1. Scope & Applicability
This Privacy Policy applies to all products, software applications, mobile apps, SaaS platforms, IoT devices, CCTV solutions, and professional services developed or operated by LYNX TECH & MEDIA LIMITED. Whether you are a client, end-user, website visitor, or partner, this Policy governs how we handle your data.
Custom Software
Mobile Apps
Cloud Platforms
IoT Devices
Surveillance AI
Analytics Suites
2. Information We Collect
- Identifiers: Name, email, phone, billing address, government IDs (for regulated industries).
- Account Credentials: Usernames, hashed passwords, MFA tokens, API keys (encrypted).
- Usage & Telemetry: Log data, feature interactions, performance metrics.
- Device Data: IP addresses, MAC addresses, device fingerprints, geolocation (with consent).
- Content: Support chats, uploaded files, surveillance footage (CCTV systems).
3. Lawful Basis for Processing
- Contractual Necessity: To deliver services you requested.
- Legitimate Interests: Security, fraud prevention, analytics, direct marketing (opt-out available).
- Legal Compliance: KYC, tax reporting, breach notifications.
- Consent: For marketing cookies, sensitive data processing — revocable anytime.
For enterprise clients, we act as a data processor under their instructions. For our direct products, we are the data controller.
4. Data Sharing & Subprocessors
We never sell your personal data. We share only:
- With trusted subprocessors (AWS, Azure, Google Cloud, CRM tools) bound by DPAs and SCCs.
- When required by law or to enforce our rights.
- In the event of a merger or acquisition, with continued protection.
5. Security & Incident Response
We implement AES-256 encryption at rest, TLS 1.3 in transit, HSM key management, 24/7 SOC monitoring, quarterly penetration tests, and mandatory MFA. Breach notifications within 72 hours.
6. Your Privacy Rights
- Right to Access, Rectification, Erasure, Restriction, Objection, Portability.
- Right to withdraw consent anytime.
- To exercise rights: privacy@lynxtechmedia.com. Response within 30 days.
7. Cookies & Tracking
We use necessary, analytics, functional, and marketing cookies (with consent). Manage via cookie consent manager or browser settings.
8. Data Retention
We retain data only as long as necessary: for the duration of your contract, legal requirements (e.g., 7 years for financial records), or pending litigation. After that, data is securely deleted or anonymized.
9. AI & Automated Decision-Making
Our AI products include human oversight, anonymized training data, and the right to explanation for significant automated decisions. Compliant with EU AI Act.
10. International Data Transfers
We use EU Standard Contractual Clauses, UK Addendum, and Transfer Impact Assessments for cross-border data transfers.