Privacy

Privacy Policy

How Lomo AI, LLC collects, uses, and protects your information when you visit lomo.ai or use our services.

Effective April 29, 2026 · Last updated April 29, 2026

Lomo AI, LLC (“Lomo AI,” “we,” “our,” or “us”) respects your privacy. This Privacy Policy explains what information we collect when you visit lomo.ai or use our services, how we use it, who we share it with, and the rights you have over it.

By using the site, you agree to the terms of this Privacy Policy. If you do not agree, please do not use the site.

1. Information We Collect

Information you give us directly

When you fill out a form on lomo.ai or interact with our services, we collect:

  • Contact form: full name, work email, company name, role/title, company revenue range, employee count, your AI challenge description, and the topics you indicated interest in.
  • AI Readiness Assessment: your name, work email, company name, company website URL, your assessment responses (workflow / data / organization scores, identified bottleneck), revenue range, and timeline.
  • Email correspondence: any information you voluntarily include when you email us at hello@lomo.ai or legal@lomo.ai.
  • Calendar bookings: when you book a strategy call, scheduling is handled by Calendly under their own privacy policy.

Information collected automatically

  • Device and connection data: IP address, browser type, operating system, user agent, referring URL.
  • Usage data: pages viewed, links clicked, time spent on pages, scroll depth.
  • Cookies and similar technologies: see Section 7.
  • Marketing and attribution identifiers: Meta-issued cookies (_fbc, _fbp) and click IDs used to measure advertising effectiveness.

We do not knowingly collect government-issued IDs, financial account numbers, health information, biometrics, or precise geolocation. We do not collect data from anyone we know to be under 16 (see Section 10).

2. How We Use Your Information

  • Deliver our services — generate and send your AI Readiness Assessment results, respond to inquiries, and schedule strategy calls.
  • Improve the site — understand which content and pages drive engagement so we can make the experience better.
  • Marketing — measure the performance of advertising campaigns, retarget visitors with relevant content, and (if you opt in) send occasional updates.
  • Security and integrity — detect and prevent fraud, abuse, and misuse of the site and services.
  • Compliance — meet our legal, regulatory, and contractual obligations.

3. Legal Bases for Processing (EEA / UK)

If you are in the European Economic Area, the United Kingdom, or Switzerland, we process your personal data under one or more of the following legal bases:

  • Performance of a contract — delivering the services you request, such as your AI Readiness Assessment.
  • Legitimate interests — improving our site, ensuring security, and limited B2B marketing where it does not override your rights.
  • Consent — non-essential cookies, marketing emails, and any other processing that requires your specific opt-in. You can withdraw consent at any time.
  • Legal obligation — when we are required to process information under applicable law.

4. How We Share Your Information

We do not sellyour personal information for money. We share information only with service providers (“processors”) who help us operate, and only as necessary for the purposes described in this policy:

VendorPurposeData shared
SupabaseDatabase for form submissions and assessment dataForm fields, assessment responses
ResendTransactional and assessment-results emailEmail address, name, content of the email
VercelSite hosting and edge logsIP, user agent, request paths
CloudinaryImage and asset delivery (CDN)No personal data — static asset requests only
Google (GTM, GA4)Analytics and tag managementCookies, truncated IP, page-view events
Meta (Pixel + Conversions API)Ad measurement and retargetingCookies, IP, hashed email and name when provided
CalendlyStrategy-call schedulingEmail, name, scheduled time
Anthropic / OpenAIServer-side AI content generationNo end-user personal data is sent

We may also disclose information when we believe in good faith that disclosure is necessary to comply with the law, enforce our terms, or protect the rights, property, or safety of Lomo AI, our users, or others.

5. Data Retention

  • Form and assessment data: kept as long as it is necessary for the purpose collected, generally up to seven (7) years for tax, legal, and audit reasons. We delete sooner on request where there is no legal basis to retain.
  • Email logs: kept by Resend per their retention policy.
  • Analytics: subject to each platform’s retention (e.g., Google Analytics 4 default of 14 months).
  • Server access logs: short-term, typically up to 30 days, for security and debugging.

6. Security

We use industry-standard administrative, technical, and physical safeguards to protect your information, including encryption in transit (TLS) and encrypted storage with our database provider. No method of transmission or storage is 100% secure; we cannot guarantee absolute security.

7. Cookies and Tracking Technologies

We use the following categories of cookies:

  • Strictly necessary — required for the site to function (session, security). No consent required.
  • Analytics — Google Analytics 4 via Google Tag Manager. Helps us understand site usage in aggregate.
  • Marketing and advertising — Meta Pixel and related cookies (_fbc, _fbp) used to measure ad performance and retarget visitors.

Lomo AI uses Google Consent Mode v2. By default, ad storage and ad personalization are denieduntil consent is granted. You can also manage cookies through your browser’s settings, opt out of Google Analytics via the Google Analytics opt-out add-on, and adjust Meta ad preferences in your Meta account settings. Disabling certain cookies may impact site functionality.

8. Your Privacy Rights

For California Residents (CCPA / CPRA)

California residents have the following rights regarding their personal information:

  • Right to know what personal information we collect, the sources, the purposes, and the categories of third parties we share with.
  • Right to access a copy of your personal information.
  • Right to delete your personal information, subject to legal exceptions.
  • Right to correct inaccurate personal information.
  • Right to opt out of sale or sharing. We do not sell personal information for money. Some of our use of cookies (e.g., Meta Pixel) may be considered “sharing” for cross-context behavioral advertising; you can opt out via your browser cookie controls or by emailing us.
  • Right to limit use of sensitive personal information — we do not knowingly collect sensitive personal information as defined by the CCPA.
  • Right to non-discrimination for exercising any of these rights.

To exercise California rights, email legal@lomo.ai with the subject line “California Privacy Request.” We may need to verify your identity before responding.

For Residents of the EEA, UK, and Switzerland (GDPR)

You have the right to:

  • Access the personal data we hold about you.
  • Rectify inaccurate or incomplete data.
  • Erasedata (the “right to be forgotten”), subject to legal exceptions.
  • Restrict processing in certain circumstances.
  • Data portability — receive your data in a portable format.
  • Object to processing based on legitimate interests, including direct marketing.
  • Withdraw consent at any time, where processing is based on consent.
  • Lodge a complaint with your local supervisory authority.

To exercise GDPR rights, email legal@lomo.ai. We will respond within 30 days. If you remain unsatisfied, you may complain to your local data protection authority.

9. International Data Transfers

Lomo AI, LLC is based in the United States. If you are visiting from outside the United States, your information will be transferred to and processed in the United States and other countries where our service providers operate. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses or other lawful transfer mechanisms with our processors.

10. Children's Privacy

The site is intended for businesses and is not directed to children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with information, contact us at legal@lomo.ai and we will delete it.

11. Third-Party Sites and Services

Our site may link to third-party sites and services (for example, our Calendly scheduling page or external partner documentation). We are not responsible for the privacy practices of those sites. Review their privacy policies before providing information.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be reflected in the “Last updated” date at the top of this page. If changes materially affect how we use your information, we will provide additional notice where required by law.

13. Contact Us

For privacy questions or to exercise your rights, contact:

Lomo AI, LLC
3003 South Loop West
Suite 108
Houston, TX 77054
legal@lomo.ai