use your personal data for a purpose not described above, we will update this Privacy Policy and/or provide you with a just-in-time notice explaining the new use and the legal basis for it. We will also seek your consent whenever required by law (for instance, if we ever plan to process data for a completely new, unrelated purpose, or if required to process sensitive data).

‍

4. Who We Share Your Data With (Data Sharing & Third Parties)

 We use trusted third-party companies to perform functions on our behalf, which may require sharing your data. These service providers act under our instructions and are bound by contract to protect your information and use it only for the agreed-upon purpose. Key service providers we use include:

• Hosting and Infrastructure: We host LiveBlock on cloud servers (for example, Amazon Web Services or Google Cloud Platform) which store and process your data (account info, content, etc.) on our behalf. These providers provide secure data storage, database, and backup services.
• Payment Processors: As noted, we rely on external payment gateways like PayPal, Stripe, or other payment partners to handle payment transactions. When you make a payment, the information you provide is sent directly to the payment processor. They process your payment and notify us of the result. We share only necessary data with them (e.g., order ID, amount, and your account identification). These payment processors are PCI-DSS compliant and have their own privacy policies governing the personal data they receive.
• Analytics Providers: We use analytics tools such as Google Analytics to understand how users interact with LiveBlock’s website and improve it. These tools set their own cookies and collect usage data (e.g., pages viewed, time spent). We configure such tools to anonymize IP addresses where possible and not to share data with their other services unless you consent. Analytics providers act as data processors, meaning they only process data as we direct and cannot use it for their own purposes (aside from improving their service).
• Email and Communication Tools: If we send emails or in-app messages, we might use services like an email sending service (for example, SendGrid or Mailchimp) to manage mailing lists and deliver messages. In doing so, we provide your email address and the content of the message to the service solely to send out communications on our behalf.
• Support and Ticketing Systems: Should we use a third-party customer support system (like Zendesk or a similar platform) to track support requests, any personal data you provide in a support ticket (name, email, issue details) would be stored on that system. Again, that vendor would be obligated to keep the data secure and confidential.

These service providers are “data processors” under GDPR. We ensure each such provider is contractually obligated to protect your data to GDPR standards. They cannot use your data for anything other than providing services to us and to you. A list of our key sub-processors can be provided upon request (and we will notify you if we make major changes to our data processors as required).

4.2. Business Partners and Integrations
In some cases, LiveBlock may partner with other companies or offer integrations that you opt into. For example, if LiveBlock offers a feature in collaboration with another platform (say, a special event with another streaming service or an integration with a sponsor’s tool), we might share certain account info or identifiers as needed for that integration with your knowledge and consent. Similarly, if you sign up through a referral or affiliate program, we might share your user ID or email with the referrer to validate the referral. Any such sharing will be made clear to you at the time you use the feature or service.

If in the future we offer advertising within LiveBlock (for instance, showing ads from sponsors), we will update this Policy accordingly and let you know how data might be shared for ad targeting. At present, LiveBlock does not disclose personal data to third-party advertisers for their independent use.

4.3. Other Users (Social or Public Sharing)
LiveBlock might enable social features that involve sharing information with other users. Public Profile: If your LiveBlock profile or username can be seen by others (for example, in leaderboards or chat), then any data you include in your public profile will be visible to others on the Service. This is under your control – e.g., your chosen display name, avatar, and any public stats or content you share will be accessible to those who have access to that part of LiveBlock.
Interactive Features: If LiveBlock has community features like a chat, forum, or collaborative tools, information you post or transmit in those areas (including personal data you might reveal about yourself) could be read, copied, or used by other participants. Please be mindful of what you share publicly. We consider that your choice and part of the service functionality. If you link LiveBlock with Twitch or another service to broadcast information (like displaying your LiveBlock overlays on your Twitch stream), then by nature those elements become public to your viewers as well.

We never share private personal data (like your email or real name) with other users unless you explicitly instruct us to (for instance, if a feature allows you to send your contact info to a friend at your choosing).

