Privacy Policy
Last updated: June 18, 2026
This policy is issued by LakeLogic, Ltd. ("LakeLogic", "we", "us"), the data controller, a company registered in England & Wales (Company No. 17181411), 71–75 Shelton Street, Covent Garden, London WC2H 9JQ.
🛡️ LakeLogic (Open Source): Runs entirely on YOUR infrastructure. Zero data collection. Zero telemetry. 100% local processing.
☁️ LakeLogic Cloud (SaaS): We collect minimal metadata to provide the service. We only parse metadata (table names, schemas) — never your actual data rows. You control it. We never sell it.
1. Information We Collect
🛡️ LakeLogic (Open Source) - ZERO Data Collection
LakeLogic runs entirely on your infrastructure. It does NOT send any data to us. No telemetry. No analytics. No "phone home" functionality. 100% local processing.
☁️ LakeLogic Cloud (SaaS Platform) - What We Collect:
Metadata Only (LakeLogic Cloud SaaS): We collect and process metadata about your data assets, including:
- Table names, column names, and schema definitions
- SQL queries and transformation logic
- Data lineage and dependencies
- Pipeline run logs and quarantine metadata (counts, rule names — never row values)
- Repository structure and file paths
We NEVER collect or store:
- Actual data values (row-level data)
- Customer data, PII, or sensitive business information
- Database credentials or connection strings (stored encrypted if provided)
Account Information (LakeLogic Cloud SaaS): When you register, we collect:
- Email address
- Name and company name
- Billing information (processed securely via Stripe)
Usage Information: Standard log and device data (IP address, browser type, pages visited) and product-analytics events, as described in "Cookies & Tracking" below.
2. How We Use Your Information
We use collected information to:
- Generate data lineage maps and documentation
- Provide AI-powered contract generation and incident resolution (Zeus)
- Analyze schema changes and detect breaking changes
- Improve our service and develop new features
- Send important service updates and notifications
We do NOT sell, rent, or share your data with third parties for marketing purposes.
3. Legal Bases for Processing
Where the UK GDPR / EU GDPR applies, we process personal data on these bases:
- Performance of a contract: to provide LakeLogic Cloud to you and your organization.
- Legitimate interests: to secure, operate, and improve the service, and for limited product analytics — balanced against your rights.
- Consent: for non-essential cookies/analytics and optional marketing emails. You may withdraw consent at any time.
- Legal obligation: to meet tax, accounting, and other statutory requirements (e.g. retaining billing records).
4. Data Security
We implement industry-standard security measures:
- Encryption: Data is encrypted in transit (TLS) and at rest (AES-256)
- SOC 2 alignment: Our controls are designed to SOC 2 standards; a formal SOC 2 Type II audit is in progress
- Access Controls: Role-based access with support for multi-factor authentication
- Backups: Automated backups with defined retention
- Infrastructure: Hosted on Microsoft Azure (UK/EU regions) with enterprise-grade security
5. International Data Transfers
We host LakeLogic Cloud in Microsoft Azure UK/EU regions. Some of our sub-processors (e.g. payments, analytics, email, and AI model providers) may process data outside the UK/EEA.
Where personal data is transferred internationally, we rely on appropriate safeguards — such as the UK International Data Transfer Agreement / Addendum, EU Standard Contractual Clauses, or an adequacy decision — to ensure your data remains protected.
6. Your Rights (GDPR & CCPA)
You have the right to:
- Access: Request a copy of all data we have about you
- Rectification: Correct inaccurate or incomplete data
- Erasure: Request deletion of your account and all associated data
- Portability: Export your data in machine-readable format
- Objection / Restriction: Object to or restrict certain processing
- Withdraw consent: Where processing is based on consent, withdraw it at any time
To exercise these rights, contact us at privacy@lakelogic.io.
Right to complain: If you are in the UK, you may lodge a complaint with the Information Commissioner's Office (ICO). EU residents may complain to their local supervisory authority. We'd appreciate the chance to address your concerns first.
7. Data Retention
We retain your data for as long as your account is active. Upon account deletion:
- Metadata is deleted within 30 days
- Backups are purged within 90 days
- Billing records are retained for 7 years (legal requirement)
8. Cookies & Tracking
We use cookies and similar technologies for:
- Essential: Authentication and session management (required)
- Analytics: Google Analytics 4 (GA4), which sets cookies to measure aggregate, site-wide usage. You can opt out at any time via the cookie preferences ("Reject all" / Customize) shown on your first visit.
We do NOT use advertising or cross-site tracking cookies.
9. Third-Party Services & Sub-Processors
We rely on the following trusted sub-processors to deliver LakeLogic Cloud:
- Microsoft Azure: Cloud infrastructure hosting (UK/EU regions)
- Stripe: Payment processing (PCI DSS compliant)
- Google Analytics: Aggregate product/website analytics
- Cloudflare Turnstile: Bot protection on sign-up forms
- AI model provider(s): To power Zeus and AI features — only metadata context is sent, never your row-level data
- Transactional email provider: Account and service emails
Each sub-processor operates under its own privacy and security commitments and processes data only as needed to provide its function. A current list is available on request.
10. Children's Privacy
LakeLogic is a business tool not directed to children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it.
11. Automated Decision-Making & AI
Our AI features (Zeus) analyze your metadata to suggest contracts, diagnose incidents, and surface insights. These are decision-support tools — they do not make decisions producing legal or similarly significant effects about you without human involvement. We do not use your data to train third-party foundation models.
12. Changes to This Policy
We may update this policy periodically. We'll notify you of significant changes via email and display a notice in the app, and update the "Last updated" date above.
Contact Us
Data Controller: LakeLogic, Ltd., 71–75 Shelton Street, Covent Garden, London WC2H 9JQ (Company No. 17181411)
Privacy enquiries: privacy@lakelogic.io