Terms and Conditions of Use of LUXISOFT

Introduction

Welcome to LUXISOFT. By accessing and using our software projects, portfolios, applications, games, and other content available on this site, you agree to the following Terms and Conditions. If you do not agree with these terms, we recommend that you do not use this website.

1. Intellectual Property

The content available on LUXISOFT, including but not limited to software projects, applications, games, images, videos, texts, and any other material, is protected by copyright and other intellectual property laws under the jurisdiction of Colombia. All rights to such content are the exclusive property of LUXISOFT. Distribution, reproduction, modification, or sale of the content is not allowed without the express written permission of LUXISOFT.

2. License of Use

By accessing and using this site, you are granted a limited, non-exclusive, and non-transferable license to view the content available on the LUXISOFT website, exclusively for personal and non-commercial purposes. Copying, modifying, distributing, or misusing any material on the site is expressly prohibited.

3. Projects, Applications, and Games

Each project, application, or game published on LUXISOFT is governed by its own Terms and Conditions and Privacy Policy, which may vary depending on the characteristics of the product or service. We recommend reading these documents before using or downloading these products.

4. User Authentication with Google Sign-In (Google OAuth 2.0)

LUXISOFT offers Google Sign-In as an authentication method so users can access certain projects, applications, and games published under the LUXISOFT brand (including, among others, LuxiChat, LuxiSoft Pages, MegaPunch, and other LUXISOFT apps). Authentication is implemented through Google OAuth 2.0 using Firebase Authentication, which is a service provided by Google. By choosing the 'Sign in with Google' option, you consent to LUXISOFT receiving from Google the user data described in section 5 of this document, exclusively for the purposes described in section 6.

5. Google User Data We Access (Data Accessed)

When you sign in with your Google Account, LUXISOFT requests only the minimum, non-sensitive scopes required to identify you and create your account inside our applications. The Google scopes requested are: openid, email, and profile. Through these scopes, LUXISOFT and Firebase Authentication access, collect, and store the following Google user data:

  1. Google Account email address — used as your unique identifier inside LUXISOFT applications.
  2. Verified email status — a flag provided by Google indicating whether your email is verified.
  3. Basic profile information: full name (given name and family name) and the public profile name (display name) you have set on your Google Account.
  4. Profile picture URL — the public avatar associated with your Google Account.
  5. Locale and language preference — when provided by Google, used to display the application in your preferred language.
  6. Google Account unique identifier (Google sub / user ID) — a stable opaque identifier provided by Google that we use to recognize returning users.
  7. OAuth/OpenID identity tokens — short-lived tokens issued by Google that we exchange with Firebase Authentication to verify your identity. These tokens are processed in transit and are not retained beyond what Firebase needs to maintain an active session.

LUXISOFT does NOT request, access, or store any restricted or sensitive Google scopes such as Gmail, Google Drive, Google Calendar, Google Contacts, YouTube, or any other Google API beyond basic identity (openid, email, profile).

6. How We Use Google User Data (Data Usage and Purpose)

The Google user data described in section 5 is used solely to operate, secure, and personalize the user-facing functionality of LUXISOFT applications. Specifically, the data is used, processed, and handled as follows:

  1. Account creation and login: your Google email and Google user ID are used to create and authenticate your user account inside our applications, so you can access features that require an authenticated session.
  2. User identification: your name and profile picture are displayed inside the application (for example, in your profile screen, in chat messages, or in user lists) so other authenticated users and you can recognize the account.
  3. Personalization: locale/language information is used to display the user interface in your preferred language when available.
  4. Security and fraud prevention: identity tokens issued by Google are validated through Firebase Authentication to prevent impersonation, abuse, and unauthorized access.
  5. Service operation: account data is stored in Firebase Authentication and Firebase Realtime Database (Google Cloud Platform, project ID 'luxisoft', project number 456853307907) so the application can recognize you on subsequent logins and maintain features such as chat history, settings, or in-app preferences linked to your account.
  6. Customer support: when you contact us through support channels, your Google Account email may be used to identify your account and respond to your request.

LUXISOFT complies with the Google API Services User Data Policy, including the Limited Use requirements. We do NOT sell Google user data, do NOT use it for advertising, do NOT use it to train AI/ML models, and do NOT share it with third parties for purposes unrelated to the operation of LUXISOFT applications. Data is only shared with sub-processors strictly required to operate the service (Google Firebase / Google Cloud) under their corresponding terms. You may revoke LUXISOFT's access to your Google Account at any time from https://myaccount.google.com/permissions, or request deletion of your account data by contacting [email protected].

