Welcome to Lashr.
Lashr has designated a Data Protection Officer and they can be reached by emailing DPO@getlashr.com
What information does Lashr process?
Lashr is a meeting place for adults over 18 years, and we provide that service by operating a social network site offering users the opportunity to connect to our global community of users. By joining Lashr, you enter a legal agreement with us and we process your data in order to provide your service under the terms of that agreement. You can only become a member of Lashr or use its features if you’re aged 18 years or over. To join the Lashr network you will have to complete our online registration form, where we may ask you to provide us with information about you such as your name, your gender, your date of birth, your occupation, your location details and what services you are looking to offer on Lashr.
You have the opportunity to provide other details about yourself. Because you control your user profile, these details are available to you at any time by accessing your “Profile” page, which gives you the chance to correct or update your information (other than your gender, age, ...) at any time by just logging in to Lashr. You can contact Lashr’s Customer Support Team at Feedback Page to change the gender or age on your profile.
Where you do upload and choose to tell us sensitive data about yourself, you are explicitly consenting to our processing your information.
For safety and security and to ensure you have the best possible user experience, we require users to verify their accounts and might ask for your phone number. We want to make sure you are not a robot! And we also want to avoid fake Lashr accounts being created which can be used for malicious activities and cyber crime – they threaten the Lashr network and spoil things for everyone.
It is your responsibility to ensure that your account details are kept up to date. If your location changes, please ensure that you update this in your account.
To prevent abuse of the app/site, Lashr uses automated decisions to block accounts as part of its anti-spam procedures. In order to do this, our systems check accounts and messages for content that indicates breaches of our Terms and Conditions of Use. If an account or message meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached, the relevant account will automatically be blocked. All users of accounts that have been blocked will be notified that their account has been blocked and affected users can contact Lashr to contest the decision.
Lashr also uses automated decisions to prevent fraudulent payment transactions being processed as part of its anti-fraud procedures. In order to do this, our systems check payment transactions for behavior that indicates breaches of our Terms and Conditions of Use. If a transaction meets certain criteria that demonstrate that the Terms and Conditions of Use are likely to have been breached and the transaction is likely to be fraudulent, the relevant transaction may automatically be blocked. Where a transaction is blocked, the user will be notified that their transaction cannot be processed and affected users can contact Lashr to contest the decision.
Please note that if your account is blocked, any account(s) that you have on our other group platforms/applications may also be blocked as part of our anti-spam and anti-fraud procedures.
If you decide to book any of the available services offered by Foxen’s on Lashr we will process your payment information and retain this securely for the prevention of fraud and for audit/tax purposes.
Finally, we want to keep in touch with you to make sure you know about any great promotions and offers we may have available. If you’ve told us it’s OK, we will use your email address and phone number to send you information on these. You can withdraw this consent at any time via Settings in the app or website.
What does Lashr collect about me if I use the mobile App?
A. Identifiers, such as name and location;
B. Personal information, as defined in the California customer records law, such as contact (including email and telephone number) and financial information;
C. Commercial information, such as transaction information and purchase history;
D Internet or network activity information, such as browsing history and interactions with our websites and apps;
E. Geolocation data, such as mobile device location;
F. Audio, electronic, visual and similar information, such as photos and videos;
G. Inferences drawn from any of the personal information listed above to create a profile
or summary about, for example, an individual’s preferences and characteristics.
What is the legal basis that allows Lashr to use my data?
We are only permitted to use your data when we have a lawful basis to do so. The table below provides an overview of the legal bases that Lashr relies on to use your data. Where the legal basis is consent, you can withdraw consent at any time. Where the legal basis is legitimate interests, you have a right to object to our use of your data. We explain in the relevant sections in this privacy notice how you can withdraw consent or opt-out of certain data uses (where applicable).
