Sign Up

Privacy Policy

Our privacy policy and how we use your data

Last Updated: November 28, 2025

1. Introduction

Welcome to ila ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

By accessing or using ila, you agree to the terms of this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our service.

2. Information We Collect

2.1 Account Information

When you create an account with ila, we collect the following information:

  • Name: Your full name as provided during registration or obtained from your Google account if you sign in with Google.
  • Email Address: Your email address, used for account identification, communication, and authentication.
  • Profile Picture: If you sign in with Google, we may receive your profile picture from your Google account.
  • Password: If you create an account using email and password, your password is securely hashed and stored.

2.2 Google Sign-In Data

When you choose to sign in using your Google account, we receive the following information from Google:

  • Your Google account email address
  • Your name as set in your Google account
  • Your Google profile picture (if available)
  • A unique identifier from Google to link your account (Google User ID)

We use this information solely to create and manage your ila account. We do not access your Google Drive, Gmail, Calendar, or any other Google services beyond the basic profile information listed above.

2.3 Team and Organization Data

If you create or join a team account, we collect additional information:

  • Team/organization name
  • Team member email addresses and roles
  • Team-related settings and preferences

2.4 Technical and Usage Data

We automatically collect certain technical information when you use our service:

  • IP address
  • Browser type and version
  • Device type and operating system
  • Pages visited and features used
  • Date and time of access
  • Referring website or source

3. How We Use Your Information

We use the information we collect for the following purposes:

  • Account Management: To create, maintain, and secure your account.
  • Service Delivery: To provide, operate, and improve our services.
  • Communication: To send you important updates, security alerts, and support messages.
  • Authentication: To verify your identity and protect against unauthorized access.
  • Team Collaboration: To enable team features and manage team memberships.
  • Legal Compliance: To comply with applicable laws and regulations.
  • Security: To detect, prevent, and address fraud, abuse, and security issues.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your personal data based on the following legal grounds:

  • Contract Performance: Processing necessary to provide you with our services as agreed in our Terms of Service.
  • Legitimate Interests: Processing necessary for our legitimate interests, such as improving our services and ensuring security.
  • Consent: Where you have given explicit consent for specific processing activities.
  • Legal Obligation: Processing necessary to comply with legal requirements.

5. Information Sharing and Third Parties

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

5.1 Service Providers

We use the following third-party service providers:

  • Supabase: We use Supabase as our database and authentication provider. Supabase stores your account information securely and handles authentication processes, including Google Sign-In. Supabase's privacy practices are governed by their Privacy Policy.
  • Google: If you use Google Sign-In, Google provides authentication services. Google's privacy practices are governed by their Privacy Policy.

5.2 Legal Requirements

We may disclose your information if required to do so by law or in response to:

  • Valid legal processes (e.g., subpoenas, court orders)
  • Requests from government authorities
  • Protection of our rights, privacy, safety, or property
  • Emergency situations involving potential threats to safety

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have regarding your information.

6. Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with our services. We will also retain and use your information as necessary to:

  • Comply with our legal obligations
  • Resolve disputes
  • Enforce our agreements
  • Protect against fraudulent or illegal activity

When you delete your account, we will delete or anonymize your personal information within 30 days, unless we are required to retain it for legal purposes.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request correction of inaccurate or incomplete information.
  • Deletion: Request deletion of your personal information and account.
  • Portability: Request a copy of your data in a portable format.
  • Objection: Object to certain processing of your personal information.
  • Restriction: Request restriction of processing in certain circumstances.
  • Withdraw Consent: Withdraw consent where processing is based on consent.

How to Exercise Your Rights

You can exercise most of these rights through your account settings. To delete your account and all associated data, you can do so from your account settings page. For other requests, please contact us at the email address provided below.

We will respond to your request within 30 days. In some cases, we may need to verify your identity before processing your request.

8. Data Security

We implement appropriate technical and organizational security measures to protect your personal information, including:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Secure password hashing
  • Regular security assessments and updates
  • Access controls and authentication mechanisms
  • Row-level security policies in our database

While we strive to protect your personal information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

9. Cookies and Tracking

We use cookies and similar technologies to enhance your experience on our service. For detailed information about the cookies we use and your choices regarding cookies, please see our Cookie Policy.

When you first visit our service, you will be asked to consent to our use of cookies. You can change your cookie preferences at any time through your browser settings.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws.

When we transfer your information internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by regulatory authorities
  • Data processing agreements with our service providers
  • Compliance with applicable data transfer frameworks

11. Children's Privacy

Our service is not intended for children under the age of 16. We do not knowingly collect personal information from children under 16. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately. If we discover that we have collected personal information from a child under 16, we will delete that information promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. When we make material changes, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email or through a prominent notice on our service
  • Obtain your consent if required by applicable law for any new processing activities

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your information.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

ila

Email: hello@ila.one

We will respond to your inquiry within 30 days.

14. Additional Information for Specific Regions

European Economic Area (EEA), UK, and Switzerland

If you are located in the EEA, UK, or Switzerland, you have the right to lodge a complaint with your local data protection authority if you believe we have violated your data protection rights.

California Residents

California residents have additional rights under the California Consumer Privacy Act (CCPA), including:

  • The right to know what personal information we collect, use, and disclose
  • The right to request deletion of personal information
  • The right to opt-out of the sale of personal information (we do not sell your personal information)
  • The right to non-discrimination for exercising your rights

To exercise these rights, please contact us using the information provided above.