This Privacy Policy explains how Lasso LLC ("Grace," "we," "us," or "our") collects, uses, and shares information about you when you use our website, web-app, and related services (collectively, the "Service"). If you do not agree with this Policy, do not use the Service.
1) Information we collect
Account & Contact Info
Name, email, password hash, time zone, and any phone number you provide for SMS reminders.
Dog Profile
Dog's name, breed, age, goals, and other training details you choose to enter.
Activity & Usage
Dates/times of training, session outcomes, streaks, reminders sent/opened, and in-app events.
Device & Technical
IP address, device/browser type, operating system, language, referral/UTM data, and cookie identifiers.
Analytics, Heatmaps & Session Recordings
We use analytics tools (currently PostHog) to capture page views, clicks, scrolls, rendered UI states, console and network performance data, and similar interaction details. When session recordings are enabled, your on-screen activity within the app may be replayed to help us understand usage patterns and troubleshoot issues. We do not record audio, and we aim to avoid capturing sensitive input fields; however, please do not share private information in free-form text areas you would not want us to review.
Communications
Your messages to us (support emails, feedback), plus your notification preferences (email/SMS push, quiet hours).
Payment Info (if/when applicable)
If we offer paid plans, payments are processed by a third-party processor (e.g., Stripe). We don't store full card numbers.
User Content
Any notes, photos, or other content you upload.
2) How we use information
- • Provide & maintain the Service. Account creation, authentication, saving training progress, scheduling reminders.
- • Communications. Transactional emails (confirmations, password resets) and, with your consent, tips and reminders (including SMS). You can opt out any time.
- • Personalization & improvement. Recommend sessions, measure results, debug issues, and improve features.
- • Security & compliance. Detect/prevent abuse, enforce policies, and comply with legal obligations.
- • Analytics. Understand engagement and feature usage, including reviewing heatmaps and session replays, so we can improve flows and resolve bugs.
Legal bases for EEA/UK users: (a) performance of a contract; (b) legitimate interests (e.g., security, product improvement); (c) consent (e.g., SMS/marketing emails) which you can withdraw at any time.
3) Cookies and similar technologies
We use cookies/local storage for login sessions, preferences, analytics, and to remember your training state. Our analytics provider (currently PostHog) also stores identifiers to enable features such as autocaptured events, heatmaps, and session recordings. You can control cookies via your browser or disable analytics in-app where available; some functionality may stop working if you do. We do not respond to Do Not Track signals.
4) How we share information
We don't sell personal information. We share it with:
Service providers / processors who help us run the Service, such as:
- • Supabase (authentication, database, hosting)
- • Postmark or similar (transactional email)
- • Analytics (Posthog, Google Analytics)
- • Error/crash reporting (e.g., Sentry)
- • SMS vendors (e.g., Google Voice/Twilio/MessageBird) for reminders, if you opt in
- • Payments (e.g., Stripe), if we introduce paid plans
Legal & safety
If required by law or to protect rights, property, or safety of Grace, our users, or others.
Business transfers
In a merger, acquisition, financing, or sale of assets, data may be transferred as part of that transaction.
We require processors to use data only on our instructions and to protect it appropriately.
5) International transfers
We are based in the United States. If you use the Service from outside the U.S., your information may be processed in the U.S. and other countries which may have different data protection laws. Where required, we rely on appropriate safeguards (e.g., Standard Contractual Clauses) for transfers.
6) Data retention
We keep personal data for as long as your account is active or as needed to provide the Service, resolve disputes, and comply with legal obligations. You can request deletion at any time (see Section 9). Some aggregated or anonymized data may be retained for analytics.
7) Your choices & rights
- • Access, update, delete. You can access or update profile info in the app or by contacting us. You may request deletion of your account/data.
- • Email/SMS preferences. You can opt out of non-transactional emails in each message and stop SMS by replying STOP. Reply HELP for help. Message/data rates may apply.
- • Privacy rights (EEA/UK/CA and certain US states). Depending on your location, you may have rights to access, correct, delete, or restrict processing of your data, and to portability and non-discrimination. To exercise rights, email contact@grace.dog.
8) Children's privacy
The Service is not directed to children under 13, and we don't knowingly collect personal information from them. If you believe a child under 13 has provided information, contact us and we will delete it. If local law requires parental consent for users 13–16, we will request it before processing.
9) Security
We use reasonable technical and organizational safeguards (encryption in transit, access controls, least-privilege policies). However, no method of transmission or storage is 100% secure.
10) Third-party links
The Service may link to third-party sites or services. Their privacy practices are governed by their own policies.
11) Changes to this Policy
We may update this Policy from time to time. If we make material changes, we will notify you (e.g., by email or in-app) and update the effective date. Your continued use of the Service means you accept the updated Policy.
12) Contact
Questions or requests? Email contact@grace.dog.
© 2025 Lasso LLC. All rights reserved.