Purpose for which data is used:
To provide you with the Lashr social networking service: Name, email address, date of birth, location (CCPA Categories A and B)You provide your name, email address and date of birth to us. We obtain location data from the device that you use to access the serviceContractual necessityTo facilitate networking opportunities on the Lashr siteOptional information that you choose to provide in your profile, which may include information about your sexual preferences, religion, ethnic background, photos etc. (CCPA Categories C, H, I, J) You provide this information to us. Consent. To verify your identity and prevent fraud and to ensure the safety and security of users Phone number (CCPA Category B)You provide this information to us - Legitimate interests – it is in our legitimate interests to ensure that accounts are not set up fraudulently and to safeguard users of the site. To take payment for premium services Payment card details (CCPA Categories B and D) You provide this information to us. - Contractual necessity and legitimate interests – we need card details to receive the payment due under our contract with you (where applicable) and we have a legitimate interest in using this data for fraud prevention purposes. To send you marketing information about our offers and servicesEmail address and cell phone number (CCPA Category B). You provide this information to us. - Legitimate interests – it is in our legitimate interests to promote our products and servicesTo show “nearby” location information to you and other users of the site. Wifi access points and location data when you use the mobile app (CCPA Category G). We obtain this information from the device that you use to access the serviceLegitimate interests – it is in our legitimate interests to provide this functionality as part of the service. To carry out analysis to help us improve the appLog and usage data, including IP address, browser type, referring domain, pages accessed, mobile carrier and search terms (CCPA Category F). We obtain this information from your interaction with our service. - Legitimate interests – it is in our interests to analyze the way in which users are accessing and using our services so that we can further develop the app and improve the service. To respond to correspondence and queries that you submit to usEmail address and IP address (CCPA Categories B and F). You provide your email address to us when you contact us and we obtain your IP address from the device that you use to contact usLegitimate interests – it is in our legitimate interests to respond to your queries to ensure that we provide a good service to users and troubleshoot problems. To block accounts as part of our anti-spam proceduresEmail address, phone number, IP address and IP session information, username, user agent string (CCPA Categories B and F). You provide your email address, phone number and username to us. We obtain the other information from the device that you use to access the service. - Legitimate interests – it is in our legitimate interests to prevent unauthorized behavior and to maintain the safety and security of our servicesTo block payment transactions as part of our anti-fraud proceduresName, IP address, email address, cell phone number, cardholder name, payments received, type of payment, user ID, country (CCPA Categories, A, B, and D). You provide your name, email address, phone number and card details to us. We obtain your IP address from the device that you use to contact us. We obtain your payment information from your interactions with our serviceLegitimate interests – it is in our legitimate interests to prevent fraudulent transactions and to maintain the security of our services
How long will Lashr keep my data?
We keep your personal information only as long as we need it for legitimate business purposes (as set out above) and as permitted by applicable law. In practice, we delete or anonymize your information upon deletion of your account (following the safety retention window), unless:
- we must keep it to comply with applicable law (for instance, some “traffic data” is kept for one year to comply with statutory data retention obligations);
- the information must be kept for our legitimate business interests, such as fraud prevention and enhancing users' safety and security. For example, information may need to be kept to prevent a user who was banned for unsafe behavior or security incidents from opening a new account.
Where Lashr uses machine learning, for example, to help us detect and prevent fraudulent card transactions, and to detect and prevent spam communications on the app (as explained above), we may need to keep personal information for a longer period than the retention periods explained above, to enable the machine learning to work properly. Where this is the case, we always seek to minimize the amount of personal information that is used and we ensure that it is ring-fenced and kept securely from other user personal information. We regularly review the period for which personal information is required for machine learning purposes and delete any identifiable information when it is no longer required.
What information does Lashr collect about me if I’m under 18?
Lashr does not knowingly collect any information about or market to children, minors or anyone under the age of majority, and it is only available to people aged 18 years or more. If we become aware that a child, minor or anyone under the age of 18 has registered with us and provided us with personal data, we will take steps to terminate that person’s registration and delete their Profile information from Lashr. If we do delete a Profile because you violated our age restriction rules, we may retain your email and IP address to ensure that you do not try to get around our rules by creating a new Profile.
Who does Lashr share information with?
We may share aggregated information that includes your personal data (but which doesn’t identify you directly), together with other information including log data with third parties for industry analysis and demographic profiling. We share your data with the following categories of third-parties: Third partyDisclosed dataInformation technology companies (hardware and software) which provide services to support our productsThis could include all data, including all CCPA Categories listed aboveFraud prevention and anti-spam providers to protect the service from criminal activityTransaction and payment data (CCPA Categories B and D)Moderators to monitor activity on the site/apps and approve contentName and user registration details, profile information, content of messages and photographs (CCPA Categories A, B, C, E, and H)Law enforcement agencies, where we are required to by law or to protect the vital interests of a personThis could include any personal data that Lashr holds about you, depending on the nature of the request or the issue that we are dealing with, including all CCPA Categories listed abovePayment processing and telecommunications companies to facilitate payments for our premium servicesCardholder name, cardholder address, card number, payment amount, transaction date/time (CCPA Categories A, B, and D)In the event that Lashr or any of its affiliates undergoes a business transition or change of ownership, such as a merger, acquisition by another company, re-organization, or sale of all or a portion of its assets, or in the event of insolvency or administration, we may be required to disclose your personal data to a purchaser of all or part of the business or to an insolvency practitionerThis could include all personal data that Lashr holds about you, including all CCPA Categories listed aboveYour data may be shared with other Lashr group companies, for example, to block accounts and suspected fraudulent payment transactions as part of our anti-spam and anti-fraud procedures.This could include CCPA Categories A, B, D and F. We ensure these parties must adhere to strict data protection and confidentiality provisions that are consistent with this Policy. Measures are taken to ensure that the data shared is non-attributable to the greatest extent possible. Lashr does not sell your data and has not sold your personal data in the previous 12 months.
Under UK and EU law, you have the right to lodge a complaint with data protection regulators. Lashr has its main office in the UK and the Information Commissioners’ Office (ICO) is our lead regulator. You can find out how to raise a concern with the ICO by visiting their website at www.ico.org.uk. If you’re within the EU, you may also get in touch with your local Data Protection Regulator who may liaise with the ICO on your behalf. You have a number of rights under European Data Protection law if you are an EU citizen.
