Privacy Policy
Effective Date: January 1, 2025 | Last Updated: January 1, 2025
1. Introduction
LuxCheck ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our luxury item authentication service.
Key Points
- We process images and personal data to provide authentication services
- We use AI technology and human experts to analyze your submissions
- We implement strong security measures to protect your data
- You have rights regarding your personal information
- We comply with applicable privacy laws including CCPA and GDPR
2. Information We Collect
2.1 Personal Information You Provide
Account Information
- • Name and email address
- • Account preferences
- • Communication settings
Payment Information
- • Billing details (via Stripe)
- • Transaction history
- • Refund records
2.2 Information We Collect Automatically
Biometric Data Notice
Images you upload may contain biometric identifiers (such as facial features or fingerprints). We process this data only as necessary for authentication services and with appropriate security measures.
- Technical Information: IP address, device type, browser information
- Image Metadata: Camera settings, upload timestamp, device information (EXIF data)
- AI Analysis Data: Quality scores, feature detection results, comparison data
- Usage Data: Page views, session duration, interaction patterns
3. How We Use Your Information
Authentication Services
- • AI image analysis
- • Expert human review
- • Certificate generation
- • Verdict notifications
Account Management
- • User account creation
- • Payment processing
- • Customer support
- • Service communications
Service Improvement
- • Platform optimization
- • AI model improvement
- • Security monitoring
- • Feature development
3.1 Legal Basis for Processing (GDPR)
- Contract Performance: Providing authentication services, processing payments
- Legitimate Interest: Fraud prevention, service improvement, customer support
- Legal Obligation: Compliance with financial regulations, legal requests
- Consent: Marketing communications, optional data collection
4. Information Sharing and Disclosure
4.1 We Share Information With:
Expert Authenticators
Images and descriptions for professional review
Service Providers
Clerk (auth), Stripe (payments), UploadThing (storage), Vercel (hosting)
Legal Requirements
Law enforcement, court orders, regulatory compliance
We Do NOT:
- • Sell your personal information to third parties
- • Share data for unauthorized marketing purposes
- • Transfer data without appropriate safeguards
5. Data Security and Protection
Technical Safeguards
- • Data encrypted in transit (TLS 1.3)
- • Data encrypted at rest (AES-256)
- • Multi-factor authentication
- • Regular security audits
Organizational Safeguards
- • Staff security training
- • Vendor risk management
- • Incident response procedures
- • SOC 2 certification (in progress)
6. Data Retention and Deletion
| Data Type | Retention Period | Purpose |
|---|---|---|
| Images | 2 years | Authentication service |
| Account Data | 7 years after closure | Business records |
| Payment Records | 7 years | Financial compliance |
| AI Analysis | 5 years | Audit trail |
7. Your Privacy Rights
Universal Rights
- • Access your personal data
- • Correct inaccurate information
- • Request data deletion
- • Data portability
- • Object to processing
California Residents (CCPA)
- • Know what data is collected
- • Delete personal information
- • Opt-out of data sales (we don't sell)
- • Non-discrimination protection
7.1 How to Exercise Your Rights
Email Request
privacy@firstauthentic.com
Account Settings
Manage preferences online
Response Time
30 days maximum
Do Not Sell My Personal Information
We do not sell personal information. This link is provided for California compliance.
8. Cookies and Tracking
Essential Cookies (Required)
Authentication, security, basic functionality
Analytics Cookies (Optional)
Google Analytics with privacy controls, usage metrics
Marketing Cookies (Optional)
Advertising effectiveness, personalization
You can manage cookie preferences through your browser settings or our cookie preference center.
9. Contact Information
Privacy Questions
privacy@firstauthentic.com
Response: 5 business days
General Support
support@firstauthentic.com
Help Center available
Legal Matters
legal@firstauthentic.com
Business inquiries
10. Third-Party Services
Authentication & Storage
- • Clerk: User authentication
- • UploadThing: Secure file storage
- • Vercel: Platform hosting
Payments & AI
- • Stripe: Payment processing
- • Replicate: AI image analysis
- • Google Analytics: Usage metrics
Last Updated: January 1, 2025 | Version: 1.0
This Privacy Policy is designed to comply with GDPR, CCPA, and other applicable privacy laws. For questions, contact privacy@firstauthentic.com.