Skip to main content

Privacy Policy

Last updated: April 2026

Who We Are

"LyncView" refers to the LyncView project management service, operated by the company listed in our Terms of Service. References to "we", "us", or "our" are to that company. References to "you" are to the person or entity using LyncView.

For privacy questions, security reports, or data requests, contact support@lyncview.com.

What We Collect

Account information. Name, email address, hashed password, optional company name, and account role (owner, worker, client) when you register.

Project data. Anything you enter into LyncView — projects, checklists, comments, files, client invitations, intake form submissions, branding preferences, time entries, and webhook configuration.

Email content (opt-in). If you connect your Gmail inbox for AI email processing, we read messages from your inbox to suggest project updates. We do not store the full message body after analysis. We do store the suggestions, the email subject, and metadata so you can review and apply them.

Usage data. Page views, feature usage, IP addresses, browser type, and rough geo (country) via Vercel Analytics. We do not use third-party advertising trackers.

Payment data. Subscription metadata only — actual card details are stored by Stripe under their own controls. We never see your card number.

How We Use Your Data

We use your data to provide and improve LyncView. Project data is shown to you and to clients you have explicitly invited to a project. AI email content is sent to our AI provider (Anthropic) for analysis only — it is not used to train AI models. We use your email address to send transactional notifications you have opted into (password resets, client invites, project updates, weekly digests).

We do not sell, rent, or share your personal data with third parties for marketing purposes.

Data Storage & Security

Account data and project data are stored in encrypted databases on Turso (libSQL). Passwords are hashed with bcrypt — even we cannot see your password. All connections use HTTPS / TLS. JWT session tokens are stored as httpOnly, secure, sameSite=lax cookies. We follow industry-standard security practices, including least-privilege API access and rate limiting on authentication endpoints.

Subprocessors

We use the following third-party services to operate LyncView. Each operates under their own privacy and security policies:

  • Vercel — hosting and analytics
  • Turso — database hosting (libSQL)
  • Anthropic — AI email processing
  • Stripe — subscription billing
  • Google — Gmail OAuth (only if you connect Gmail)
  • SMTP provider you configure — sending transactional emails

Data Sharing

We do not sell your personal data. We share data with subprocessors only as necessary to provide the service. We may disclose data if required by law, subpoena, or other valid legal process, and we will give you reasonable notice unless prohibited.

Your Rights

You can access, update, or delete your data at any time from inside LyncView. You may also request a full data export by emailing support. Account deletion removes your data within 30 days of the request, except where retention is required by law or to resolve disputes.

If you are in the EU, EEA, UK, or California, you have additional rights under GDPR and CCPA, including the right to access, correct, or delete your personal data, and to object to certain processing. We honor verifiable requests within 30 days. Contact support@lyncview.com to exercise these rights. We do not sell personal information for purposes of CCPA.

Data Retention

We retain account and project data for as long as your account is active. After account deletion, your data is removed within 30 days. Stripe billing records and contact-form submissions may be retained for up to 7 years to satisfy tax, accounting, and audit obligations.

Cookies

We use a single, essential authentication cookie (auth_token) to keep you signed in. We do not use tracking cookies, advertising cookies, or third-party analytics trackers. Vercel Analytics uses anonymized hashes that don't require a cookie banner under most regulators' current guidance.

Children

LyncView is intended for businesses and is not directed to anyone under 18. We do not knowingly collect personal information from children. If you believe a child has provided us data, contact us and we will delete it.

Changes to This Policy

We may update this policy from time to time. We will post the updated version on this page with a new "Last updated" date. Material changes will be communicated by email to active account holders.

Contact

Privacy questions: support@lyncview.com