4.4. Legal and Safety Disclosures
We may disclose personal information to third parties (such as courts, law enforcement agencies, regulators, or lawyers) if we determine that such disclosure is legally necessary or appropriate. Situations where this might occur include:

• To comply with a legal obligation or respond to lawful requests: If we receive a subpoena, court order, or lawful request from authorities, we may need to provide the requested data. We will attempt to notify you of such requests when allowed, except in emergency or clear prohibitions.
• To protect our rights and enforce our policies: We may share data if necessary to enforce our Terms of Service or other agreements, or to investigate potential violations (fraud, harassment, etc.). For example, if necessary, we might share an IP address of a user who is attacking our system with law enforcement.
• To ensure safety: If someone’s life, health or security is at risk, and data disclosure could help prevent harm, we may share information with appropriate authorities or individuals. 

4.5. Business Transfers
If LiveBlock or Develtio Sp. z o.o. undergoes a business transaction such as a merger, acquisition by another company, reorganization, or sale of all or part of its assets, your personal data may be transferred to the new owner or partner. We would only do this as part of a continuity of service, and the receiving party will have to honor the commitments we have made in this Privacy Policy. If such a transfer is substantial, we will notify users (for example, by email or a notice on our website) about the change in ownership and any new privacy policy that might come into effect. You will have the opportunity to discontinue using LiveBlock or exercise your rights if you object to the new policy.

4.6. With Your Consent
In cases not covered above, if we ever need to share your personal data with a third party, we will do so only with your consent. For instance, if we want to feature your success story or testimonial on our site, we would ask for your permission to use your name or likeness. You are in control of whether we share in such scenarios.

Summary of Third-Party Sharing: We share data with third parties only as necessary to run LiveBlock (service providers like hosting, payments, analytics), to carry out integrations you choose, to comply with law, or as part of corporate changes. All such parties are bound to protect your data. We do not sell your data or allow third parties to use it for their own marketing without your consent.

‍

5. International Data Transfers

LiveBlock is a service that may be accessed by users around the world. The data you provide may be transferred to and processed on servers located in countries other than your own. For example, if you are in the European Union, your personal data might be stored on servers in the United States or other jurisdictions. Similarly, our company Develtio Sp. z o.o. operates in Poland (EU), but we may use cloud services or subcontractors outside the EU.

When we transfer personal data out of the European Economic Area (EEA) or the United Kingdom, we take steps to ensure your data receives an adequate level of protection comparable to that provided in Europe. These steps include:

• Adequacy Decisions: If the country to which data is sent has been officially recognized by the European Commission as providing adequate data protection (for example, countries like Andorra, Argentina, Canada (commercial organizations), Israel, Japan, New Zealand, Switzerland, Uruguay, and the UK itself), we rely on that decision for the transfer. Data sent to those jurisdictions is treated as safely as if it remained in the EU.
  
  
• Standard Contractual Clauses (SCCs): For transfers to countries without an adequacy decision (such as the United States or others), we use the European Commission’s approved Standard Contractual Clauses in our contracts with the data importer. These SCCs impose strict data protection obligations on the recipient and ensure that your rights travel with your data. For UK transfers, we include the UK’s International Data Transfer Addendum or Agreement as needed.
  
  
• Additional Safeguards: We may implement additional technical and organizational measures to protect data transferred abroad. This can include encryption in transit and at rest, limiting access on a need-to-know basis, and careful vetting of foreign partners. We also perform case-by-case transfer impact assessments to verify that the data will remain secure.
  
  

Your consent: In some cases, we might ask for your explicit consent to transfer data to a third country if none of the above safeguards are deemed sufficient, but this is rare and we will always try to use a standardized safeguard first.

You can request more information about our international transfer mechanisms (or a copy of the SCCs we use) by contacting us at the email provided in Section 1. We will gladly provide relevant details, subject to any legal or confidentiality considerations.

Note for non-EU users: By using LiveBlock, you understand that your data may be transferred to our or our vendors’ servers in countries other than your own. Regardless of location, we will protect your data as described in this Policy.

‍

6. Data Retention – How Long We Store Your Data

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. The retention period can vary depending on the type of data and the purpose of processing. Here are our general retention practices:

• Account Information: We keep your account data while your account is active. If you choose to delete your LiveBlock account (or request deletion), we will remove or anonymize your personal data associated with your account from our live systems within a reasonable time after your request, except for information we must keep for legal reasons (see below). Account backups may persist for a short period in encrypted archives before they are overwritten, but they will eventually be purged as well.
  
