At Lokidrop we take the security and privacy of your data seriously.
We use third-party tools to continuously scan for vulnerabilities as part of our development pipeline.
When you subscribe to a paid Lokidrop plan, your payment card data is never transmitted through or stored on our systems. All payment processing is handled exclusively by Stripe, which is certified to PCI DSS Service Provider Level 1. You can read more about Stripe's security practices at stripe.com/docs/security.
We use CookieYes to manage cookie consent on our website, ensuring compliance with GDPR and the ePrivacy Directive. Consent records are stored securely and can be withdrawn at any time.
To deliver our service, Lokidrop works with a small number of trusted third-party sub-processors. Each sub-processor is bound by data processing agreements and handles data only as necessary to provide their specific function.
| Sub-processor | Purpose | Data Location |
|---|---|---|
| Postmark (ActiveCampaign) | Transactional email delivery | United States (EU SCCs in place) |
| CookieYes | Cookie consent management | European Union |
| Cloudflare R2 | Image and asset storage | European Union (EU region) |
| Stripe | Subscription payment processing | European Union / United States (EU SCCs in place) |
Lokidrop provides an embeddable changelog widget that you can add to your own product or website. When you use this widget, please note the following:
What Lokidrop collects: We record aggregate, non-personal usage counts — specifically how many times the widget is loaded, how many times it is opened by a visitor, and how many times the full changelog page on Lokidrop is opened. These are simple counters that help you understand engagement with your changelog.
What Lokidrop does not collect: We do not collect any information about the individual visitors who load or interact with the widget. No IP addresses, device identifiers, cookies, or any other personal data about your visitors are stored by us.
What to add to your Privacy Policy or Security page:
We use the Lokidrop changelog widget to communicate product updates. The widget is provided by Lokidrop (lokidrop.com). Lokidrop records aggregate counts of widget loads and interactions for analytics purposes. No personal data about you as a visitor is collected or stored by Lokidrop through this widget.
If you have discovered a security vulnerability in Lokidrop, please contact us at [email protected]. We review all reports and take a proactive approach to addressing security issues. Please do not publicly disclose the issue until we have had the opportunity to investigate and respond.
If you have questions about security or how we handle your data, reach out at [email protected].