Legal

Privacy Policy

Last updated: 22 February 2025

1. Who we are

Lag is a voice communication service operated by Gitglue LTD, a company registered in England and Wales. For the purposes of UK data protection law, Gitglue LTD is the data controller in respect of personal data we collect through the Lag service and related websites (including trylag.com). This privacy policy explains how we collect, use, store, and protect your personal data when you use Lag.

2. Data we collect

We collect only what is necessary to provide and improve the Service:

  • Account and identity: When you sign up (e.g. via email or third-party login such as Google or Discord), we receive identifiers such as email address, display name, and profile information you provide or that the provider shares with us. We may store a username you choose for the Service.
  • Usage and technical data: Connection and session data (e.g. IP address, device/browser type, timestamps) needed to deliver voice, maintain security, and troubleshoot. We may log API requests and errors.
  • Voice and in-app activity: Voice is transmitted in real time to deliver the Service. We do not record, store, or mine the content of your voice conversations for advertising, profiling, or other purposes. Metadata about rooms, servers, and membership (e.g. who is in which room) is processed to operate the Service.
  • Communications: If you contact us (e.g. support or feedback), we keep the content of your message and contact details for as long as needed to respond and resolve issues.

3. How we use your data

We use your data to:

  • Create and manage your account and authenticate you
  • Provide voice communication, servers, rooms, invites, and related features
  • Ensure security, prevent abuse, and comply with legal obligations
  • Operate, improve, and fix the Service (including analytics that do not identify you personally where possible)
  • Communicate with you about the Service (e.g. important changes or security issues)

We do not sell your personal data. We do not use your voice or conversations for advertising, profiling, or any purpose other than delivering the Service.

4. Legal basis (UK GDPR)

Under UK law we process your data on the following bases: (a) Contract — necessary to perform our contract with you (providing the Service); (b) Legitimate interests — where needed for security, fraud prevention, and improving the Service, in a way that does not override your rights; (c) Legal obligation — where we must comply with law; (d) Consent — where we ask for your consent for specific processing (you may withdraw consent at any time).

5. Data retention

We retain your data only for as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Account and usage data are typically retained while your account is active and for a limited period after closure as needed for law and security. You may request erasure of your data subject to applicable exceptions (e.g. legal hold).

6. Your rights (UK)

Under UK data protection law you have the right to:

  • Access — request a copy of the personal data we hold about you
  • Rectification — request correction of inaccurate or incomplete data
  • Erasure — request deletion of your data in certain circumstances
  • Restriction — request that we limit how we use your data in certain cases
  • Data portability — receive your data in a structured, machine-readable format where applicable
  • Object — object to processing based on legitimate interests or for direct marketing
  • Withdraw consent — where we rely on consent, you may withdraw it at any time

To exercise these rights, contact us using the details in section 12. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) in the UK: ico.org.uk/make-a-complaint.

7. Sharing and third parties

We may share data with:

  • Service providers that process data on our behalf (e.g. hosting, authentication, analytics). We use Supabase for authentication and database services; their processing is governed by their privacy policy and our agreements. We choose providers that meet appropriate security and data protection standards.
  • Other users as necessary for the Service (e.g. your display name and presence within servers/rooms you join).
  • Authorities when required by law or to protect our rights, safety, or the safety of others.

We do not sell or rent your personal data to third parties for their marketing or advertising.

8. International transfers

Your data may be processed in the UK and in other countries where our service providers operate. Where we transfer data outside the UK, we ensure appropriate safeguards are in place (e.g. UK adequacy decisions, standard contractual clauses, or other approved mechanisms) as required by UK law.

9. Security

We implement technical and organisational measures to protect your data against unauthorised access, loss, or alteration, in line with the nature of the data and the risks. No system is completely secure; we encourage you to keep your account credentials safe and to report any suspected misuse.

10. Children

The Service is not directed at children under 13. We do not knowingly collect personal data from children under 13. If you believe we have collected data from a child under 13, please contact us and we will take steps to delete it.

11. Changes to this policy

We may update this privacy policy from time to time. We will post the updated policy on this page and change the "Last updated" date. For material changes we will notify you by email or through the Service where appropriate. We encourage you to review this policy periodically.

12. Contact

For privacy-related questions, to exercise your rights, or to contact our data protection contact:

Gitglue LTD
United Kingdom
Website: trylag.com
(Contact email or support channel as published on the website.)

Back to Home Terms and Conditions