7. Data Retention and Deletion

LUXISOFT retains Google user data for as long as your account remains active in our applications. You may request deletion of your account and all associated Google user data at any time by sending an email to [email protected] from the same Google Account email registered in our service, or through the in-app account deletion option (when available). Upon receiving a verified request, LUXISOFT will delete the associated personal data from Firebase Authentication and Firebase Realtime Database within thirty (30) days, except for information we are required to retain to comply with legal obligations.

7.1 Data Protection Mechanisms (Security Measures)

LUXISOFT applies technical, administrative, and organizational security measures to protect the confidentiality, integrity, and availability of all personal information and Google user data we receive through Google Sign-In. The specific data protection mechanisms in place are:

  1. Encryption in transit: all communications between users, LUXISOFT applications, and Google/Firebase services are protected with HTTPS/TLS 1.2+, preventing interception of data in transit.
  2. Encryption at rest: Google user data and account information stored in Firebase Authentication and Firebase Realtime Database (Google Cloud Platform) are encrypted at rest by Google using AES-256, as part of Google Cloud's default security infrastructure.
  3. Authentication and identity verification: identity is delegated to Google through Firebase Authentication. OAuth 2.0 / OpenID Connect tokens issued by Google are cryptographically signed and validated server-side to prevent impersonation and unauthorized access.
  4. Access control and least privilege: production systems and Firebase databases are accessible only by authorized LUXISOFT personnel through Google accounts protected with strong passwords and two-factor authentication (2FA). Firebase security rules ensure each authenticated user can only access data linked to their own Google user ID.
  5. Limited OAuth scopes: only the basic, non-sensitive Google scopes (openid, email, profile) are requested. No restricted or sensitive scopes (Gmail, Drive, Calendar, Contacts, YouTube) are requested or stored.
  6. Secure infrastructure: the service runs on Google Cloud Platform (project ID 'luxisoft', project number 456853307907), benefiting from physical security, network isolation, DDoS protection, and SOC 2 / ISO 27001 / ISO 27017 / ISO 27018 certified data centers operated by Google.
  7. Secrets management: API keys, service account credentials, and configuration secrets are stored outside source code in protected environments and are rotated when compromise is suspected.
  8. Monitoring and auditing: authentication events, suspicious activity, and access attempts are monitored through Firebase Authentication logs and Google Cloud audit logs to detect anomalous behavior.
  9. Data minimization: LUXISOFT collects only the Google user data strictly necessary to operate the service and retains it only while the account remains active.
  10. Confidentiality: LUXISOFT staff with operational access to user data are bound by confidentiality obligations and operate under the principle of least privilege.

Despite these measures, no system on the internet can be guaranteed 100% secure. LUXISOFT continuously works to improve its security practices. If you believe the security of your account or your Google user data has been compromised, please contact us immediately at [email protected].

8. Contact Methods and Support

To obtain more information, support, or inquiries about any project, application, or game available on LUXISOFT, you can use the following contact methods:

  1. Email: [email protected]
  2. Social media: Links to social media

Support is subject to availability and the terms set for each product.

9. Limitation of Liability

LUXISOFT will not be responsible for any direct, indirect, incidental, special, or consequential damages resulting from the use or inability to use any content available on the website. This includes, but is not limited to, damages arising from errors in the projects, applications, or games, or any other content on the site.

10. Modifications to the Terms

LUXISOFT reserves the right to modify or update these Terms and Conditions at any time, without prior notice. It is your responsibility to review these terms periodically to stay informed of any changes. Continued use of the site after any modification constitutes acceptance of the new terms.

11. Applicable Law

These Terms and Conditions will be governed by the laws of Colombia, without regard to its conflict of law principles. Any dispute related to the use of this site or its content will be resolved in the competent courts of Colombia.

12. Privacy Policy

This document also serves as the Privacy Policy disclosure for LUXISOFT applications that use Google Sign-In. The disclosures relating to Google user data set forth in sections 4, 5, 6, and 7 above describe the categories of Google user data accessed, how that data is used, processed, handled, retained, and how users can request its deletion, in compliance with the Google API Services User Data Policy. Each individual project, application, or game published on the site may have its own additional Privacy Policy that you should review when accessing those products.

Tell us your idea and we'll reply in 24-48h Schedule a call or write to us on WhatsApp to get started.
WhatsApp
WhatsApp