Right to be informed: what personal data an organization is
processing and why (we provide this information to you in this
Right of access: you can request a copy of your data.
Right of rectification: if the data held is inaccurate, you have the right to have it corrected.
Right to erasure: you have the right to have your data deleted in certain circumstances.
Right to restrict processing: in limited circumstances, you have the right to request that processing is stopped but the data retained.
Right to data portability: you can request a copy of your data in a machine-readable form that can be transferred to another provider.
Right to object: in certain circumstances (including where data is processed on the basis of legitimate interests or for the purposes of marketing) you may object to that processing.
Rights related to automated decision making including profiling: there are several rights in this area where processing carried out on a solely automated basis results in a decision which has legal or significant effects for the individual. In these circumstances your rights include the right to ensure that there is human intervention in the decision-making process.
If you want to exercise any of your rights listed above please visit our Feedback Page or email us at DPO@getlashr.com.
For users who are California residents, you also have the following rights (in addition to those listed above) under the California Consumer Privacy Act, and you have the right to be free from unlawful discrimination for exercising your rights under the Act:
You have the right to request that we disclose certain information to you and explain how we have collected, used and shared your personal information over the past 12 months.
You have the right to request that we delete your personal information that we collected from you, subject to certain exceptions.
If you want to exercise any of your rights listed above please visit our Feedback Page or email us at DPO@getlashr.com.
How does Lashr protect my personal data?
Lashr has implemented appropriate security measures to protect and prevent the loss, misuse, and alteration of the information under our control, including your personal data. Our technical experts at Lashr work hard to ensure your secure use of our site. While we take reasonable precautions against possible security breaches of our website, member database and records, no website or internet transmission is completely secure and we cannot guarantee that unauthorized access, hacking, data loss, or other breaches will never occur. We urge you to take steps to keep your personal data safe (including your password) .
If you lose your password or give it out, or another service provider that you use suffers a data breach and you have used the same credentials with that service provider as you have with Lashr, your personal data may be compromised. If that happens, please report it to Support via our Support Section.
Where is my personal data kept?
We want you to be able to access Lashr wherever you happen to be in the world. To enable us to provide that service, we operate a global network of servers including in the US, Hong Kong, Czech Republic and Russia. The hardware is located in third-party data centres but is owned by Lashr. We ensure that the data is adequately protected by ensuring that valid, legal mechanisms are in place such as: EU approved model clauses; US privacy shield certification; and implementing robust contractual standards. If you want more information relating to the nature of the safeguards we have in place please email DPO@getlashr.com.
Does Lashr collect any other personal data about me?
If you contact our Customer Support team via our Feedback Page, we will receive your email address, and may track your IP address as well as the information you send to us to help resolve your query. We will keep records of our communications with you, including any complaints that we receive from you about other users (and from other users about you) for 6 years after deletion of your account.
Does Lashr use my personal data for any other purpose?
We may use your personal data to resolve disputes, troubleshoot problems and enforce our Terms and Conditions of Use.
We collect information by placing cookies on your computer or mobile. A cookie is a piece of text stored on your computer or mobile by your web browser. They are basically a tool that stores information about website visits, recognizes you and your preferences each time you visit Lashr, and ensures site functionality and enables us to provide the services our members request. When you visit the publicly available sections of Lashr, a session ID cookie is placed on your computer that only lasts while you’re visiting. We also place persistent cookies (also known as local storage devices) on members’ computers, so that Lashr remembers them and makes their login experience faster and easier. We may use persistent tracking cookies on your mobile device, mainly for security protection purposes, such as to prevent phishers, scammers, unauthorised log in attempts, and to help you access your hacked account. We do not use any information whilst you are logged off. You may set your browser and your mobile settings to block cookies and local storage devices, but if you do so, you may not be able to access the features that Lashr offers.
cookies related to the performance of Lashr’s site, such as analytics that help us determine how our site is performing and ensuring a smooth and trouble free experience for our members and visitors;
cookies related to the functionality of Lashr’s site, such as remembering your preferences at log in or your preferred language or allowing you to chat, add photos and instant message Lashr members; and third party cookies which link to other social networks and which you request via social plugins.
We may use persistent cookies, which will help us to ensure we have identified the same device is logging into the correct account. These types of cookies also help with our anti- spam measures and may help us to prevent phishers, scammers, unauthorised log-in attempts to your account and accessing any hacked accounts.
These cookies and local storage devices provide the functionality that Lashr users enjoy, such as uploading of photographs, chats, instant messaging, your account settings and your request to have Lashr as your homepage or your search preference. In some cases, the site feature you choose may allow a third party to place cookies or local storage devices on your computer. The third party who places cookies on your device is responsible for how they process their data and Lashr recommends that you read their privacy policies.
Performance: We need to use certain cookies and local storage devices to ensure our members have the best possible experience, such as assisting with your navigation of our site, ensuring pages load up quickly and respond faster to your requests for Lashr services.