Privacy Policy

Last Updated: January 24, 2026

1. Introduction

Lapis Research Inc. (“Lapis,” “Lapis Research,” “we,” “us,” or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website at lapistech.io and our web platform at app.lapis.tech (collectively, the “Platform”), along with all related services (collectively, the “Services”).

By using our Services, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

2. Information We Collect

2.1 Information You Provide to Us

Account Information

When you register for an account, we collect:

  • Name
  • Email address
  • Password (encrypted)
  • Organization or team name
  • Job title or role
  • Phone number (if provided)

Payment Information

When you subscribe to a paid tier, our third-party payment processors collect:

  • Credit card or payment card information
  • Billing address
  • Payment history

Note: We do not directly store your complete payment card information. This information is securely processed and stored by our payment processors (such as Stripe). Please review your payment processor’s privacy policy for more information on how they handle your payment data.

User Content

We collect and store the content, files, and data you upload, create, or share through our Platform, including:

  • Project and task information
  • Documents, spreadsheets, and files
  • Comments and notes
  • Team communications
  • Any other content you choose to store on our Platform

Communications

When you contact us, we collect:

  • Your name and email address
  • The content of your communications
  • Any additional information you choose to provide

2.2 Information Collected Automatically

Usage Data

When you access our Platform, we automatically collect:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and features used
  • Time and date of access
  • Referring website or application
  • Click-stream data and interaction patterns

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience. These include:

  • Essential Cookies: Required for the Platform to function properly
  • Analytics Cookies: Used to understand how you use our Platform (via Google Analytics)
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings, but disabling certain cookies may limit your ability to use some features of our Platform.

Google Analytics

We use Google Analytics to collect information about how users interact with our Platform. Google Analytics uses cookies and similar technologies to help us analyze usage patterns, understand feature adoption, and improve our Services. The information collected may include usage data, device and browser information, and approximate location information, and is processed by Google in accordance with its privacy practices. For more information, please review Google’s Privacy Policy at https://policies.google.com/privacy.

3. How We Use Your Information

We use your personal information for the following purposes:

3.1 To Provide and Maintain Our Services

  • Create and manage your account
  • Process your subscription and payments
  • Provide customer support
  • Deliver the features and functionality of our Platform
  • Store and process your User Content
  • Send transactional emails (account notifications, password resets, billing confirmations)

3.2 To Improve Our Services

  • Analyze usage patterns and trends
  • Develop new features and functionality
  • Conduct research and analysis
  • Monitor and improve Platform performance
  • Fix bugs and resolve technical issues

3.3 To Communicate With You

  • Send service announcements and updates
  • Respond to your inquiries and support requests
  • Send marketing communications (with your consent, and you may unsubscribe at any time)
  • Notify you of changes to our Terms or Privacy Policy

3.4 To Ensure Security and Prevent Fraud

  • Detect, prevent, and investigate security incidents
  • Protect against fraudulent, unauthorized, or illegal activity
  • Enforce our Terms and Conditions
  • Comply with legal obligations

3.5 For AI and Machine Learning

  • Process your User Content through AI and machine learning models to provide AI-powered features
  • Improve our AI models and algorithms (using aggregated, de-identified data when possible)
  • Generate insights and recommendations based on your usage patterns

4. How We Share Your Information

We do not sell your personal information to third parties. We may share your information in the following circumstances:

4.1 With Service Providers and Subprocessors

We share your information with trusted third-party service providers who assist us in operating our Platform and delivering our Services, including:

  • Supabase: Database and backend services
  • Netlify: Web hosting and deployment
  • Amazon Web Services (AWS): Cloud infrastructure and storage
  • Microsoft Azure: Cloud infrastructure and services
  • OpenAI: AI and machine learning services
  • MailerSend: Transactional email delivery
  • Stripe and other payment processors: Payment processing
  • Google Analytics: Analytics and usage tracking

These service providers are contractually obligated to protect your information and use it only for the purposes we specify.

4.2 Within Your Organization

If you use our Platform as part of a team or organization, your User Content and activity may be visible to other members of your team or organization, depending on your role and permissions.

4.3 For Legal Reasons

We may disclose your information if required to do so by law or in response to:

  • Court orders, subpoenas, or other legal processes
  • Requests from law enforcement or government authorities
  • Legal claims or disputes
  • Protection of our rights, property, or safety, or that of our users or the public

4.4 Business Transfers

If Lapis Research Inc. is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

4.5 With Your Consent

We may share your information with third parties when you provide explicit consent or direct us to do so.

5. International Data Transfers

Lapis Research Inc. is based in Canada, and we primarily serve users in Canada and the United States. Your personal information may be transferred to, stored, and processed in Canada, the United States, or other countries where our service providers operate.

By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different data protection laws. We take reasonable steps to ensure that your information receives an adequate level of protection in accordance with applicable privacy laws.

6. Data Retention and Backup

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Backup Procedures: We maintain daily backups of data stored in our databases for a period of seven (7) days to protect against data loss and ensure business continuity. These backups are for disaster recovery purposes only and are not intended as a data archival service.

Account Information: We retain your account information for as long as your account is active. If you delete your account, we may retain certain information for a reasonable period to:

  • Comply with legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Maintain backup and business continuity

User Content: When you delete User Content from your account, it will be removed from our active systems. However, copies may remain in our backup systems for up to seven (7) days.

