Privacy Policy

Last updated: April 2026

1. Introduction

This Privacy Policy explains how Avsel, an entity operating out of Mexico ("we", "us", or "our"), collects, uses, and safeguards your personal information when you visit our website, avsel.app (the "Website").

2. Data We Collect

We collect minimal personal data through our lead capture forms, which includes:

• Name
• Email address
• Company name
• Country

3. Legal Basis for Processing

We process your personal data based on:

• Consent: When you voluntarily submit your information through our forms.
• Contractual necessity: When you purchase a product and we need to deliver it.
• Legitimate interest: For anonymous website analytics (Cloudflare Web Analytics).

4. How We Use Your Data

The information we collect is used strictly for the following business purposes:

• To deliver purchased digital products, licenses, and software updates.
• To send important service announcements, newsletters, and promotional offers (only with your explicit consent).
• To provide customer support and respond to your inquiries.

5. Analytics and Tracking

We use Cloudflare Web Analytics to understand website traffic. Cloudflare Web Analytics is privacy-first, does not use tracking cookies, and does not collect any personally identifiable information.

6. Third-Party Sharing

We do not sell, rent, or trade your personal data. We only share necessary data with our trusted third parties for business operations:

• Lemon Squeezy: Acts as our Merchant of Record and payment processor. When you make a purchase, some data is handled securely by Lemon Squeezy to process your transaction.

6b. License Validation Data (Pro Module)

When you install and activate Avsel IA Pro, the module periodically contacts our license validation server to verify your license. The following data is transmitted:

• Your license key (provided at purchase).
• An anonymized instance identifier — a SHA-256 hash of your Odoo database name and internal UUID. This cannot be reversed to reveal your database name or any business data.
• No business data, customer names, invoices, or any ERP content is ever transmitted.

This communication occurs over HTTPS. Validation is performed once daily and during automatic license renewal (every 90 days). If your server cannot reach our validation server, a 30-day grace period applies before any functionality changes.

7. Data Retention

Your personal data is retained only for as long as necessary to provide our services. We keep your information until you explicitly request us to delete it.

8. Your Rights

Depending on your location (e.g., under GDPR or LGPD), you have the right to access, rectify, or request the deletion of your personal data.

9. Contact Us

If you have any questions or wish to request data deletion, please contact us at: [email protected].