Levora LogoLevora
Privacy Policy

Privacy Policy

Last Updated: 05 February 2026

Levora ("we", "us", "our") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, share and protect your personal data in line with the UK General Data Protection Regulation (UK GDPR) and other applicable UK data protection laws.

This Privacy Policy applies to the Levora marketing website and the Levora application (together, the “Service”). Where the website and app differ, we explain this below.

1. Who we are

Levora provides a productivity and life management service that allows you to create and manage personal information such as goals, routines, tasks, journal entries, wellness/health-related logs and financial/spending logs.

If you have any questions about this policy or want to exercise your rights, you can contact us at contact@levoraapp.com.

2. Personal data we collect

We may collect and process the following categories of personal data:

  • Account information: When you sign up, we collect your name and email address. Your password is handled securely by our authentication provider and is not visible to us.
  • User-generated content: The Service allows you to create, store and manage information you choose to enter, such as goals, routines, tasks, journal entries, wellness/health logs and financial logs. This information may be personal and, depending on what you enter, may be sensitive in nature. You control what you submit.
  • Payment information: If you purchase a subscription or other paid service, payments are processed by our payment provider, Stripe. We do not store or have access to your full payment card details. Stripe may process your card details, billing address and other information needed for the transaction. We receive limited information from Stripe, such as confirmation of payment, subscription status, and the last four digits of your card.
  • Support and communications: If you contact us (for example, via a contact form or email), we collect your name, email address and the contents of your message. We may also keep records of support interactions for quality and troubleshooting purposes.
  • Usage, diagnostics and device information: To operate and secure the Service, we may collect basic technical information such as device type, browser, operating system and error logs. To help improve the Service, we may also use analytics and diagnostic tools to understand how it is used (for example, feature usage and navigation events). This data is typically aggregated or pseudonymised. We do not use analytics to read the content of your private entries (such as journal text or financial logs) for advertising purposes.
  • Cookies and similar technologies (marketing website): The Levora marketing website uses cookies. We only use non-essential cookies (such as for analytics) if you provide your consent through our cookie banner. You can change your preferences at any time.

3. How we use your personal data

We use personal data for the following purposes:

  • To provide the Service: To create and manage your account, authenticate you, store your Content, and provide core features.
  • To process payments: To manage subscriptions and one-off purchases, handle receipts, and provide access to paid features.
  • To provide support: To respond to enquiries, send service-related messages (like security notices), and communicate with you.
  • To improve the Service: To understand usage patterns, test features, and improve reliability and user experience.
  • For safety and security: To protect users, secure accounts, and prevent fraud and abuse.
  • To comply with law: To meet legal obligations, enforce our terms, or respond to lawful requests.

4. Lawful bases for processing (UK GDPR)

We process your personal data on the following lawful bases:

  • Contract: When processing is necessary to provide the Service you have requested, such as operating your account and storing your entries.
  • Legitimate Interests: For our legitimate interests in improving and securing the Service, so long as these interests are not overridden by your rights.
  • Consent: Where we ask for your consent for a specific purpose, such as using non-essential cookies or sending optional marketing communications.
  • Legal Obligation: Where we need to process your data to comply with a legal duty.

5. How we share your personal data

We do not sell your personal data.

We may share personal data with trusted service providers who help us operate the Service, including:

  • Google Cloud / Firebase: For hosting, authentication and database services.
  • Stripe: For processing payments and managing subscriptions.
  • Other providers: We may use other providers for tasks like email delivery or error diagnostics. We choose reputable providers and share only the data necessary for the task.

We may also share data where required by law, to protect safety, or to prevent fraud and abuse.

6. International transfers

Our service providers may process personal data in countries outside the UK. Where this happens, we ensure that appropriate safeguards are in place as required by UK data protection law. This typically involves relying on UK adequacy regulations or using legal mechanisms like the UK Addendum to Standard Contractual Clauses to protect your data.

7. Data security and retention

Security: Your data is stored using secure infrastructure provided by Google Cloud and Firebase. We use technical and organisational measures to protect your data, but no online service can be 100% secure. You are responsible for keeping your login details confidential.

Retention: We keep your account information and content for as long as your account is active. If you delete your account, we will delete your data from our active systems within a reasonable period. Copies of data may remain in our secure backup and recovery systems for a limited period (typically up to 98 days) before being automatically deleted as backups expire. We may retain limited information (such as transaction records) where necessary for legal, accounting, dispute resolution, or safety and fraud-prevention purposes.

8. Your rights under UK GDPR

You have rights over your personal data, including the right to:

  • Access a copy of your personal data.
  • Rectify inaccurate or incomplete data.
  • Request erasure of your data in certain circumstances.
  • Restrict how we process your data in certain circumstances.
  • Receive your data in a portable format.
  • Object to processing based on legitimate interests.
  • Withdraw consent at any time where we rely on consent.
  • Lodge a complaint with the UK Information Commissioner’s Office (ICO).

To exercise your rights, please contact us at contact@levoraapp.com. We may need to verify your identity before fulfilling a request.

9. Children’s privacy

Levora is not intended for and may not be used by individuals under the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will take steps to delete it.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will update the "Last Updated" date and, where appropriate, notify you through the app or by email.

11. Contact us

If you have any questions about this Privacy Policy, please contact us at contact@levoraapp.com.