logologo

Discover
Calendar
News
My List
Discover
Calendar
News
My List
Discover
Calendar
News
My List
Discover
Calendar
News
My List

    Privacy Policy - Looking Forward To (LFT)

    Effective Date: January 15, 2025
    Last Updated: January 15, 2025

    Introduction

    This privacy policy applies to the Looking Forward To (LFT) web application and services (hereinafter referred to as "Service", "Application", or "LFT") operated by Slowdown Digital LLC (hereinafter referred to as "we", "us", "our", or "Service Provider"). This service is provided "AS IS".

    By using our Service, you agree to the collection and use of information in accordance with this policy.

    Information We Collect

    Personal Information You Provide

    Account Registration:

    • Full name
    • Username (unique identifier)
    • Email address
    • Password (encrypted and hashed)
    • Biography (optional)
    • Profile picture/avatar (optional)

    Profile Settings:

    • Public or private profile preference
    • Display preferences (grid size, card size, countdown format)
    • Notification preferences (email notifications, reminder settings)
    • Event viewing preferences (show past events, news feed selections)

    Event Data:

    • Custom events you create
    • Events you follow
    • Event images and descriptions you upload
    • Pinned events

    Contact Information:

    When you contact us through our contact form, we collect your name, email address, subject, and message content.

    Information We Collect Automatically

    Technical Information:

    • IP address (for security, rate limiting, and admin access control)
    • Browser type and version
    • Device type and operating system
    • Session data and cookies
    • Usage patterns and interactions with the Service

    Authentication Data:

    • Login timestamps and authentication methods used
    • Session tokens and refresh tokens
    • Failed login attempts for security purposes

    Third-Party Authentication Information

    Google Sign-In:

    When you choose to sign in with Google, we collect:

    • Email address (used as account identifier)
    • Full name
    • Profile picture URL
    • Google account ID

    Apple Sign-In:

    When you choose to sign in with Apple, we collect:

    • Email address (real or private relay)
    • Full name (if provided)
    • Apple account identifier

    How We Use Your Information

    We use the collected information for the following purposes:

    Core Service Functionality:

    • Create and manage your LFT account
    • Provide personalized event tracking and countdown features
    • Sync your data across devices and sessions
    • Enable event creation, sharing, and management

    Communication:

    • Send account verification emails
    • Send notification emails for followed events
    • Respond to your contact form submissions
    • Send important service updates and security notifications

    Third-Party Services We Use

    Essential Service Providers:

    • DigitalOcean Spaces - File storage and CDN for user-uploaded images
    • MongoDB Atlas - Database hosting for user data and application data
    • Resend API - Email delivery service for notifications and verification
    • Stripe - Payment processing for premium subscriptions
    • Apple App Store - Subscription management for Apple users

    Analytics and Performance:

    • Plausible Analytics - Privacy-focused web analytics (no personal data tracking)

    Authentication Services:

    • Google OAuth - For "Sign in with Google" functionality
    • Apple Sign-in - For "Sign in with Apple" functionality
    • Firebase Cloud Messaging - For push notifications (with permission)

    Google Calendar Sync

    For the optional "Google Calendar Sync" feature: if you choose to use this, you will be asked to authenticate directly with Google and grant the Application permission to access your Google Calendar. We specifically request the https://www.googleapis.com/auth/calendar.events scope. This permission allows the Application to:

    • Create new events: The Application will create events in your primary Google Calendar based on the LFT events you select for syncing.
    • View and Update events created by LFT: To keep synced events up to date, the Application may access and update events it previously created.
    • Read event data (for events created by LFT): When updating an event, we access its details to ensure consistency.

    The Application does not read or access any Google Calendar events other than those it has created. You can manage or revoke the Application's access to your Google Calendar at any time through your Google Account settings.

    Data Storage and Security

    Security Measures

    • Passwords encrypted using industry-standard bcrypt hashing
    • JWT tokens for secure session management
    • HTTPS encryption for all data transmission
    • Rate limiting to prevent abuse and attacks
    • IP-based access controls for administrative functions
    • Regular security monitoring and updates

    Data Retention

    • Account Data: Retained as long as your account is active
    • Inactive Accounts: May be deleted after 2 years of inactivity (with 30-day notice)
    • Authentication Logs: Retained for 90 days for security purposes
    • Analytics Data: Aggregated, anonymized data retained indefinitely

    Cookies and Local Storage

    Cookies We Use

    • Authentication Cookies: HTTP-only, secure cookies for login sessions (30-day expiry)
    • Security Cookies: CSRF protection and session security

    Browser Storage

    • localStorage: User preferences, session data, and offline functionality
    • sessionStorage: Temporary session information

    You can control cookie settings through your browser preferences.

    Your Rights and Choices

    Account Management

    • Access: View and download your personal data through your account settings
    • Update: Modify your profile information, preferences, and settings
    • Delete: Request account deletion through your account settings or by contacting us
    • Export: Download your event data and account information

    Communication Preferences

    • Email Notifications: Manage notification preferences in your account settings
    • Marketing Communications: Opt-out through account settings or email unsubscribe links

    Children's Privacy

    Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately so we can delete such information.

    Changes to This Privacy Policy

    We may update our Privacy Policy from time to time. We will notify you of any changes by:

    • Updating the "Last Updated" date at the top of this Privacy Policy
    • Sending you an email notification for significant changes
    • Displaying a prominent notice on our Service

    Your continued use of the Service after changes become effective constitutes acceptance of the revised Privacy Policy.

    Contact Us

    If you have any questions about this Privacy Policy, please contact us:

    • Email: [email protected]
    • Contact Form: Available through our website
    • Mail: Slowdown Digital LLC

    Additional Information

    California Privacy Rights (CCPA)

    California residents have specific rights regarding their personal information. Please contact us for details about exercising these rights.

    European Union Rights (GDPR)

    EU residents have rights under GDPR including access, rectification, erasure, and portability of personal data. Contact us to exercise these rights.

    Do Not Track

    Our Service does not respond to Do Not Track signals. However, we use privacy-focused analytics that do not track individual users across websites.

    lft - looking forward to by Slowdown Digital

    Feedback

    Sign in
    Sign up

    Contact

    FAQ

    Privacy

    ToS

    Pricing