Legal
Privacy Policy
Last updated: March 17, 2026
This policy explains what information Love.ooo collects, how we use it, and the choices you have when you use the service.
Information We Collect
We collect information you provide directly, such as your name, email address, login details, support messages, and the content you create for your pages, including uploaded images. If you sign in through a third-party authentication provider, we also receive the profile information needed to authenticate your account, including profile photos when available. If you upload a custom avatar from your dashboard, we store that image so it can appear across your account experience.
How We Use Information
We use your information to provide the service, authenticate logins, host your pages, send account emails such as verification or password reset messages, respond to support requests, prevent abuse, and improve reliability and security.
Google User Data
When you choose Google Sign-In or connect your Google account to Love.ooo, we request access only to the Google profile and email scopes. The sections below explain exactly what Google user data we access and how we handle it.
Data Accessed
From Google, Love.ooo may access your Google account identifier, primary email address, email verification status, display name, and profile photo URL. We do not request access to anything else.
Data Usage
We use Google user data to sign you in, create or link your Love.ooo account, verify that the Google email used for sign-in is verified, remember which Google account is connected to your Love.ooo profile, and show your Google profile photo as your account avatar. Love.ooo does not use Google user data for advertising, and it does not store Google OAuth access tokens or refresh tokens after authentication completes.
Data Sharing
We do not sell Google user data. We may share Google user data only when disclosure is required by law or necessary to protect users, the service, or our rights.
Data Storage & Protection
Love.ooo stores linked Google account details such as your provider user ID, email address, and profile photo URL in our application database so your account can be authenticated and linked consistently. Session and OAuth flow cookies are marked HttpOnly and SameSite=Lax, and authenticated session cookies are marked Secure in production. We use reasonable technical and administrative safeguards to protect stored data against unauthorized access, alteration, or misuse.
Data Retention & Deletion
We retain Google-linked account data for as long as it is needed to provide your Love.ooo account, maintain security, comply with legal obligations, and resolve disputes. You can disconnect Google from your account from the dashboard if another login method is available, and you can request deletion of your account or associated Google user data through the contact page. After verifying the request, we will remove or de-identify the relevant data unless we are legally required to keep it.
Public and Private Content
If you publish a public page, anyone with the link may be able to view it. If you choose a private page, access is restricted by password, but the content is still stored and processed on our systems so the feature can work.
Sharing Information
We do not sell your personal information. We may share data with service providers that help us run Love.ooo, such as hosting, authentication, email, and infrastructure vendors. We may also disclose information when required by law or to protect users, our service, or our rights.
Cookies, Sessions, and Security
We use cookies, session tokens, and similar technical measures to keep you signed in, secure accounts, and operate the site. We use reasonable safeguards, but no method of storage or transmission over the internet is completely secure.
Retention and Your Choices
We keep information for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce our terms. You can edit or delete page content from your account, and you can contact us if you need help with access, correction, or deletion requests.
GDPR Rights
Under the GDPR, you have the right to be informed about how your personal data is processed, access your personal data, correct inaccurate information, request erasure, restrict processing, receive certain data in a portable format, and object to certain types of processing. You may also have the right not to be subject to decisions based solely on automated processing.
To exercise these rights, use the contact page. We may need to verify your identity before acting on a request. If you believe your rights have been violated, you may also lodge a complaint with your local data protection authority.
Contact and Updates
Questions about privacy can be sent through the contact page. We may update this policy from time to time, and the latest version will always be posted here with a revised effective date.