Privacy Policy
Last updated: 2026-02-28
LicenseSeat Privacy Policy
Last Updated: February 28, 2026
This Privacy Policy describes how Latent Software LLC ("Company," "we," "us," or "our") collects, uses, discloses, and protects information in connection with the LicenseSeat platform, including the website at licenseseat.com, all related APIs, SDKs, and services (collectively, the "Service").
This Privacy Policy supplements and incorporates by reference the Latent Software LLC Privacy Policy (the "Parent Policy"). In the event of any conflict, this Privacy Policy controls with respect to LicenseSeat.
By using the Service, you acknowledge that you have read and understood this Privacy Policy.
1. DEFINITIONS
"User" means any individual or entity that creates a LicenseSeat account to use our licensing infrastructure services.
"End User" means any individual who uses software licensed through our platform by a User. End Users interact with User Software, not directly with LicenseSeat.
"User Software" means any software, application, game, plugin, or other product that a User licenses or distributes through our platform.
"Telemetry Data" means technical and usage information collected by our SDKs when integrated into User Software.
2. DATA WE COLLECT
2.1 Information from Users (Account Holders)
When you create a LicenseSeat account, we collect:
| Data Type | Examples |
|---|---|
| Account Information | Email address, name, organization name, password (hashed) |
| Billing Information | Payment method details (processed by third-party payment processors — we do not store full payment credentials) |
| Product Configuration | Product names, license plan settings, API keys |
| Usage Data | Dashboard interactions, API calls, feature usage |
| Communications | Support requests, emails, feedback |
2.2 Information from End Users (Your Customers)
When End Users interact with User Software that integrates our SDKs or APIs, we may collect:
| Data Type | Examples | Purpose |
|---|---|---|
| License Information | License key, activation status, seat usage | License validation |
| Device Identifiers | Hardware ID (HWID), device fingerprint, unique device ID | Hardware-locked licensing, seat management |
| Network Information | IP address at time of activation/validation | Fraud prevention, geographic analytics |
| Email Address | End User email (if provided by User) | License delivery, customer portal access |
2.3 Telemetry Data (SDK Collection)
When Users integrate our SDKs into their software, the SDKs may collect and transmit Telemetry Data, including:
| Category | Data Points |
|---|---|
| Device Information | Device model, device type, hardware architecture, CPU cores, memory (RAM) |
| Operating System | OS name, OS version |
| Application Information | App version, app build number, SDK version |
| Platform | Runtime platform (native, Electron, Unity, browser, Node.js, etc.) |
| Locale | Language, locale, timezone |
| Display | Screen resolution, display scale |
| Network | IP address (used for geolocation, not stored long-term in raw form) |
Telemetry is optional. Users may configure their SDK integration to limit or disable telemetry collection. We provide documentation on telemetry controls.
2.4 Automatically Collected Information
We automatically collect:
| Data Type | Examples |
|---|---|
| Log Data | IP address, browser type, operating system, referral URLs, pages visited, timestamps |
| Cookies | Session cookies, preference cookies, analytics cookies |
| Device Information | Device type, screen resolution, browser version |
2.5 Audit Trail Data
For compliance and security, we maintain audit logs of:
- License creation, activation, deactivation, and revocation events
- Validation requests and responses
- API access and authentication events
- Account and configuration changes
- Download token generation (when applicable)
Audit logs include timestamps, IP addresses, and relevant identifiers.
3. HOW WE USE INFORMATION
3.1 Primary Uses
| Purpose | Legal Basis |
|---|---|
| Provide the Service | Contract performance |
| Process transactions | Contract performance |
| License validation and enforcement | Contract performance, legitimate interest |
| Customer support | Contract performance |
| Analytics and improvement | Legitimate interest |
| Security and fraud prevention | Legitimate interest |
| Legal compliance | Legal obligation |
3.2 Telemetry Data Uses
Telemetry Data is used to:
- Provide Users with analytics about their software usage
- Generate aggregated, anonymized insights
- Detect anomalies and potential fraud
- Improve SDK performance and compatibility
We do not sell Telemetry Data. We do not use Telemetry Data for advertising.
3.3 Geolocation
We derive approximate geographic location from IP addresses for:
- Analytics dashboards (country/region level)
- Fraud detection
- Compliance with geographic licensing restrictions (if configured by User)
We do not collect precise GPS coordinates.