  
• Profile and Content: Any content you create (such as overlay settings, saved configurations, chat logs if any) will typically be stored until you delete it or your account, or as part of routine cleanup if it’s no longer needed. If you delete specific content, we aim to remove it from our active database promptly, though again, it might remain in secure backups for a limited period until those backups cycle out.
  
  
• Payment and Transaction Records: We retain transaction records and related personal data (like invoice details, payments, refund records) for at least the duration required by tax and financial laws. In Poland and under EU law, certain financial records must be kept for 5 years or more. We will keep those records securely for the legally mandated period, after which we’ll delete or anonymize them.
  
  
• Communications: If you contacted support, we may keep the support tickets or emails for a period of time (for example, 2 years) to help with any follow-up or reference to past issues. If you unsubscribe from marketing emails, we will keep your email on a suppression list indefinitely to ensure we don’t accidentally send you further marketing (this is a minimal data usage solely to respect your opt-out).
  
  
• Usage Data: Usage logs and analytics data is usually kept for a shorter period. We might retain raw logs for a few months for analysis and security monitoring. Aggregated analytics (which no longer identify you personally) might be retained longer for historical reporting. If usage data is stored in identifiable form, we typically do not keep it beyond 12-24 months, unless needed for security (for example, a log of IP addresses used to access your account may be kept longer to investigate fraud or unauthorized access patterns).
  
  
• Legal Holds: If we are in a legal dispute or receive a legal request, we may need to retain certain information for longer than our standard periods. For instance, if a litigation hold is in place or if we must preserve data as evidence, we will keep the data until advised it’s okay to delete.
  
  

Once the retention period expires or the purpose for collecting the data is fulfilled, we will either securely delete or anonymize your personal data. Anonymization is an irreversible process after which the data is no longer associated with you (we might keep anonymized usage statistics indefinitely as they contain no personal data).

If you wish to close your account or ask us to delete your personal data, please see Section 8 on your rights – you can request erasure, and we will comply so long as we don’t have a lawful reason to keep the data (if we do, we’ll inform you of that).

‍

7. Cookies & Similar Technologies

LiveBlock uses cookies and similar tracking technologies on our website and possibly within the app to provide, personalize, and improve your experience. This section explains what these technologies are and your choices regarding them.

7.1. What are Cookies?
Cookies are small text files that websites place on your device’s browser. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies can be “session cookies” which are deleted when you close your browser, or “persistent cookies” which remain until they expire or you delete them.

Similar technologies include web beacons (tiny graphics embedded in pages or emails that signal when they’re viewed), pixels, or SDKs in mobile apps that perform a similar function to cookies. In this Policy, we refer to all of these as “cookies” for simplicity.

7.2. How We Use Cookies
We use cookies for several reasons:

• Essential Cookies: These are necessary for our website or web app to function. For example, when you log into your LiveBlock account on our website, we set a session cookie so you remain logged in as you navigate. Without it, you’d have to log in on every page. Essential cookies might also help us enforce security (e.g., to keep your session secure or help load the site faster).
• Preference Cookies: We use these to remember your preferences and settings. For instance, a cookie might remember your language choice or that you dismissed a tooltip so we don’t show it again. This makes your experience more tailored.
• Analytics Cookies: These cookies collect information about how visitors use our site, which pages are popular, or if an error occurred. We use this data to improve the site’s performance and design. For example, we use Google Analytics which sets cookies to gather usage statistics (like number of visitors, time spent on site, interactions). The information collected is aggregated and not used to identify you personally.
• Functional Cookies: If LiveBlock offers certain functionality like remembering a favorites list or other enhanced features, functional cookies enable those. They are not strictly necessary but add convenience.
• Advertising/Marketing Cookies: (If applicable) Currently, LiveBlock does not display third-party ads on our platform. However, if we run marketing campaigns, we may use tracking pixels or cookies to measure the effectiveness of our ads (for example, a cookie to note if you clicked a LiveBlock ad on another site and later signed up). If in future we partner with advertisers or sponsors who deliver content on our site, those partners may set cookies to deliver targeted ads. We will update this Policy and our cookie consent mechanisms if that becomes the case.

