Privacy Policy - Loop
Logo Logo
Sign Up Sign In

Privacy Policy

Last updated: :date

Pearl Fibers LTD ("PearlFibers," "we," "us," or "our") operates the Loop platform (the "Service"). This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this policy carefully. By accessing or using Loop, you agree to the collection and use of information in accordance with this policy.

1. Information We Collect

1.1 Information You Provide

We collect information you provide directly when you create an account, use the Service, or communicate with us. This includes:

  • Account Information: Name, email address, phone number, password, profile image, and job title.
  • Communication Data: Messages, emails, and files shared through Team Chat and Mail, including message content, timestamps, and recipients.
  • Files and Content: Documents, images, and other files you upload to Drive, as well as metadata such as file names, sizes, and sharing settings.
  • Calendar Data: Events, dates, times, locations, descriptions, and attendee lists you create or participate in.
  • Task Data: Task titles, descriptions, due dates, assignments, attachments, and completion status.
  • Contact Information: Names, email addresses, phone numbers, and other details of contacts you store in the Contacts module.
  • Payment Information: Billing details and payment method information when you subscribe to paid plans, processed securely by our third-party payment provider.

1.2 Information Collected Automatically

When you use the Service, we automatically collect certain information, including:

  • Device Information: Browser type, operating system, device model, and unique device identifiers.
  • Usage Data: Pages visited, features used, actions taken, timestamps, and session duration.
  • Log Data: IP address, referring URLs, access times, and error logs.
  • Presence Information: Online/offline status and last active timestamps when you use real-time features.
  • Cookies and Local Storage: Authentication tokens (JWT), theme preferences, and session identifiers stored in your browser.

1.3 Information from Third Parties

If you connect third-party email accounts (e.g., Gmail, Outlook) through the Mail module, we access email metadata and content in accordance with the permissions you grant via OAuth. We do not store your third-party account passwords.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain all Service features — Drive, Mail, Chat, Calendar, Tasks, and Contacts.
  • Authenticate your identity and manage access through role-based permissions.
  • Deliver real-time notifications, messages, and presence updates via WebSocket connections.
  • Send push notifications, email alerts, and SMS messages you have opted into.
  • Process service orders, invoices, and payment transactions.
  • Monitor and analyze usage patterns to improve performance, security, and user experience.
  • Detect, prevent, and address security incidents, fraud, and technical issues.
  • Enforce our Terms of Service and comply with legal obligations.
  • Respond to your support requests and communicate about the Service.

3. How We Share Your Information

We do not sell your personal information. We may share information in the following limited circumstances:

  • Within Your Organization: Content you share through Chat, Drive, Calendar, and Tasks is visible to the team members and groups you choose. Administrators in your organization may access usage reports and account settings.
  • Service Providers: We engage trusted third-party companies to assist with hosting, email delivery, payment processing, analytics, and customer support. These providers are contractually obligated to protect your data and use it only for the services they perform on our behalf.
  • Legal Requirements: We may disclose your information when required to comply with applicable law, regulation, legal process, or governmental request.
  • Business Transfers: In the event of a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share information for any other purpose with your explicit consent.

4. Data Security

We implement industry-standard security measures to protect your information, including:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS/HTTPS.
  • Authentication Tokens: We use cryptographically signed JSON Web Tokens (JWT) with expiration times and token blacklisting.
  • Two-Factor Authentication (2FA): Optional TOTP-based second factor for account access.
  • Trusted Devices: Device fingerprinting and trusted device management to detect unauthorized access.
  • Password Protection: Passwords are hashed using strong one-way algorithms and are never stored in plain text.
  • CSRF Protection: Cross-Site Request Forgery tokens protect all state-changing operations.
  • Activity Logging: Login attempts, security events, and session activity are logged for audit purposes.

While we strive to protect your data, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incident.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. Specifically:

  • Account Data: Retained until you delete your account.
  • Files in Drive: Retained until you delete them. Deleted files are moved to Trash and permanently removed after 30 days.
  • Messages: Chat messages are retained for the lifetime of the conversation. Deleted messages are removed from view but may be retained in backups for a limited period.
  • Logs: Server and security logs are retained for up to 90 days for troubleshooting and security purposes.

After account deletion, we will remove or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes such as fraud prevention.

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, commonly used, machine-readable format.
  • Restriction: Request that we restrict processing of your data under certain circumstances.
  • Objection: Object to the processing of your data for specific purposes, including direct marketing.
  • Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us using the information in Section 10 below. We will respond to your request within 30 days.

7. Cookies and Tracking Technologies

Loop uses the following cookies and browser storage mechanisms:

Name Type Purpose Duration
jwt_token Essential Authentication — identifies your session Session / 30 days
data-bs-theme Functional Stores your light/dark theme preference Persistent
csrf_token Essential Protects against cross-site request forgery Session

We do not use third-party advertising or behavioral tracking cookies. You can configure your browser to refuse cookies, but doing so may prevent you from signing in to the Service.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer personal data outside the United Kingdom or the European Economic Area, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses approved by the relevant authorities, to protect your data in accordance with this Privacy Policy.

9. Children's Privacy

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child under 16, we will take steps to delete that information promptly. If you believe a child has provided us with personal data, please contact us immediately.

10. Contact Us

If you have any questions about this Privacy Policy, wish to exercise your data rights, or have a privacy concern, please contact us:

Pearl Fibers LTD
Data Protection Enquiries
Email: privacy@pearlfibers.com
Website: https://loop.pearlfibers.com/contact

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we make material changes, we will notify you by posting the updated policy on this page and updating the "Last updated" date at the top. We encourage you to review this page periodically. Your continued use of the Service after any changes constitutes acceptance of the revised policy.

Logo © 2020 - :year PearlFibers. All Rights Reserved.
Home Terms Contact
Logo

Loop brings together Drive, Mail, Chat, Calendar, Tasks, and Contacts — everything your team needs in one place.

Sign Up Sign In

Product

Features Why Loop Sign Up Sign In

Support

Help Center Reset Password Contact Us Privacy Policy Terms of Use
© 2020 - 2026 Copyrights © 2020 - :year PearlFibers. All Rights Reserved. The PearlFibers word mark is a registered trademark of Pearl Fibers LTD in the UK and other countries.

Support Chat

Start a conversation

Fill out the form below to connect with our support team

Please wait...
No messages yet
Agent is typing...
How was your experience?