layzivo logo layzivo

Data Trust & Privacy Framework

We view privacy not as a compliance checkbox, but as the foundation of a functional studio relationship. This document outlines exactly what data we touch, why we touch it, and how we protect the boundaries between your business and the wider web. No vague terms, no hidden third-party pipelines.

The Core Principle

We collect only what serves the project. If a piece of information doesn't directly support communication, delivery, or payment, it doesn't belong in our systems. This policy applies to all data collected via layzivo.cc, email correspondence, and project management tools used during collaboration.

Collection Criteria

Data we intentionally gather falls into three specific buckets. Each serves a documented function in our engagement model.

  • Identity & Contact: Name, email, phone. Used for contracts, invoices, and direct project communication.
  • Project Assets: Brand guidelines, content, technical specs. Treated as confidential client property.
  • Technical Signals: Basic server logs (IP, user agent) for security and error diagnosis only.

The Trade-Off

This approach maximizes security and project focus by eliminating data bloat. However, it means we do not support:

  • Personalized marketing profiles
  • Behavioral tracking cookies
  • Third-party analytics selling data

Operational Realities & Guardrails

Constraint

Local Hosting. Data stays on servers compliant with Colombian digital commerce regulations. No cross-border transfers without explicit consent.

Common Privacy Mistakes We Avoid

The "Analytics" Trap Installing generic scripts that harvest user data for "insights" we never review. We skip them entirely.
The "Contact" Leak Email addresses exposed in newsletter signup forms. We use direct email correspondence only.
The "GDPR" Assumption Assuming EU law applies globally without nuance. We treat all data with GDPR-level care, but respect local Colombian law first.

Assumptions & What Changes Our Mind

We operate on a baseline of minimal data retention. We assume:

  • You want direct, human-to-human communication (no ticketing systems).
  • Project files are deleted 30 days after final delivery unless otherwise agreed.
  • Server logs are rotated weekly and never reviewed for marketing purposes.

Scenario Triggers

This stance changes only if specific scenarios arise:

1 Client requests a third-party tool integration (e.g., specific CRM or CMS).
2 Legal obligation requires retention for tax or liability purposes.
3 Explicit consent for a case study or portfolio showcase.

The Bottom Line

Your data is a tool to get the work done right—it is never the product. If you have questions about how specific information is handled, we document everything and are happy to explain the "why" behind any request.

layzivo Carrera 11 #79-35, Bogotá, Colombia
+57 601 489 9800 · [email protected]
Mon–Fri: 9:00–18:00
Contact for Clarification

Related Policies

Cookie Policy | Terms of Service | Contact layzivo