Divo Legacy
DIVO LEGACYBuilt To Last
← Back to home

Privacy Policy

Last updated: April 28, 2026

1. Controller

The data controller is Divolegacy LTD, a trust organised under the laws of the Republic of the Marshall Islands, registered office at Trust Company Complex, Ajeltake Road, Ajeltake Island, Majuro, Marshall Islands MH96960.

2. Personal Data We Process

  • Identity & contact: first and last name, email address, country of residence.
  • Account data: hashed password, role, member status, referral code, upline relationship.
  • Network activity: invitations sent, downline membership, partner integrations, commission events.
  • Support communications: tickets, messages, and attachments you submit.
  • Technical data: IP address, browser/user-agent, timestamps, security event logs.

3. Purposes & Legal Basis

  • Contract (Art. 6(1)(b) GDPR) — operating your member account, the referral network, and the compensation plan.
  • Legal obligation (Art. 6(1)(c)) — tax, accounting, AML, and record-keeping duties.
  • Legitimate interest (Art. 6(1)(f)) — platform security, fraud prevention, and abuse mitigation.
  • Consent (Art. 6(1)(a)) — optional cookies and any marketing communications you opt into.

4. Recipients & Processors

We rely on the following processors. Each is bound by data-processing terms and acts only on our instructions:

  • Lovable Cloud — authentication, database, file storage, serverless functions.
  • Resend — transactional and invitation email delivery.
  • Google Fonts — webfont delivery (loads on every page; receives your IP address by virtue of the HTTP request).

5. International Transfers

Some processors may store or process data outside the European Economic Area. Where this is the case, transfers are protected by appropriate safeguards, including the European Commission’s Standard Contractual Clauses or an equivalent mechanism.

6. Retention

Account and network data are retained for the duration of your membership and for the period required by tax and AML law thereafter (typically up to 8 years). Support tickets are retained for 3 years after closure. Security logs are retained for up to 12 months.

7. Your Rights

Subject to applicable law, you have the right to:

  • access the personal data we hold about you;
  • request rectification of inaccurate data;
  • request erasure of data we no longer need to retain;
  • request restriction of processing;
  • object to processing based on legitimate interest;
  • request portability of data you provided to us;
  • withdraw consent at any time, without affecting prior processing;
  • lodge a complaint with your local supervisory authority.

8. Security

We apply technical and organisational measures appropriate to the risk, including encryption in transit, role-based access control, row-level security on our database, audit logging, and least-privilege administration. No system is perfectly secure; we encourage members to use strong, unique passwords.

9. Cookies

For details about cookies and similar technologies, please see our Cookie Policy.

10. Contact

For privacy enquiries or to exercise your rights, contact us at the channels listed on our main site. We respond to verified requests within thirty (30) days.