7.3. Third-Party Cookies and Tools
As mentioned, some of the cookies on our site are placed by third-party services we use. Key examples:

• Google Analytics: Google Analytics may set cookies (_ga, _gid, etc.) to collect information about site usage. This helps us analyze user behavior. Google may also use the data collected to contextualize and personalize ads in its own network (Privacy policy), but we do not share personal info like your name or email with Google Analytics. You can opt-out of Google Analytics as described below.
• Payment Processors: If our payment page is hosted by a third party or uses their widget, that service might set a cookie to remember your session or preferences. For example, PayPal might set cookies on its checkout page.
• Embedded Content: If we ever embed videos (e.g., YouTube tutorials) or social media widgets on our site, those third-party sites may set their own cookies. We endeavor to minimize this and will inform you when it happens via our Cookie Policy or consent banner.

7.4. Your Choices for Cookies
When you first visit our website, if you are in the EU/UK (or where required by law), you will see a cookie consent banner. We will not use non-essential cookies (like analytics or marketing cookies) unless you consent. You can choose to accept all, reject non-essential ones, or customize your cookie preferences. Your choice will be remembered via a cookie (ironically) so that the banner does not keep popping up.

Additionally, regardless of the banner, your browser settings allow you to control cookies:

• You can usually set your browser to block or delete cookies. Most browsers have an option to clear browsing data (which includes cookies) and settings to manage cookie behavior site-by-site. Please note that if you disable all cookies, our website may not function properly (for instance, you might not be able to log in or your preferences won’t be saved).
• For analytics cookies like Google Analytics, Google provides an opt-out browser add-on you can install (available at tools.google.com/dlpage/gaoptout) which prevents Google Analytics from collecting data on any sites you visit.
• For advertising cookies, since we currently don’t serve ads, you mainly need to manage those via general browser settings. However, if in future we use remarketing cookies, you could opt-out via industry sites like the Network Advertising Initiative opt-out page or Your Online Choices (EU) website to opt out of interest-based advertising cookies.

7.5. Do Not Track
“Do Not Track” is a browser setting that requests websites not to track you. Currently, our systems do not respond differently to a Do Not Track header or signal. We treat all visitors according to our cookie consent tool and this policy. If standards emerge for DNT and are accepted, we may revisit this.

7.6. Cookies on the App
If LiveBlock is primarily an application (mobile or desktop), traditional cookies may not apply, but we might use local storage or similar mechanisms to remember settings on your device. Additionally, if our app uses web-based components, those could utilize cookies as described. We treat those with the same level of transparency and control as browser cookies. You may be able to reset or clear such data by uninstalling the app or using built-in app settings.

For more details, please see our Cookie Policy (if one is provided separately on our site) which provides a detailed list of cookies in use. And as always, you have the control to adjust your preferences at any time by contacting us or changing settings.

‍

8. Your Rights as a Data Subject (GDPR User Rights)

If you are in the European Union, European Economic Area (EEA), or otherwise subject to GDPR, you have specific rights regarding your personal data. LiveBlock is committed to upholding these rights. Even if you’re not in Europe, we extend many of these core principles to all our users. The following is a summary of your data protection rights:

• Right of Access: You have the right to request confirmation whether we are processing your personal data, and if so, to access that data. We will provide you with a copy of the personal data we have about you, usually in electronic form. (For additional copies requested, we may charge a reasonable fee as permitted by law.) This enables you to know and verify the lawfulness of our processing.
  
  
• Right to Rectification: If any of your personal data we hold is inaccurate or incomplete, you have the right to have it corrected. You can update some of your account information directly in your profile settings. For any other corrections, you can contact us and we will rectify the errors. We want to ensure we have accurate data about you.
  
  
• Right to Erasure: Commonly known as the “Right to be Forgotten,” this right allows you to request deletion of your personal data when there is no compelling reason for us to continue processing it. You can request that we erase your data if: (a) it’s no longer needed for the purposes we collected it, (b) you withdraw consent (and we have no other legal basis), (c) you validly object to the processing (see below) and we have no overriding grounds, (d) we processed your data unlawfully, or (e) we must erase it to comply with a legal obligation. Please note this right is not absolute – if we are required by law to keep certain data, or if the data is necessary for legal claims, we may decline deletion of those specific pieces (but will explain to you why). Deleting your account through our interface (if that option exists) or contacting us to request deletion will initiate this process.
  
