Privacy Policy

This Privacy Policy describes how user data is processed by the online service for decrypting photos and videos encrypted in MIUI Gallery ("Service"). By using the Service, you ("User") agree to the terms of this Policy.

1. General Provisions

The Service Administration ("Administration") respects User privacy and commits to protecting their data within this Policy.

The Service is not intended to collect personal data except as specified in this Policy.

2. Data Processing

2.1. Technical Data Collection

  • IP address and browser information for security purposes
  • Session cookies for authentication (30-day validity)
  • Usage patterns for service improvement
  • System logs for troubleshooting (retained for 30 days)
  • reCAPTCHA response tokens for abuse prevention

2.2. File Processing Data

  • File metadata (size, type, creation date)
  • Processing status and results
  • Temporary processing tokens
  • Encryption keys (deleted immediately after processing)

2.3. Payment Information

  • Transaction IDs from payment processors
  • Credit purchase and usage history
  • Refund and dispute records
  • Payment timestamps and amounts
  • No credit card details are stored on our servers

2.4. Log Data

  • Service performance metrics
  • Error and debugging information
  • Security audit logs
  • User activity logs (anonymized after 30 days)
  • System health monitoring data

3. Third-Party Services

3.1. Infrastructure Providers

Amazon Web Services (AWS)

  • S3 for temporary file storage (EU region)
  • File encryption at rest
  • 24-hour retention policy

RabbitMQ

  • Processing queue management
  • Real-time status updates
  • Message encryption in transit

3.2. Payment Processors

Stripe

  • Credit card processing
  • Payment authentication
  • Fraud prevention

PayPal

  • Alternative payment processing
  • Transaction verification
  • Payment dispute handling

3.3. Security Services

Google reCAPTCHA

  • Bot prevention
  • Abuse detection
  • IP address verification

Logtail

  • System monitoring
  • Error tracking
  • Performance analytics

4. Data Retention and Deletion

4.1. File Storage

  • Uploaded files: maximum 24 hours
  • Processed files: maximum 24 hours
  • Preview files: maximum 24 hours
  • All files are automatically deleted after retention period

4.2. Account Data

  • Active accounts: data retained until account deletion
  • Inactive accounts: reviewed after 12 months
  • Deleted accounts: data removed within 30 days
  • Payment records: retained as required by law

4.3. Technical Data

  • Session data: 30 days
  • Error logs: 30 days
  • Usage statistics: anonymized after 90 days
  • Security logs: 1 year

5. Data Storage

  • The Administration does not store uploaded and processed files.
  • Technical data is stored for the minimum time necessary to achieve processing purposes.
  • User account data is stored until account deletion is requested.

6. Data Security

  • The Administration implements reasonable technical and organizational measures to protect User data from leaks, unauthorized access, or destruction.
  • Users are responsible for ensuring the security of their device and connection when using the Service.
  • In case of a data breach affecting User data, the Administration will notify affected Users within 72 hours.

7. User Rights

Users have the right to:

  • Know what data is being collected about them (except temporary files that are not stored).
  • Request deletion of all data where applicable.
  • Opt out of cookie usage through browser settings.
  • Request account deletion with all associated data.

8. Policy Changes

  • The Administration reserves the right to modify this Policy.
  • Updated versions of the Policy are published on the Service website. Continued use of the Service after changes indicates User acceptance of the new Policy version.

9. Contact Information

For privacy and data processing inquiries, Users can contact the Service Administration at:

info@lsadecrypt.com