Marketing Data: If you opt out of marketing communications, we will retain your email address to ensure we do not contact you in the future.

7. Data Security

We implement reasonable administrative, technical, and physical security measures to protect your personal information from unauthorized access, use, disclosure, alteration, or destruction. These measures include:

  • Encryption of data in transit and at rest
  • Secure authentication and access controls
  • Regular security assessments and monitoring
  • Employee training on data protection
  • Contractual obligations with service providers

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee its absolute security. You acknowledge and accept that you provide your information at your own risk.

8. Your Rights and Choices

8.1 Access and Correction

You have the right to access and update your personal information. You can do this by:

  • Logging into your account and updating your profile
  • Contacting us at engineering@lapistech.io

8.2 Data Portability

You have the right to request a copy of your personal information and User Content in a structured, commonly used, and machine-readable format. To request a data export, please contact us at engineering@lapistech.io. We will make reasonable efforts to provide your data export within thirty (30) days of your request, subject to technical and operational feasibility.

8.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (such as legal obligations or legitimate business purposes). You may request deletion of your account and associated personal information by contacting us at engineering@lapistech.io. Where available, account deletion tools may also be provided through your account settings. We will make reasonable efforts to process deletion requests within a reasonable timeframe, subject to applicable legal and operational requirements.

8.4 Marketing Communications

You have the right to opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link in any marketing email
  • Updating your communication preferences in your account settings
  • Contacting us at engineering@lapistech.io

Please note that even if you opt out of marketing communications, we will still send you transactional emails related to your account and use of our Services.

8.5 Cookie Preferences

You can manage your cookie preferences through your browser settings. Most browsers allow you to:

  • View and delete cookies
  • Block third-party cookies
  • Block all cookies
  • Receive notification when a cookie is set

Note that disabling cookies may affect the functionality of our Platform.

8.6 Do Not Track

Our Platform does not currently respond to “Do Not Track” signals from browsers.

9. Children’s Privacy

Our Services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you are under 16 years of age, do not use our Platform or provide any personal information to us.

If we learn that we have collected personal information from a child under 16, we will delete that information as quickly as possible. If you believe we have collected information from a child under 16, please contact us at engineering@lapistech.io.

10. Data Breach Notification

In the event of a data breach that poses a real risk of significant harm to you, we will:

  • Notify affected individuals
  • Notify the Office of the Privacy Commissioner of Canada as required under PIPEDA
  • Provide information about the breach, including what happened, what information was involved, and steps we are taking to mitigate harm
  • Advise you on steps you can take to protect yourself

Our ability to notify you depends on us having knowledge of the breach. We maintain monitoring systems and procedures to detect security incidents, but cannot guarantee we will always have immediate knowledge of every breach.

11. Third-Party Links and Services

Our Platform may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices or content of third parties. We encourage you to review the privacy policies of any third-party services before providing your personal information.

12. Compliance with Privacy Laws

12.1 PIPEDA Compliance (Canada)

We comply with the Personal Information Protection and Electronic Documents Act (PIPEDA), Canada’s federal privacy law. Under PIPEDA, you have rights regarding your personal information, including the right to access, correct, and challenge our handling of your data.

12.2 Provincial Privacy Laws

Depending on your location within Canada, additional provincial privacy laws may apply to the collection, use, and disclosure of your personal information.

12.3 U.S. State Privacy Laws

For users in the United States, certain state privacy laws may provide additional rights, including:

  • California (CCPA/CPRA): California residents have specific rights regarding their personal information
  • Other U.S. States: Virginia, Colorado, Connecticut, and other states have enacted comprehensive privacy laws

If you are a U.S. resident and would like to exercise rights under applicable state privacy laws, please contact us at engineering@lapistech.io.

12.4 Exclusions

We do not comply with or accept:

  • HIPAA (Health Insurance Portability and Accountability Act): Our Platform is not designed for protected health information
  • PHIPA (Personal Health Information Protection Act): Our Platform is not designed for personal health information
  • FISMA (Federal Information Security Management Act): Our Platform is not designed for data subject to FISMA requirements

DO NOT upload, store, or process any health information or data subject to HIPAA, PHIPA, or FISMA on our Platform. If you do so, you are in violation of our Terms and Conditions, and we may terminate your account.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes, we will:

  • Update the “Last Updated” date at the top of this Privacy Policy
  • Notify you by email at least seven (7) days before the changes take effect for material changes
  • Post the updated Privacy Policy on our website

Your continued use of our Services after the changes take effect constitutes your acceptance of the updated Privacy Policy. If you do not agree to the changes, you must stop using our Services and close your account.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us at:

Lapis Research Inc.

Email: engineering@lapistech.io

Website: lapistech.io

Privacy Complaints

If you have a complaint about how we handle your personal information, please contact us at engineering@lapistech.io. We will investigate your complaint and respond within a reasonable timeframe.

If you are not satisfied with our response, you may file a complaint with:

Office of the Privacy Commissioner of Canada

30 Victoria Street

Gatineau, Quebec K1A 1H3

Toll-free: 1-800-282-1376

Website: www.priv.gc.ca


By using our Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your personal information as described herein.

Have Privacy Concerns?

If you have any questions regarding our Privacy Policy, feel free to contact us.