4. HOW WE SHARE INFORMATION
4.1 With Users
We share End User data with the User who issued the license:
- License activation and usage data
- Device information
- Telemetry Data (as configured)
- Audit events related to their licenses
Users are data controllers for their End Users. See Section 7.
4.2 Service Providers
We share data with service providers who assist in operating the Service:
| Provider Type | Examples | Purpose |
|---|---|---|
| Cloud Infrastructure | AWS, Hetzner, Cloudflare | Hosting, storage, CDN |
| Payment Processing | Stripe, Gumroad, LemonSqueezy, Paddle, Shopify, and other payment processors or merchants of record | Billing |
| AWS SES | Transactional emails | |
| Analytics | Internal analytics | Usage analysis |
Service providers are contractually bound to protect data and use it only for specified purposes.
Service Provider Updates: We may add or change service providers from time to time. An updated list of our current service providers is maintained in this Privacy Policy. Material changes to our service providers will be reflected in updates to this Privacy Policy.
4.3 Legal Requirements
We may disclose information:
- To comply with legal process (subpoenas, court orders, warrants)
- To respond to lawful requests from government authorities
- To protect our rights, privacy, safety, or property
- To enforce our Terms of Service
- In connection with a merger, acquisition, or sale of assets
We may disclose information to law enforcement without notice to you where permitted or required by law.
4.4 Aggregated and Anonymized Data
We may share aggregated, anonymized data that cannot reasonably identify any individual. This data is not subject to the restrictions in this Privacy Policy.
5. DATA RETENTION
5.1 Retention Periods
| Data Type | Retention Period |
|---|---|
| Account data | Duration of account plus 2 years |
| License data | Duration of account plus 7 years (for audit/compliance) |
| Audit logs | 7 years |
| Telemetry Data | 26 months (rolling) |
| Billing records | 7 years (legal requirement) |
| Support communications | 2 years |
| IP addresses (raw) | 90 days, then anonymized/aggregated |
5.2 Deletion
Upon account termination:
- We delete or anonymize personal data within 90 days, except as required for legal compliance, dispute resolution, or enforcement of our agreements
- Audit logs and billing records may be retained as required by law
- Aggregated, anonymized data may be retained indefinitely
5.3 End User Data
End User data is retained according to User account status. When a User's account is terminated, associated End User data is deleted according to Section 5.2.
6. DATA SECURITY
6.1 Security Measures
We implement industry-standard security measures, including:
- Encryption in transit (TLS 1.2+)
- Encryption at rest
- Access controls and authentication
- Regular security assessments
- Secure development practices
6.2 No Guarantee
No method of transmission or storage is 100% secure. We cannot guarantee absolute security. You are responsible for maintaining the security of your account credentials and API keys.
6.3 Breach Notification
In the event of a data breach affecting your personal data, we will notify you as required by applicable law.
7. USER RESPONSIBILITIES FOR END USER DATA
7.1 Users as Data Controllers
Users are independent data controllers (or "businesses" under CCPA) for End User data they collect through User Software. We act as a data processor on behalf of Users for End User data.
7.2 User Obligations
Users are solely responsible for:
(a) Providing appropriate privacy notices to End Users regarding data collection through User Software;
(b) Obtaining all necessary consents from End Users as required by applicable law;
(c) Responding to End User data subject requests (access, deletion, correction);
(d) Ensuring User Software complies with all applicable privacy and data protection laws;
(e) Configuring telemetry collection appropriately for their use case and jurisdiction;
(f) Any claims, fines, or liabilities arising from inadequate privacy practices with End Users.
7.3 Data Processing Agreement
For Users who require a Data Processing Agreement (DPA) for GDPR or other regulatory compliance, contact [email protected].
7.4 Our Limited Role
We provide infrastructure. We do not determine the purposes or means of End User data processing — Users do. We process End User data solely according to User instructions (via SDK configuration, API calls, and dashboard settings).
8. INTERNATIONAL DATA TRANSFERS
8.1 Transfer Mechanisms
We are based in the United States. Data may be transferred to, stored in, and processed in the United States and other countries where our service providers operate.
For transfers from the EEA, UK, or Switzerland, we rely on:
- Standard Contractual Clauses (SCCs)
- Service provider certifications and commitments
- Other lawful transfer mechanisms
8.2 Acknowledgment
By using the Service, you acknowledge that your data will be transferred to and processed in the United States and other jurisdictions. These jurisdictions may have different data protection laws than your country of residence. We implement appropriate safeguards as described in Section 8.1.
