Privacy Policy
How Global London Festival protects your privacy
How Global London Festival protects your privacy
Global London Festival provides strategic business formation and creative professionals. We only collect the minimum data needed to authenticate users, bill credits via Creem.io, and operate the service.
Last updated: December 3, 2025
Private by default
Your roadmap progress and strategic business data are private to your account and protected via secure authentication.
Data governance
We keep your progress data only as long as needed to provide your roadmap services. You can archive or delete your milestones anytime.
User control
You may request deletion of your profile data or billing records at any time.
Information we process
- Account data: email, encrypted Supabase auth ID, and profile credits count.
- Billing data: Creem.io customer ID, payment history, and charge metadata.
- Operational data: image size, job duration, quality settings, and error codes for debugging.
How we use the data
- Authenticate users and allocate credits.
- Process payments and send invoices through Creem.io.
- Improve layer separation quality and guard against abuse/fraud.
Images & confidentiality
- All requests are encrypted in transit (TLS).
- Images may be temporarily stored to complete processing and provide downloads during the retention period.
- We sign Data Processing Agreements (DPAs) upon request for teams with compliance requirements.
Third parties
We rely on vetted vendors who comply with GDPR/CCPA:
- Supabase – authentication, profile credits, PostgreSQL storage.
- Creem.io – payments, invoicing, and anti-fraud checks.
- Vercel – hosting infrastructure and edge network.
Your rights
You may contact us to:
- Access or correct your profile information.
- Delete your account and all associated data (except invoices required by law).
- Receive a machine-readable export of your account data.
Email afred.zhou.solution@gmail.com for any privacy request. We respond within 7 days.