  
• Right to Restrict Processing: You have the right to request that we limit the processing of your personal data in certain circumstances. This means we would store your data but not actively use it. You can ask for restriction if: you contest the accuracy of the data (until we verify or correct it); or if our processing is unlawful but you prefer restriction over deletion; or if you need us to keep the data beyond our normal retention period for the establishment, exercise or defense of legal claims; or if you have objected to processing (see below) and await verification of overriding grounds. When processing is restricted, we will clearly mark the data and only process it with your consent or for legal reasons.
  
  
• Right to Data Portability: You have the right to receive the personal data you provided to us in a structured, commonly used, machine-readable format (for example, CSV or JSON), and to have that data transmitted to another controller where technically feasible. This right applies when the processing is based on your consent or a contract (so most of your account data) and is carried out by automated means. We will provide the data directly to you, or to a third party you designate, if technically possible. Note this right is for data you actively provided and some data generated through your activities (like your usage history associated with you), but does not include our internal analyses or inferred insights.
  
  
• Right to Object: You have the right to object to our processing of your personal data in certain scenarios:
  
  • Direct Marketing: You can always object to (or opt out of) our processing of your personal data for direct marketing purposes. If you object, we will stop using your data for marketing immediately. This includes profiling to the extent it’s related to direct marketing. (E.g., if we were profiling your app usage to decide what marketing messages to send, you can object to that.)
  • Legitimate Interests: If we are processing your data based on our legitimate interests (Art. 6(1)(f) GDPR), you may object to this processing if you have grounds relating to your particular situation. We will then stop the processing unless we have compelling legitimate grounds that override your interests, rights, and freedoms, or unless we need to continue processing for the establishment, exercise, or defense of legal claims. For example, if you object to us processing your data for improvement of the service (a legitimate interest), we will consider your objection and decide whether we can accommodate it or if we have an overriding need to continue. In most cases, we will honor your objection.
• Right to Withdraw Consent: When we rely on your consent as the legal basis (for instance, for sending marketing emails or for optional data processing), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing we did prior to withdrawal, and it won’t affect processing under other bases. If you withdraw consent for a certain feature (like location access or integration), some functionalities might not work, but that’s your choice. You can typically withdraw consent by changing your settings (e.g., unchecking a box in your profile, or toggling off a feature) or by contacting us. For email marketing, clicking “unsubscribe” in any message will withdraw your consent for further marketing emails.
  
  

We strive to make it easy for you to exercise these rights. For many basic requests (access, correction, deletion) you can log into your account and navigate to an account settings or privacy dashboard if available. There you may find options to download your data, correct profile info, or delete your account. Where self-service is not available or you prefer assistance, please contact us at infoi@develtio.com with your request.

Verification: For your security, we may need to verify your identity before fulfilling certain requests (especially for access, deletion, or portability). We might ask you to provide information that matches our records or to use your logged-in account to authenticate the request. This is to ensure we don’t disclose or erase someone else’s data by mistake.

Response Time: We will respond to your request as soon as possible, and at most within one month of receiving it, as required by GDPR. If your request is complex or we have a high volume of requests, we may extend the period by up to two further months, but we will inform you of the extension and reasons within the first month.

Fees: In general, we will not charge a fee for handling your rights requests. However, if a request is manifestly unfounded or excessive (for example, repetitive), GDPR allows us to either charge a reasonable fee or refuse the request. We will communicate any such decision and our reasoning.

Complaints: In addition to the rights above, you also have the right to lodge a complaint with a Data Protection Supervisory Authority if you believe we have infringed your data protection rights. You can do this in the EU Member State where you live, work, or where the alleged infringement occurred. We would appreciate the chance to address your concerns first, so we encourage you to contact us with any complaint and we will do our best to resolve it. In Poland, our lead supervisory authority is the UODO (Office for Personal Data Protection). We can provide their contact details:

• Urząd Ochrony Danych Osobowych (UODO)
  Stawki 2, 00-193 Warsaw, Poland
  https://uodo.gov.pl/en

We are dedicated to respecting your rights and will not discriminate against you for exercising any of them. Your privacy and control over your information are paramount to us.