9. COOKIES AND TRACKING
9.1 Types of Cookies
| Cookie Type | Purpose | Duration |
|---|---|---|
| Essential | Authentication, security, core functionality | Session |
| Functional | Preferences, settings | 1 year |
| Analytics | Usage patterns, performance | 26 months |
9.2 Cookie Choices
Most browsers allow you to control cookies through settings. Disabling cookies may affect Service functionality.
Where required by applicable law, we obtain consent before setting non-essential cookies.
9.3 Do Not Track
We do not currently respond to "Do Not Track" signals.
10. YOUR RIGHTS
10.1 General Rights
Depending on your jurisdiction, you may have rights to:
- Access your personal data
- Correct inaccurate data
- Delete your data (subject to retention requirements)
- Export your data in portable format
- Object to certain processing
- Withdraw consent where processing is based on consent
To exercise these rights, contact [email protected].
10.2 Account Deletion
You may delete your account through dashboard settings or by contacting support. Deletion is subject to our retention requirements in Section 5.
10.3 End User Rights
End Users should contact the User (the software developer) to exercise privacy rights. We process End User data on behalf of Users and will refer End User requests to the appropriate User.
11. CHILDREN'S PRIVACY
The Service is not directed to children under 13 (or 16 in the EEA). We do not knowingly collect data from children. If we learn we have collected data from a child, we will delete it.
12. THIRD-PARTY LINKS AND SERVICES
The Service may contain links to third-party websites or integrate with third-party services. We are not responsible for the privacy practices of third parties. Review their privacy policies separately.
13. CHANGES TO THIS POLICY
We may update this Privacy Policy at any time. Changes are effective upon posting. Material changes may be notified via email or Service notification. Continued use after changes constitutes acceptance.
14. DISCLAIMER AND LIMITATION OF LIABILITY
14.1 No Liability for User Practices
We are not liable for the privacy practices of Users or the data collection practices implemented in User Software. Users are solely responsible for their End Users' privacy.
14.2 Infrastructure Provider
We provide infrastructure services. We do not control how Users configure data collection, what notices Users provide to End Users, or whether Users comply with applicable privacy laws.
14.3 Indemnification
As set forth in our Terms of Service, Users agree to indemnify us for any claims arising from their privacy practices or their End Users' data.
15. CONTACT INFORMATION
Privacy Inquiries: Email: [email protected]
General Inquiries: Email: [email protected]
Mailing Address: Latent Software LLC 30 N Gould St, Ste N Sheridan, WY 82801 United States
Data Protection Inquiries: Email: [email protected]
16. AUTOMATED DECISION-MAKING
16.1 License Validation
Our Service uses automated systems to validate licenses in real-time. These systems automatically determine whether a license is valid, expired, revoked, or has exceeded its seat limit. These automated decisions affect access to User Software but do not produce legal effects on individuals.
16.2 Fraud Detection
We may use automated systems to detect potentially fraudulent activity, such as unusual activation patterns or suspected license abuse. Accounts flagged by automated systems may be subject to review and potential suspension.
16.3 Human Review
Users may contact their software provider (the User who issued the license) regarding license-related decisions. Users may contact us at [email protected] to request human review of any automated decision affecting their account.
17. JURISDICTION-SPECIFIC PROVISIONS
17.1 California Residents (CCPA/CPRA)
If you are a California resident:
- Categories of Personal Information Collected: Identifiers, commercial information, internet activity, geolocation, professional information
- Sources: Directly from you, automatically, from Users (for End User data)
- Business Purposes: As described in Section 3
- Sale/Sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising.
- Rights: Access, deletion, correction, opt-out (no sale to opt out of), limit use of sensitive information
- Non-Discrimination: We do not discriminate against you for exercising privacy rights
To exercise rights, email: [email protected]
17.2 European Economic Area, UK, Switzerland (GDPR)
If you are in the EEA, UK, or Switzerland:
- Legal Bases: Contract performance, legitimate interests, legal obligation, consent (where applicable)
- Data Controller: Latent Software LLC for User data; Users are controllers for End User data
- Rights: Access, rectification, erasure, restriction, portability, objection, withdraw consent, lodge complaint with supervisory authority
- Transfers: See Section 8
- DPA: Available upon request
17.3 Other Jurisdictions
We endeavor to comply with applicable privacy laws in all jurisdictions. If you have jurisdiction-specific questions, contact [email protected].
Last Updated: February 28, 2026