‍

9. Data Security

We understand that the security of your personal data is important. LiveBlock implements a variety of technical and organizational security measures to protect your information from unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Personal data is transmitted over secure channels. Our website and app use HTTPS (TLS encryption) for all data in transit, which means information like your login credentials and any data exchange with our servers is encrypted and cannot be easily intercepted. We also encrypt sensitive information at rest in our databases (for instance, passwords are stored using secure hashing, and sensitive fields may be encrypted on disk).
• Access Controls: Access to personal data within our organization is limited on a need-to-know basis. Only authorized personnel (such as members of the LiveBlock team who need to handle data for the purposes described) can access user data, and they are bound by confidentiality. We employ user access logging and two-factor authentication for our internal systems to prevent unauthorized access.
• Security Testing and Maintenance: We regularly update our software and dependencies to patch security vulnerabilities. Our system is scanned and monitored for possible weaknesses. We run malware detection and have firewalls in place to protect against common web attacks. Any suspicious activity on accounts (like multiple failed logins) is flagged for review.
• Third-Party Security: When we use third-party service providers (Section 4.1), we choose reputable companies with strong security practices. We ensure through contracts that they also take appropriate measures to protect your data (for example, our hosting providers maintain ISO 27001 or SOC 2 certifications demonstrating robust security). Payment information is handled by PCI-compliant processors, meaning they follow strict industry standards for data security (InstructBot).
• Backups and Recovery: We perform regular data backups which are encrypted and stored securely. This protects data integrity and availability – in case of any system failure, we can restore data to prevent loss.
• Breach Notification: Although we work hard to prevent any data breaches, we have a response plan in place in the event of a security incident. If a personal data breach occurs that poses a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay (within 72 hours if feasible, as per GDPR) and inform affected users promptly as required by law. We will also take all necessary steps to mitigate the breach and prevent future occurrences.

It’s important to note that no method of transmission over the internet or method of electronic storage is 100% secure (InstructBot). While we strive to protect your personal data with commercially acceptable means, we cannot guarantee absolute security. You also play a role in security: please use a strong, unique password for LiveBlock and do not share it. If you suspect any unauthorized access to your account, notify us immediately.

We continuously review and update our security practices to adapt to new threats and ensure the integrity and confidentiality of data.

‍

10. Children’s Privacy

LiveBlock is not directed at children under the age of 16 (or the equivalent minimum age for providing consent in your jurisdiction). We do not knowingly collect personal data from children under 16 without verifiable parental consent. If you are under 16, please do not use LiveBlock or provide any personal information to us (for example, do not register or send us your name, address, or contact info).

If we learn that we have inadvertently collected personal data from a child under the applicable age without proper consent, we will take steps to delete that information as soon as possible. Parents or guardians who believe their child may have provided us with personal data should contact us immediately so we can investigate and remove the data if necessary.

In the event LiveBlock introduces features specifically for younger audiences in the future, we will implement appropriate parental consent mechanisms and adjust this Privacy Policy to reflect how children’s data is handled in compliance with GDPR (which sets 16 as the default age for consent, unless member states set a different age between 13-16) and other laws like COPPA (for US users under 13).

‍

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. When we make changes, we will notify users in an appropriate manner:

• Version Updates on Website/App: We will post the updated Privacy Policy on our website (and in-app, if applicable) and update the “Last updated” date at the top.
• Notification: If the changes are significant, we will provide a more prominent notice. For example, we might display a notice upon login or send an email notification to let you know the Policy has been updated. For material changes that affect your rights or how we use your data, we will notify you in advance when possible, so you have the opportunity to review and understand the new terms.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If you continue to use LiveBlock after a new version of the Policy takes effect, you will be deemed to have agreed to the updated terms (to the extent permitted by law).

Should we ever want to use your personal data for a new purpose not originally collected for, we will seek your consent if required or provide you with a relevant notice and legal basis explanation.

‍

12. Contact Us

Your feedback and questions about privacy are important to us. If you:

• Have any questions or comments about this Privacy Policy,
• Need to access, update, or delete your personal data,
• Have a concern or complaint about how we handle your data, or
• Wish to exercise any of your rights mentioned in Section 8,

please contact us at:

Email: info@develtio.com
Postal Address: Warsaw, Poland, at ul. Franciszka Klimczaka 17/80 (02-797 Warsaw)

We will respond to inquiries as soon as possible, and certainly within any timeframes required by law. We are here to help and we value the trust you place in LiveBlock to safeguard your personal data.

‍

‍

‍

Thank you for reading our Privacy Policy. We are dedicated to creating a transparent and safe experience for all LiveBlock users. Your privacy is at the core of our design and decision-making.